Table of Contents



Interoperable Vendors

     

© 2021 Ribbon Communications Operating Company, Inc. © 2021 ECI Telecom Ltd. All rights reserved. The compilation (meaning the collection, arrangement and assembly) of all content on this site is protected by U.S. and international copyright laws and treaty provisions and may not be used, copied, reproduced, modified, published, uploaded, posted, transmitted or distributed in any way, without prior written consent of Ribbon Communications Inc.

The trademarks, logos, service marks, trade names, and trade dress (“look and feel”) on this website, including without limitation the RIBBON and RIBBON logo marks, are protected by applicable US and foreign trademark rights and other proprietary rights and are the property of Ribbon Communications Operating Company, Inc. or its affiliates. Any third-party trademarks, logos, service marks, trade names and trade dress may be the property of their respective owners.  Any uses of the trademarks, logos, service marks, trade names, and trade dress without the prior written consent of Ribbon Communications Operating Company, Inc., its affiliates, or the third parties that own the proprietary rights, are expressly prohibited.

Document Overview

This document provides the configuration details for Ribbon's SBC SWe Lite interworking with Twilio Elastic SIP Trunk, Microsoft Teams Direct Routing and Cisco Unified Communication Manager.

About Ribbon SBC SWe Lite

The Ribbon Session Border Controller Software Edition Lite (SBC SWe Lite) provides best-in class communications security. The SBC SWe Lite dramatically simplifies the deployment of robust communications security services for SIP Trunking, Direct Routing, and Cloud UC services. SBC SWe Lite operates natively in the Azure and AWS Cloud as well as on virtual machine platforms including Microsoft Hyper-V, VMware and Linux KVM.

About Twilio Elastic SIP Trunking

Twilio has developed an advanced SIP trunking service that addresses the key challenges that are holding back enterprises from realizing their communications transformation goals. Twilio Elastic SIP Trunking delivers global PSTN connectivity that enables enterprises to increase business agility, reduce costs and deliver uniform global reach.

About Microsoft Teams Direct Routing

Microsoft Phone System Direct Routing allows connection of a supported customer-provided Session Border Controller (SBC) to a Microsoft Phone System. Direct Routing enables using virtually any PSTN trunk with Microsoft Phone System and configuring interoperability between customer-owned telephony equipment, such as a third-party private branch exchange (PBX), analog devices, and Microsoft Phone System.

About Cisco Unified Communication Manager

Cisco Unified Communication Manager is a core call-control application of Cisco UCM. It provides enterprise-class call control, session management, voice, video, messaging, mobility and conferencing services in a way that is efficient, highly secure, scalable and reliable.

Scope

This document provides configuration best practices for deploying Ribbon's SBC SWe Lite with Cisco Unified Communication Manager (CUCM) and Microsoft Teams for Twilio Elastic SIP Trunking interop. Note that these are configuration best practices and each customer may have unique needs and networks. Ribbon recommends that customers work with network design and deployment engineers to establish the network design which best meets their requirements.  

Non-Goals

It is not the goal of this guide to provide detailed configurations that will meet the requirements of every customer. Use this guide as a starting point and build the SBC configurations in consultation with network design and deployment engineers. 

Audience

This is a technical document intended for telecommunications engineers with the purpose of configuring both the Ribbon SBC and the third-party product. Navigating the third-party product as well as the Ribbon SBC SWe Lite GUI is required. Understanding the basic concepts of TLS/TCP/UDP, IP/Routing, and SIP/SRTP is also necessary to complete the configuration and any required troubleshooting.

Prerequisites

The following aspects are required before proceeding with the interop:

Product and Device Details

The configuration uses the following equipment and software:

Requirements

Product

Equipment

Software Version

Ribbon Networks

Ribbon SBC SWe Lite 

9.0.1

Third-party Equipment

Cisco Unified Communication Manager

12.5.1.11900-146

Microsoft CorporationMicrosoft Teams Client1.3.00.30866
TwilioElastic SIP Trunking serviceNA

Administration and Debugging Tools

Wireshark

LX Tool

3.2.7

2.1.0.6

Network Topology and E2E Flow Diagrams 

SBC SWe Lite - Twilio Deployment Topology 

SBC SWe Lite - Twilio Lab Topology 

Note

Two Trunks (US and EMEA) were included for testing purpose. Customers can configure the Trunks as per their requirement.

Signaling and Media Flow

Document Workflow

The sections in this document follow the sequence below. The reader is advised to complete each section for the successful configuration.

