In the SIP traces from the Edge server after the usual 3 attempts or registration, the client wont login and one of the last message in snooper is:
ms-diagnostics: 1000;reason="Final handshake failed";HRESULT="0xC3E93EE4 (SIP_E_AUTH_NTLMMISMATCH)";source="FE Server"
The fix is to change the local security policy for the Lync servers to allow for no minimum for NTLM SSP session security.
From the local security policies on the Lync servers remove the tick from the "Require 128-bit encryption"
