Lync 2013 Access Edge unreachable using iApp
Recently I deployed the Lync 2010/2013 iApp (v1.3.0rc1) but I am a bit confused why certain features are not working. The current configuration is built up on BIG-IP LTM 11.4 and Lync has worked before using manual rules and virtual servers.
For now, the first problem is that we can't sign into Lync. Using the connectivity analyzer looking up the lyncdiscover information works without any problems. Meet, dialin and the front-end pool can be reached by HTTPS, which basically tells me the reverse proxy settings are all correct.
If I check online (Event Zero Federation Tester) to see if federation is working, it does respond normally on both the IM and Voice test. All test pass successfully. But I am not quite sure how reliable this test is.
However, when I want to login using any Lync client, or by using the connectivity analyzer I receive the error that SSL negotiation was not successful. This is a problem with the '[appname]__edge_external_ip_access' VS I guess. I have double-checked the external IP address on this rule several times and it corresponds with the DNS settings (externally). Also the pool members are correct and all of the health checks are OK. We are using Edge services, so the pool members have their 'external access edge' IP address linked to this pool. It matches the Lync configuration in the topology.
Even though I couldn't find anything about this problem, I tried modifying the VS and linking a SSL Client Profile. In that case it passes the SSL check, but gives a timeout after 60-100 seconds with the error 'Unable to establish a connection. ConnectionFailureException'.
I assumed that there is no need for the SSL Client Profile, since the iApp never asked for this information, but that means I am stuck at the first case, where SSL negotiation fails. When I point the the external access edge server port to 5061 manually in the connectivity analyzer, it does retrieve the certificate from the edge server (without F5 settings), but eventually fails at the same point with a timeout and the 'Unable to establish a connection. ConnectionFailureException'.
Any ideas where to look? I have wasted several days now trying to figure it out, but I can't seem to make it function properly. Maybe I missed something obvious ..