Installing SBC SWe Lite on AWS

The SBC SWe Lite is available for deployment in AWS. It is created as a virtual machine (VM) hosted in AWS. To deploy an SBC SWe Lite instance, refer to Deploying an SBC SWe Lite via Amazon Web Services-AWS. Once SWe Lite instance is successfully created on AWS, retrieve the allocated NAT Public IPs, Ethernet IPs and Management IP. Also ensure Twilio IP addresses are whitelisted on AWS access list. For more details, visit the link given in the References section.

SBC SWe Lite Configuration

Accessing SBC SWe Lite

Open any browser and enter the SBC SWe Lite IP address.

Click Enter and log in with a valid User ID and Password.

License and TLS Certificates

View License

This section describes how to view the status of each license along with a copy of the license keys installed on your SBC. The Feature Licenses panel enables you to verify whether a feature is licensed, along with the number of remaining licenses available for a given feature at run-time.

From the Settings tab, navigate to System > Licensing > Current Licenses.

For more details on Licenses, refer to Cloud-Based SBC SWe Lite Deployment Licenses.

Import Trusted Root CA Certificates

A Trusted CA Certificate is a certificate issued by a trusted certificate authority. Trusted CA Certificates are imported to the SBC SWe Lite to establish its authenticity on the network.

From the Settings tab, navigate to Security > SBC Certificates > Trusted CA Certificates.

This section describes the process of importing Trusted Root CA Certificates, using either the File Upload or Copy and Paste methods.

  1. To import a Trusted CA Certificate, click the Import Trusted CA Certificate () Icon.
  2. Select either Copy and Paste or File Upload from the Mode menu.
  3. If you choose File Upload, use the Select File button to find the file.
  4. Click OK.

Follow the above steps to import the Service Provider's (Twilio) Root and Intermediate certificates of their Public CA.

For more details on Certificates, refer to Working with Certificates.

Note

When the Verify Status field in the Certificate panel indicates Expired or Expiring Soon, replace the Trusted CA Certificate. You must delete the old certificate before importing a new certificate successfully.

Warning

Most Certificate Vendors sign the SBC Edge certificate with an intermediate certificate authority. There is at least one, but there could be several intermediate CAs in the certificate chain. When importing the Trusted Root CA Certificates, import the root CA certificate and all Intermediate CA certificates. Failure to import all certificates in the chain causes the import of the SBC Edge certificate to fail. Please refer to Unable To Get Local Issuer Certificate for more information.

View Networking Interfaces

The SBC SWe Lite supports five system created logical interfaces (known as Administrative IPEthernet 1 IPEthernet 2 IPEthernet 3 IP, and Ethernet 4 IP). In addition to the system created logical interfaces, the Ribbon SBC SWe supports user-created VLAN logical sub-interfaces.

Administrative IP, Ethernet 1 IP and Ethernet 2 IP are used for this interop.

From the Settings tab, navigate to Networking Interfaces > Logical Interfaces.

Administrative IP

The SBC SWe Lite system supports a logical interface called the Admin IP (Administrative IP, also known as the Management IP). A Static IP or DHCP is used for running Initial Setup of the SBC SWe Lite system.

Ethernet 1 IP

Ethernet 1 IP is assigned an IP address used for transporting all the VOIP media packets (for example, RTP, SRTP) and all protocol packets (for example, SIP, RTCP, TLS). DNS servers of the customer's network should map the SBC SWe Lite system hostname to this IP address. In the default software, Ethernet 1 IP is enabled and an IPv4 address is acquired via a connected DHCP server. This IP address is used for performing Initial Setup on the SBC SWe Lite.

Ethernet 2 IP

After initial configuration, you may configure this logical interface using the Settings or Tasks tabs in the WebUI, or you can use the IP address configured during Initial Setup.

Configure Static Routes

Static routes are used to create communication to remote networks. In a production environment, static routes are mainly configured for routing from a specific network to another network that you can only access through one point or one interface (single path access or default route).

Derive the Private IP address and Gateway for each interface on AWS.

Destination IP
Specifies the destination IP address.

Mask
Specifies the network mask of the destination host or subnet. If the 'Destination IP Address' field and 'Mask' field are both 0.0.0.0, the static route is called the 'default static route'.

Gateway
Specifies the IP address of the next-hop router to use for this static route.

