After checking the Lync Servers in my lab I noticed a lot of errors logged for the LS Protocol stack:
Full Error:
At least one attempt to reference stale (non-existent or deleted) security association was detected.
There were 44 messages with signature that referenced stale (non-existent or deleted) security association in the last 2 minutes. The last one was this SIP message:
Trace-Correlation-Id: 3769196292
Instance-Id: 85D801
Direction: no-direction-info
Source: Edge Pool:60539
Message-Type: request
Start-Line: REGISTER sip:domain.com SIP/2.0
From: <sip:[email protected]>;tag=cf2cb29f47;epid=c21162d645
To: <sip:[email protected]>
Call-ID: 95681a4aa9fe45b495c55d476b9f0382
CSeq: 4 REGISTER
Contact: <sip:ExternalIP:51416;transport=tls;ms-opaque=8fcb2db704;ms-received-cid=D9AF00>;methods=”INVITE, MESSAGE, INFO, OPTIONS, BYE, CANCEL, NOTIFY, ACK, REFER, BENOTIFY”;+sip.instance=”<urn:uuid:1C92DC22-B01F-5455-B8DE-A40F4D6E9B71>”
Via: SIP/2.0/TLS IPAddress:60539;branch=z9hG4bK141B394C.197D8EA643772698;branched=FALSE;ms-received-port=60539;ms-received-cid=312C800
Via: SIP/2.0/TLS IPAddress:51416;received=ExternalIP;ms-received-port=51416;ms-received-cid=D9AF00
Record-Route: <sip:edgepool:5061;transport=tls;ms-fe=<ServerName>-;opaque=state:Ee.gdrDCvQtpxGhwL07_0vSrTPQAA;lr>;tag=F3963F209867CB91EB10FB501666D8E9
Max-Forwards: 69
Content-Length: 0
ms-edge-proxy-message-trust: ms-source-type=InternetUser;ms-ep-fqdn=edgepool;ms-source-verified-user=verified
Cause: This could be due to users that utilize large number of devices (in excess of configured maximum), or due to connection refresh logic re-balancing remote users to a different director in a bank or a pool, or it could be due to an attacker.
Resolution:
None needed unless the failure count is high (>100). Check if number of allowed devices per user is too low for existing usage scenarios. Check your network for any rogue clients. Restart the server if problem persists.
Solution:
This error is logged as the above user in the warning is using more than 8 devices to log into the Lync. Default number of devices is 8 for a user.
To check the defaults you can run the following command from the Lync Management Shell, look for the MaxEndpointsPerUser field:
- Get-CsRegistrarConfiguration
To increase the count you can run the next command from the Lync Management Shell:
- Set-CsRegistrarConfiguration -MaxEndpointsPerUser 15
This will increase the count to 15 and the warnings should stop.
Hope it helps.