In the last few few weeks, I have run into two issues where Lync 2010 users were not able to access the Lync Server 2010 environment from remote locations on the Internet.
OK, that isn’t true. I have run into several issues, but most of them have to do with certificate issues and DNS issues where the client either didn’t have the proper certificate in its Trusted Root Certification Authorities list or the client was not resolving the _sipinternaltls._tcp record properly. other than Certificate and DNS issues, I have also been seeing two other major issues that are cropping up on a regular basis.
Antivirus – I have seen this a couple of times where users install a new AV application that includes its own firewall functionality where the AV program blocks certain applications from running. In most cases, an AV program will allow applications to run based on their installation paths or the name of the executable. For example, some AV software is not “Lync aware” and unable to automatically open up access (or treat the application as trusted) based on its executable or path. In these cases, somebody will need to go into the AV app and add the application and path to the trusted application list. BTW, that would be in c:\Program Files (x86)\Microsoft Lync\communicator.exe.
Firewall – This one is really starting to tick me off. 
In these cases, I have seen that administrators have opened up the Windows Firewall by using Group Policy objects on the client computers to allow them to use Lync, but as soon as they are outside of the domain, they have different firewall settings based on their location. All firewall profiles (including the Domain networks, Home or work (private) networks, and Public networks) need to be configured for to allow the Lync program through the Windows Firewall for all profiles.
Yes, there are many other causes when it comes to Lync client failures, but these two seem to be the ones that pop up the most. Well, other than certificate and DNS issues, that is…