Metric
Specifies the cost of this route and therefore indirectly specifies the preference of the route. Lower values indicate more preferred routes. The typical value is 1 for most static routes, indicating that static routes are preferred to dynamic routes.

Easy Configuration Wizard

Access the Easy Configuration Wizard

  1. In the WebUI, click the Tasks tab.
  2. In the left navigation pane, navigate to SBC Easy Setup > Easy Config Wizard. The Easy Configuration screen opens.

The SBC Edge WebUI provides a built-in Easy Configuration wizard that lets you quickly and easily deploy the SBC for operation with provider endpoints (SIP trunk, ISDN PSTN trunk, or IP PBX trunk) and user endpoints (Microsoft Teams, Microsoft On Premises - Skype for Business/Lync, IP Phones, or ISDN PBX or IP PBX).

Navigating the Wizard

As the wizard runs, it directs you through three configuration steps:

Step 1: Set the following parameters to describe the topology for the telephony service provider and user ends of the scenario.

  • Application: Click the drop-down arrow, then select the Service Provider and user endpoint types that the SBC is to connect to.
  • Scenario Description: Type up to 32 characters to describe the connectivity scenario.
  • Telephone Country: Click the drop-down arrow, then select the country in which the telephone services operate.
  • Emergency Services: Choose ELIN IdentifierE911/E112, or None as the emergency services type.
  • SIP Sessions: Type a number from 1-1200 to indicate the SIP sessions to allocate for the scenario.

Step 2: Configure the items required for the endpoints selected, fields display based on the endpoint selection in Step 1.

Step 3: The Easy Config validates the final parameters and displays a read-only summary of the configuration that the wizard will apply when you click Finish at Step 3. Before you click Finish, you can return to previous steps to make adjustments to the data summarized.

The wizard displays the following buttons for navigation:

  • Previous: Moves back to the previous step.
  • Next: Advances to the next step when the current step is validated and complete.
  • Finish: Submits the data to the SBC.
  • Cancel: Cancels the Easy Configuration data entered and redirects to the main WebUI.

Configure SBC SWe Lite using Easy Configuration Wizard

During this interop:

  • Multi-legged approach was used to configure Twilio US SIP Trunk and Microsoft Teams (Application: SIP Trunk ↔ Microsoft Teams)
  • Single-legged approach was used to configure Twilio EMEA SIP Trunk (Application: SIP Trunk) 
  • Single-legged approach was used to configure CUCM (Application: IP PBX)


Tip

Customers can also choose any standard approach to configure SBC SWe Lite using Easy Config Wizard. The following are a few possible ways:

  • Use the Multi-legged approach to configure Twilio EMEA SIP Trunk and Microsoft Teams (Application: SIP Trunk ↔ Microsoft Teams)
    • Then, use the Single-legged approach to configure Twilio US SIP Trunk (Application: SIP Trunk) and CUCM (Application: IP PBX)
  • Use the Multi-legged approach to configure Twilio US SIP Trunk and CUCM (Application: SIP Trunk ↔ IP PBX)
    • Then, use the Single-legged approach to configure Twilio EMEA SIP Trunk (Application: SIP Trunk) and MS Teams (Application: Microsoft Teams)
  • Use the Multi-legged approach to configure Twilio EMEA SIP Trunk and CUCM (Application: SIP Trunk ↔ IP PBX)
    • Then, use the Single-legged approach to configure Twilio US SIP Trunk (Application: SIP Trunk) and MS Teams (Application: Microsoft Teams)

Configure SBC SWe Lite for Twilio US Trunk and for Microsoft Teams

Step 1: Configure US Trunk for Twilio along with Microsoft Teams using Multi-legged approach by following the steps below:

  1. Choose SIP Trunk ↔ Microsoft Teams from the Application dropdown. 
  2. Provide the Description.
  3. Select United States in the Telephone Country field.
  4. Type a number from 1-1200 against SIP Sessions field.
  5. Select SIP Trunk Name as Other SIP Trunk for Twilio (US Trunk) and Microsoft Teams Connection as Teams Direct Routing.
  6. Click Next.

Step 2: After selecting the scenario in Step 1, the following template displays. Complete this step by performing the below actions:

  1. Provide the FQDNs for Primary and Secondary Border Element servers. The traffic is sent to these FQDNs from SBC SWe Lite.
  2. Use UDP with port number 5060 for Twilio SIP trunk configuration.
  3. For MS Teams configuration, select the External interface (in this case Ethernet 2). After selecting Signaling/Media source IP, an IP address appears in the NAT public IP field. Check if the IP is correct and proceed by clicking Next

Step 3: This step displays a read-only summary of the configuration.

