To ensure you and your users do not lose access to Lync Online, Microsoft has published a blog post to ensure your network is allow a new Certificate Revocation List (CRL). This is required because of the acquisition of VeriSign by Symantec. Failure allow this CRL can result in the inability for your clients to connect to Lync Online.

Here is the information from the Blog Post:

 
 

Location

Protocols

sa.symcb.com

Outgoing TLS and HTTPS

 
 

 
 

 
 

Add this new rule to your firewall or proxy server to avoid Lync sign-in issues and ensure a secure connection to Office 365.   

IMPORTANT: You must add this allowed CRL endpoint to any device that is filtering web traffic: firewalls, load balancers, proxy servers, web security software/appliances, and so on.