TLS negotiation failed with a incoming connection from an unknown Trunk.
A Trunk peer may not be configured to send connections to the port Mediation Server is listening to, or the certificate of the Trunk peer is not recognized by the Mediation Server.
Check that the Mediation server and Trunk certificates are configured correctly. Check if the MEDIATIONSERVER_MAJOR_CONFIGURATION_ALARM (Event ID: 25057) has been fired. Check whether the remote endpoint a known peer.
Target | Microsoft.LS.2019.Component.MediationServer | ||
Category | EventCollection | ||
Enabled | True | ||
Event_ID | 25076 | ||
Event Source | LS Mediation Server | ||
Alert Generate | True | ||
Alert Severity | Warning | ||
Alert Priority | Low | ||
Remotable | True | ||
Alert Message |
| ||
Event Log | Lync Server |
ID | Module Type | TypeId | RunAs |
---|---|---|---|
CollectEvent | DataSource | Microsoft.Windows.EventProvider | Default |
WriteAlert | WriteAction | System.Health.GenerateAlert | Default |
WriteToDB | WriteAction | Microsoft.SystemCenter.CollectEvent | Default |
WriteToDW | WriteAction | Microsoft.SystemCenter.DataWarehouse.PublishEventData | Default |
<Rule ID="Microsoft.LS.2019.Monitoring.Rule.InfoEvent.MediationServer.MEDIATIONSERVER_INCOMING_GATEWAY_TLS_NEGOTIATION_FAILED" Enabled="true" Target="SFBDiscovery!Microsoft.LS.2019.Component.MediationServer" ConfirmDelivery="false" Remotable="true" Priority="Normal" DiscardLevel="100">
<Category>EventCollection</Category>
<DataSources>
<DataSource ID="CollectEvent" TypeID="Windows!Microsoft.Windows.EventProvider">
<ComputerName>$Target/Host/Host/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName>
<LogName>Lync Server</LogName>
<Expression>
<And>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery Type="String">PublisherName</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value Type="String">LS Mediation Server</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery Type="UnsignedInteger">EventDisplayNumber</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value Type="UnsignedInteger">25076</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
</And>
</Expression>
</DataSource>
</DataSources>
<WriteActions>
<WriteAction ID="WriteToDB" TypeID="SC!Microsoft.SystemCenter.CollectEvent"/>
<WriteAction ID="WriteAlert" TypeID="Health!System.Health.GenerateAlert">
<Priority>0</Priority>
<Severity>1</Severity>
<AlertMessageId>$MPElement[Name="Alert_TLS_negotiation_failed_with_a_incoming_connection_from_an_unknown_Trunk."]$</AlertMessageId>
<AlertParameters>
<AlertParameter1>$Data/EventDescription$</AlertParameter1>
</AlertParameters>
<Suppression>
<SuppressionValue>$Data/EventDisplayNumber$</SuppressionValue>
<SuppressionValue>$Data/PublisherName$</SuppressionValue>
<SuppressionValue>$Data/LoggingComputer$</SuppressionValue>
</Suppression>
</WriteAction>
<WriteAction ID="WriteToDW" TypeID="SCDW!Microsoft.SystemCenter.DataWarehouse.PublishEventData"/>
</WriteActions>
</Rule>