  1. Check if the information entered in the previous steps is correct. If the entered information is wrong, return to the previous step by clicking Previous and modify the required field.
  2. Click Finish to complete the configuration.

  • A pop up window appears once all the 3 steps are completed. Click OK to continue.
  • Wait for the configuration to complete and click OK on the next window. This will complete the configuration of Twilio US Trunk and Microsoft Teams.

Configure SBC SWe Lite for Twilio EMEA Trunk

Step 1: Use Single-legged approach for Twilio EMEA Trunk configuration.

  1. Select SIP Trunk from the Application dropdown. 
  2. Provide the Scenario Description.
  3. Select United Kingdom in the Telephone Country field.
  4. Type a number from 1-1200 against SIP Sessions field.
  5. Select Other SIP Trunk for Twilio (EMEA Trunk) as SIP Trunk Name.
  6. Click Next.

Step 2: Complete the step by performing the below actions:

  1. Set the FQDNs for Primary and Secondary Border Element Servers.
  2. Select UDP protocol with port number 5060.
  3. Click Next.

Step 3: Re-check the configuration on the summary page and complete the configuration by clicking Finish.

  • A pop up window appears once all the 3 steps are completed. Click OK to continue.
  • Wait for the configuration to complete and click OK on the next window. This will complete the configuration of Twilio EMEA Trunk.

Configure SBC SWe Lite for CUCM

Step 1: Use the Single-legged approach to configure IP PBX.

  1. Click the drop-down arrow on the Application and select IP PBX.
  2. Provide the desired description.
  3. Select Telephone Country as India.
  4. Choose from 1 to 1200 to allocate the SIP Sessions.
  5. Select Cisco CUCM as IP PBX Type.
  6. Click Next.

Step 2: Follow the steps below.

  1. Provide the CUCM IP Address.
  2. Select UDP as the protocol with port 5060.
  3. Click Next.

Step 3: Check the configured parameters in the summary page and click Finish to complete the configuration.

  • A pop up window appears once all the 3 steps are completed. Click OK to continue.
  • Wait for the configuration to complete and click OK on the next window. This will complete the configuration of CUCM leg on SBC SWe Lite.

Modify SBC SWe Lite Configuration 

The Easy Configuration Wizard does not currently set all Twilio applicable variables to the correct settings. This will be addressed in the subsequent SBC SWe Lite releases. Until then, please follow the procedures below.

Assign NAT Public IP

Change the settings on all the SGs as follows:

  • Play Ringback - Auto on 180/183 - Ringback is determined when processing 180 or 183.
  • Early 183 - Enable - Specifies whether to send a SIP 183 response immediately after receiving an Invite message.

Assign the interfaces for Signaling/Media Private IP to all the Signaling Groups accordingly. In this case,

  • Ethernet 1 IP for TEAMS-TWILIO_US: Border Element and TEAMS-TWILIO_EMEA: Border Element Signaling Groups.
  • Ethernet 2 IP for TEAMS-TWILIO_US: Teams Direct Routing and CUCM: Cisco CUCM Signaling Groups.

Enable Static NAT and map the respective IP addresses.

Enable OPTIONS

An OPTIONS message is sent to the server. When this option is selected, additional configuration items are displayed:

Keep Alive Frequency
Specifies how often, in seconds, the SBC Edge queries the server with an OPTIONS message to determine the server's availability. Visible only when SIP Options is selected from the Monitor field. If the server does not respond, the SBC Edge marks the Signaling Group as down. When the server begins to respond to the OPTIONS messages again, it is marked as up. In this case, Keep Alive Frequency is set to 30 seconds.

Recover Frequency
Specifies frequency in seconds to check server to determine whether it has become available. Recovery Frequency is set to 5 seconds for this interop.

Local Username
Local user name of the SBC Edge system. Default entry: Anonymous. Visible only when SIP Options is selected from the Monitor field.

Peer Username
User name of the SIP Server. Visible only when SIP Options is selected from the Monitor field. The user can change Local and Peer Usernames according to their wishes. 

Note

Repeat the above steps to enable OPTIONS on all the SIP Server Tables (TEAMS-TWILIO_US: Teams Direct Routing Server, TEAMS-TWILIO_US: Border Element, TEAMS-TWILIO_EMEA: Border Element and CUCM: Cisco CUCM).

