From what I know about Microsoft Lync, it uses the SIP protocol. MWG is not a SIP proxy so you will most likley want this traffic to be tunneled (not SSL scanned).
Does it work without SSL scanning on?
It does not work when I turn on the SSL scanner. Lync tries to fire off a https web site then starts the client. I cannot see at what part of the rule set that is causing the failure.
It's most likley the content inspection, when Web Gateway opens up the SSL traffic from the Lync client, it sees that it is some protocol it doesnt recognize, therefore it stops processing it.
If you wanted you could run rule engine trace to look at it further.
Please see link below for a troubleshooting ruleset, you will need to download, extract, and import it using the ruleset library (Policy > Rule Sets > Add > Rule Set from Library... > Import from File).
-Please place this ruleset at the top of your ruleset.
-Add your client IP to the "Rule Engine Tracing List".
-Enable the rule (Enable Rule Engine Tracing for IPs in Rule Engine Tracing List).
-Reproduce the issue.
-Disable the rule (Enable Rule Engine Tracing for IPs in Rule Engine Tracing List).
-You can then find the rule traces under Troubleshooting > Rule Tracing.
Thanks it created the .xml files, Now I have a dumb question, How do I view them and use the information. When I use the view button in the GUI all that gets returned is the code?
- <node string="Request" duration="0" enterTime="1333374463.527" node_type="cycle">- <node string="Common Rules" duration="0" enterTime="1333374463.527" node_type="rulegroup">- <node string="Troubleshooting" duration="0" enterTime="1333374463.527"
I dont expect you to be able to interpret what is in the rule trace. What is the URL that appears at the top of the rule trace?
I will be publishing a primer on looking at rule traces for basic tasks, for this situation, I just want to know the URL (which includes the protocol etc..).
Is that it? If so, you should just bypass that from SSL scanning? Have you tried bypassing that from the SSL scanner?
I was thinking there would be something like:
Did you only have one file?