Skip to main content


Troubleshooting Lync Edge, XMPP Gateway, and TLS Negotiation Errors

There is plenty of documentation out there on how to install the XMPP gateway with OCS or Lync (references provided at the bottom of this post). This blog will not focus on the installation of the XMPP Gateway, but rather what to do if you receive TLS errors on the Lync Edge server when communicating to the XMPP gateway.
If TLS issues pop up on the Lync Edge server, odd behavior could be experienced with Gmail such as complete instant messaging failure, one-way instant messages, and/or unknown presence.
If you open the Event Viewer on the Lync Edge server, you may notice connection failures similar to the error below.

A significant number of connection failures have occurred with remote server IP 172.X.X.X. There have been 94 failures in the last 383 minutes. There have been a total of 1750 failures.
The specific failure types and their counts are identified below.
Instance count – Failure Type
1735 0x80072746(WSAECONNRESET)
1 0x8007274C(WSAETIMEDOUT)
This can be due to credential issues, DNS, firewalls or proxies. The specific failure types above should identify the problem.

If you start a logging trace on the Lync Edge server, you may notice a series of failures similar to the errors below.

TL_ERROR(TF_CONNECTION) [1]1190.1478::01/13/2011-15:50:15.384.0006baa0 (SIPStack,SIPAdminLog::TraceConnectionRecord:SIPAdminLog.cpp(160))$$begin_record
LogType: connection
Severity: error
Text: Receive operation on the connection failed
Local-IP: 172.X.X.100:61378
Peer-IP: 172.X.X.110:5061
Peer-FQDN: lyncxmpp.
Connection-ID: 0x1AC102
Transport: M-TLS
Result-Code: 0x80072746 WSAECONNRESET
Data: fqdn=””;peer-type=”FederatedPartner”;winsock-code=”10054″
TL_ERROR(TF_DIAG) [1]1190.1478::01/13/2011-15:50:15.385.0006bad2 (SIPStack,SIPAdminLog::TraceDiagRecord:SIPAdminLog.cpp(143))$$begin_record
LogType: diagnostic
Severity: error
Text: Message was not sent because the connection was closed
SIP-Start-Line: NOTIFY SIP/2.0
SIP-Call-ID: 059f6d06c4e84676ac28bfce083f779b
TL_INFO(TF_DIAG) [1]1190.1478::01/13/2011-15:50:15.385.0006bd42 (SIPStack,SIPAdminLog::TraceDiagRecord:SIPAdminLog.cpp(147))$$begin_record
LogType: diagnostic
Severity: information
Text: Response successfully routed
SIP-Start-Line: SIP/2.0 504 Server time-out
SIP-Call-ID: 059f6d06c4e84676ac28bfce083f779b
Data: destination=””
TL_INFO(TF_PROTOCOL) [1]1190.1478::01/13/2011-15:50:15.385.0006bd87 (SIPStack,SIPAdminLog::TraceProtocolRecord:SIPAdminLog.cpp(125))$$begin_record
Trace-Correlation-Id: 69086622
Instance-Id: 00049CDB
Direction: outgoing;source=”local”;destination=”internal edge”
Message-Type: response
Start-Line: SIP/2.0 504 Server time-out
From: <>;tag=714DBB6A
To: <>;tag=ef5ee6c3d6
Call-ID: 059f6d06c4e84676ac28bfce083f779b
Via: SIP/2.0/TLS;branch=z9hG4bKEC9CA19E.667CA4AB371EBB65;branched=FALSE;ms-received-port=60148;ms-received-cid=1A2A00
ms-diagnostics: 1047;reason=”Failed to complete TLS negotiation with a federated peer server”;WinsockFailureCode=”10054(WSAECONNRESET)”;WinsockFailureDescription=”The peer forced closure of the connection”;Peer=””;Port=”5061″;source=””
Server: RTC/4.0
Content-Length: 0
ms-edge-proxy-message-trust: ms-source-type=EdgeProxyGenerated;;ms-source-verified-user=verified
TL_WARN(TF_DIAG) [1]1190.1478::01/13/2011-15:50:15.385.0006bdd6 (SIPStack,SIPAdminLog::TraceDiagRecord:SIPAdminLog.cpp(145))$$begin_record
LogType: diagnostic
Severity: warning
Text: Routing error occurred; check Result-Code field for more information
SIP-Start-Line: NOTIFY SIP/2.0
SIP-Call-ID: 059f6d06c4e84676ac28bfce083f779b

If similar TLS errors appear on your Edge server, ask yourself “Is my XMPP gateway installed on a Windows 2008 or Windows 2008 R2 server.” If XMPP is installed on Windows 2008 R2, various compatibility patches will need to be applied. The XMPP application is an OCS 2007 R2 server role and all OCS 2007 R2 services need various Microsoft patches in order to function correctly on Windows 2008 R2.
The following is the list of updates that should resolve the TLS errors between the XMPP and Lync Edge server:

Once the TLS errors are resolved, if presence unknown still appears and/or inbound instant messages continue to fail, you may want to reference the following links:

Finally, if you’re not familiar with the XMPP Gateway installation process, I’ve provided a few links below:

Comments Welcomed!

Thoughts on “Troubleshooting Lync Edge, XMPP Gateway, and TLS Negotiation Errors”

  1. we have lync 2013 in our pool and have federation with cisco webex.sometimes presence is shown and sometimes it is unknown.PLZ provide the solution.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Keenan Crockett

Skype for Business Team Lead & Senior Solution Architect at Perficient | Microsoft Certified Master: Lync Server | Focused on deploying Microsoft UC solutions

More from this Author

Follow Us