Modify SIP Profiles

Enable Session Timers

From the Settings tab, navigate to SIP > SIP Profiles, Enable Session Timers and set the Timer as Required on all the SIP Profiles.

Change the parameters on TEAMS-TWILIO_US: BE Profile and TEAMS-TWILIO_EMEA: BE Profile SIP Profiles as follows:

  • Send Assert Header - NeverWhen disabled, privacy information in the outbound INVITE is sent depending on the configuration of the Trusted Interface and the Privacy Pass-through Header.
  • Trusted Interface - Disable.

Enable Dead Call Detection

Specifies whether or not to use RTCP-based Dead Call Detection (DCD).

Dead Call Detection is accomplished by monitoring incoming RTCP packets. If this feature is enabled and no RTCP packets are received from the peer for 30 seconds, the call is considered "dead" and is disconnected. Disable DCD for any peer that does not send RTCP packets.

From the Settings tab, navigate to Media > Media List. Click the expand () Icon next to the entry you wish to enable the feature.

  • Enable DCD from the options provided in the drop-down.

SBC SWe Lite Configuration for Twilio TLS/SRTP Trunk (Recommended)

This section describes the steps to configure SBC SWe Lite with TLS/SRTP towards Twilio SIP Trunk. Ribbon strongly recommends encrypting the connection between Twilio SIP Trunk and SBC SWe Lite.

Create SRTP Profile

SDES-SRTP Profiles define a cryptographic context which is used in SRTP negotiation. SDES-SRTP Profiles required for enabling encryption and SRTP are applied to Media Lists. SDES-SRTP Profiles was previously named Media Crypto Profiles.

From the Settings tab, navigate to Media > SDES-SRTP Profiles. Click the  icon to create a new SRTP profile.

Follow the steps below to complete the configuration:

  1. Provide the desired description for the profile.
  2. Set Operation Option as "Required". This setting permits call connections only if you can use encryption for the call. If the peer device does not support SRTP (Secure Real Time Protocol) for voice encryption over the IP network, the call setup will fail.
  3. Attach the Crypto suite "AES_CM_128_HMAC_SHAI_80" - A crypto suite algorithm which uses the 128 bit AES-CM encryption key and a 80 bit HMAC_SHA1 message authentication tag length.
  4. Key Identifier Length set to "0" - Set this value to 0 to disable the MKI in SDP.
  5. Click OK.

Attach SRTP Profile to the Media List

From the Settings tab, navigate to Media > Media List, Click the expand () icon next to the entry.

  1. Attach the SDES-SRTP profile (Specifies the profile for authentication/encryption protocols applied with this Media List) created in the previous step.
  2. Click Apply.

Update Signaling Group

Signaling Groups allow grouping telephony channels together for the purposes of routing and shared configuration. They are the entity to which calls are routed, as well as the location from which Call Routes are selected.

From the Settings tab, navigate to Signaling Groups. Click the expand () icon next to the entry.

  1. Update the Federated IP/FQDN(Only if the FQDNs for TLS are different)..
  2. Click the  icon to add Listen Ports for TLS. 
  3. Use TLS as the Protocol and update the Port Number provided by the Service Provider (Port Number 5061 was used during this interop).
  4. Click Apply.

Update SIP Server Table

SIP Server Tables contain information about the SIP devices connected to the SBC Edge. The entries in the tables provide information about the IP Addresses, ports, and protocols used to communicate with each server. The Table Entries also contain links to counters that are useful for troubleshooting.

From the Settings tab, navigate to SIP > SIP Server Tables > TEAMS-TWILIO_US: Border Element. Click the expand () icon next to the entry.

  1. Modify the Host FQDN (Only if the FQDNs for TLS are different). 
  2. Select TLS protocol with Port Number 5061.
Note

For this interop, the Host FQDNs were modified as a different set of FQDNs were provided for TLS. Customers can retain the FQDNs provided during the configuration of SBC SWe Lite through Easy Config Wizard in the case of no change in FQDNs.

  • Modify the Secondary Border Element Server by following the same procedure.

Note

Procedure and snapshots for TLS configuration are provided only for Twilio US Trunk. Follow the same procedure to modify Twilio EMEA Trunk.

Configure Transformation Tables

Transformation Tables facilitate the conversion of names, numbers and other fields when routing a call. They can, for example, convert a public PSTN number into a private extension number, or into a SIP address (URI). Every entry in a Call Routing Table requires a Transformation Table, and they are selected from there. In addition, Transformation tables are configurable as a reusable pool that Action sets can reference.

