This is my understanding of the Lync Phone Edition Device Updates process, and how to troubleshoot it. This whole process could be a lot smoother in my opinion, I find it a right pain!
Devices use Domain Name System (DNS) to determine the address of the server that is running the Device Update Web service, which is hosted by Lync Web Services. For internal communications, the Web Services IP address must be available in DNS, as must the SRV record for SIP. The device uses DNS to find the SIP domain portion, by querying the SRV record. The SIP domain is extracted from the resulting fully qualified domain name (FQDN), and ucupdate S-R2 is prepended. If the device is internal, “:443/requesthandlerInt/ucdevice.upx” is appended. If the device is external, the hardware load balancer should replace the port 443 with port 4443.
While it is not a critical problem if the Device Update Web service cannot be found by using DNS, the device will log on and then use the in-band value to locate the service. If the update itself is something critical to successful logon, this can result in device connectivity failures.
DNS Records for External Devices
URL to Updates
/RequestHandlerExt/Files/UCPhone/ is the IIS web path to the following file share:
By browsing to such a URL you can confirm that the updates are available for download. You will be prompted for authentication which requires a Lync user account.