From the Settings tab, navigate to Transformation.

To Modify a Transformation Table

The Transformation Tables are created for MS Teams and Twilio US Trunk (TEAMS-TWILIO_US: From Microsoft Teams Direct Routing: Passthrough and TEAMS-TWILIO_US: From SIP Trunk: Passthrough respectively) through Easy Config Wizard. These are modified to allow specific patterns to reach the destination Signaling Group. 

  1. Click the expand () icon next to the entry you wish to modify.
  2. Modify the table's Description as desired.
  3. Modify the Values from Input field and Output field as required.
  4. Set the Match Type as Optional (Match one).
  5. Click OK.

To Create a Transformation Table

Each Transformation Table contains a list of entries considered as routing rules to execute on. Each rule is executed in order until the end of the table is reached or when a Mandatory entry fails to execute.

The Single-legged wizard that was used to configure Twilio EMEA Trunk and CUCM does not create any Transformation Tables. Follow the procedure described below to configure Transformation Tables and the Entries.

  1. Click the Create ( ) icon.

  2. Enter a descriptive name in the Description text field.
  3. Click OK.

Follow the same procedure to create Transformation Tables for CUCM.

Creating an Entry to a Message Transformation Table

For this interop, the entries are created based on the numbers associated with each endpoint. Users are free to select their own variables or Regular expressions.

  1. Click the Create() icon next to the table created in the previous step.
  2. Provide the below details:

    Admin State:
    Enabled - The default state is Enabled.

    Match Type:
    Optional: Optional entries must match at least one of that Input Field type.
    When a call arrives at a Transformation Table, the incoming message contains a number of Informational Elements (IEs). These IEs include important call information such as: Called Address/Number, Called Extension, Calling Name, Redirecting Number and others.
    Each Informational Element is processed row by row in the Transformation Table.

    Value (Input/Output): 
    Specifies the value to match against for the selected type. Depending on the type selected, values are free-form or selected from a menu.

  3. Click Apply.

Note

For details on Transformation Table Entry configuration, refer to Creating and Modifying Entries to Transformation Tables. For call digit matching and manipulation through the use of regular expressions, refer to Creating Call Routing Logic with Regular Expressions.

Configure Call Routing Tables

Call Routing allows carrying of calls between Signaling Groups. Routes are defined by Call Routing Tables, which allow for flexible configuration of which calls are carried, and how they are translated. 

From the Settings tab, navigate to Call Routing > Call Routing Table. 

The Call Routing Tables are created to route the calls between TEAMS-TWILIO_US: Teams Direct Routing SG and TEAMS-TWILIO_US: Border Element SG through Easy Config Wizard. The user is allowed to modify these tables as per the requirement.

Modifying an Entry to a Call Routing Table

  1. Click the expand () icon next to the entry you wish to modify.
  2. Edit the entry properties as required.

Creating an Entry to a Call Routing Table

Call Routing Tables are one of the central connection points of the system, linking Transformation Tables, Message Translations, Cause Code Reroute Tables, Media Lists and the three types of Signaling Groups(ISDN, SIP and CAS).

In the SBC Edge, call routing occurs between Signaling Groups.

In order to route any call to or from a call system connected to SBC, you must first configure a Signaling Group to represent that device or system. The following list illustrates the hierarchical relationships of the various Telephony routing components of a SBC call system:

  • Signaling Group → describes the source call and points to a routing definition known as a Call Route Table
  • Call Route Table → contains one or more Call Route Entries
  • Call Route Entries → points to the destination Signaling Group(s)

Each call routing entry describes how to route the call and also points to a Transformation Table which defines the conversion of names, numbers and other fields when routing a call.

To create an entry:

  1. Click the Create Routing Entry ( ) icon.

  2. Set the following fields:

    Admin State: 
    Enabled - Enables the call route entry for routing the call, displays in configuration header as .

    Route Priority: 
    Priority of the route from 1 (highest) to 10 (lowest). Higher priority routes are matched against before lower priority routes regardless of the order of the routes in the table.

    Number/Name Transformation Table:
    Specifies the Transformation Table to use for this routing entry. This drop down list is populated from the entries in the Transformation Table. 

    Destination Signaling Groups:
    Specifies the Signaling Groups used as the destination of calls. The first operational Signaling Group from the list is chosen to place the call. Click the Add/Edit button to select the destination signaling group.

    Audio Stream Mode:
    DSP (default entry): The SBC uses DSP resources for media handling (transcoding) but it does not facilitate the capabilities/features between endpoints that are not supported within the SBC (codec/capability mismatch). When DSP is configured, the Signaling Groups enabled to support DSP are attempted in order.

    Media Transcoding:
    Enabled: Enable Transcoding on SIP-to-SIP calls.

  3. Click Apply.

Creating Multiple Entries to a Call Routing Table

SBC SWe Lite allows the user to create multiple entries to a Call Routing table. As there are four SIP Signaling Groups in this deployment, it is required to create multiple route entries to allow the call to reach a specific destination SIP Signaling Group.

During this interop the Call Routing entries were created to route the calls:

  • From TEAMS-TWILIO_US: Border Element SIP Signaling Group to TEAMS-TWILIO_US: Teams Direct Routing SIP Signaling Group and CUCM: Cisco CUCM SIP Signaling Group
  • From TEAMS-TWILIO_EMEA: Border Element SIP Signaling Group to TEAMS-TWILIO_US: Teams Direct Routing and CUCM: Cisco CUCM SIP Signaling Group
  • From TEAMS-TWILIO_US: Teams Direct Routing SIP Signaling Group to TEAMS-TWILIO_US: Border Element SIP Signaling Group, CUCM: Cisco CUCM SIP Signaling Group and TEAMS-TWILIO_EMEA: Border Element SIP Signaling Group
  • From CUCM: Cisco CUCM SIP Signaling Group to TEAMS-TWILIO_US: Border Element SIP Signaling Group, TEAMS-TWILIO_US: Teams Direct Routing SIP Signaling Group and TEAMS-TWILIO_EMEA: Border Element SIP Signaling Group

Ensure that the Transformation Tables are correctly mapped to each Call Routing Table entry.

To create multiple entries:

  1. Click on the Routing Table on which multiple routing entries are required.
  2. Follow the procedure described in the "Creating an Entry to a Call Routing Table" section.

The following Call Routing entries were created for the interop:

From TEAMS-TWILIO_US: Border Element SIP Signaling Group, the calls are routed to TEAMS-TWILIO_US: Teams Direct Routing SIP Signaling Group or CUCM: Cisco CUCM SIP Signaling Group based on the Transformation table attached.

When the incoming call hits TEAMS-TWILIO_US: Teams Direct Routing SIP Signaling Group, the call is routed to TEAMS-TWILIO_US: Border Element SIP Signaling Group, CUCM: Cisco CUCM SIP Signaling Group or TEAMS-TWILIO_EMEA: Border Element SIP Signaling Group based on the Transformation Table associated.

When the source is TEAMS-TWILIO_EMEA: Border Element SIP Signaling Group, the destination is either TEAMS-TWILIO_US: Teams Direct Routing or CUCM: Cisco CUCM SIP Signaling Group depending on the Transformation Table selected for the call.

When the call is originated from CUCM: Cisco CUCM SIP Signaling Group, the Call Routing Table shown below allows the call to reach TEAMS-TWILIO_US: Border Element SIP Signaling Group, TEAMS-TWILIO_US: Teams Direct Routing SIP Signaling Group or TEAMS-TWILIO_EMEA: Border Element SIP Signaling Group based on the Transformation Table associated with the route.

The same has been depicted in the diagram below:

Warning

In case of SIP URI calling, change the FQDN from sip.pstnhub.microsoft.com/sip2.pstnhub.microsoft.com/sip3.pstnhub.microsoft.com to interopdomain.com using the SMM and attach it to the Outbound Message Manipulation Table on TEAMS-TWILIO_US: Teams Direct Routing Signaling Group.

Message Manipulation 

All the calls initiated from Teams endpoint will have "PRIVACY: id" header. As Trusted interface is disabled on Twilio (US and EMEA) SIP profiles, SWe Lite sends out all the calls as Anonymous. In order to avoid this, we have used an SMM on the Inbound Message Manipulation list of TEAMS-TWILIO_US: Teams Direct Routing SIP SG. 

The SMM performs the following actions:

  • Removes “PRIVACY: id” header when the incoming INVITE has calling party number in the From header which allows SBC SWe Lite to send the INVITE to Twilio with actual number.
  • Does not perform any action when "Anonymous" is in the From header.

The Message Manipulation feature comprises two primary components that work in concert to modify SIP messages. Those component are Condition Rules and Rule Tables.

Creating a Condition Rule Table

Condition rules are simple rules that apply to a specific component of a message (e.g., diversion.uri.host, from.uri.host, etc.) the value of the field specified in the Match Type list box can match against a; literal value, token, or REGEX.

From the Settings tab, navigate to SIP > Message Manipulation > Condition Rule Table. Click the Create ( ) icon at the top of the Condition Rule Table page.

  • Provide a suitable description for the rule.
  • From the Match type drop-down, select "from" as we are checking if the From header has Anonymous or calling party number.
    Match type specifies the first operand for the logical condition expressed by this rule. The operand must be a parameter tree token identifier.

  • Use Regex Operation.
    Operation specifies the match type for this condition.

  • Write a Regular Expression to match everything but Anonymous.
  • Click OK.

Creating a SIP Message Rule Table

From the Settings tab, navigate to SIP > Message Manipulation > Message Rule Table. Click the Create Message Rule Table() icon.

  • Provide a description for the Rule Table.
  • Apply the SMM only for the Selected messages and choose Invite from the Message Selection list.
  • Click OK.

  • Click the expand () icon next to the Rule Table entry created.
  • From the Create Rule drop down box, select Header Rule.

  • Provide the desired description.
  • Click the Add/Edit button to launch the Condition Expression Builder.
  • Select Match All Conditions.
  • Select the Condition Rule created in the previous step and click Apply.

  • Header Action: Remove (if the header is present, it is dropped from the message).
  • Header Name: Specifies the type of header referenced by this rule. In this case, Privacy header.
  • Click Apply.

Attaching the Message Table to SIP SG

From the Settings tab, navigate to Signaling Groups > TEAMS-TWILIO_US: Teams Direct Routing.

  • Enable Message Manipulation.
  • Click Add/Edit on Inbound Message Manipulation (The rules in this table are used to manipulate inbound SIP messages in the Signaling Group).

  • This displays a drop-down list of available message tables. Select an entry and click Apply.

Twilio Elastic SIP Trunk Configuration

From your Twilio Console, navigate to the Elastic SIP Trunking area (or click on the  icon on the left vertical navigation bar).

Create an IP-ACL rule

Click on Authentication in the left navigation, and  then click on IP Access Control Lists

Create a new IP-ACL, for example call it "Ribbon" and add your SBCs IP addresses (Kindly refer to the section Installing SBC SWe Lite on AWS)

Create a new Trunk

For each geographical region desired (eg. North America, Europe), create a new Elastic SIP Trunk.

To do this: From your Twilio Console, navigate to the Elastic SIP Trunking area, then click on “Trunks” on the left vertical navigation bar, and create a new Trunk.

Under the General Settings you can enable different features as desired.

Note: Here is where you can enable the use of TLS & SRTP on your Trunk, learn more here.

In the Termination section, select a Termination SIP URI. 

Click on "Show localized URI's" and copy and paste this information as you will use this on your SBC to configure your Trunk.

Assign the IP ACL ("Ribbon") that you created in the previous step.

In the Origination section, we'll need to add Origination URI's to route traffic towards your Ribbon SBC. The recommended practice is to configure  redundant mesh per geographic region (in this context a region is one of North America, Europe, etc). In this case, we configure two Origination URIs, each egressing from a different Twilio Edge. 

Click on ‘Add New Origination URI’, we'll depict the configuration for North America:

Note: If you enabled “Secure Trunking”, then you need to include the “transport=tls” parameter in your Origination URIs, learn more here.


Continue to add the other Origination URIs, so you have the following configuration:

In this example, Origination traffic is first routed via Twilio’s Ashburn edge, if that fails then we'll route from Twilio’s Umatilla edge.

Associate your Twilio Phone Numbers on your Trunk

In the Numbers section of your Trunk, add the Phone Numbers that you want to associate with each Trunk. Remember to associate the Numbers from a given country in the right Trunk. For example, associate US & Canada Numbers with the North American Trunk and European Numbers with the European Trunk etc.

CUCM Configuration

Accessing CUCM (Cisco Unified CM Administration)

  1. Open browse and enter the CUCM IP Address.
  2. Select Cisco Unified CM Administration from the Navigation drop-down.
  3. Provide the credentials and click Login.

Configure SIP Trunk Security Profile

Unified Communications Manager Administration groups security-related settings for the SIP trunk to allow you to assign a single security profile to multiple SIP trunks. Security-related settings include device security mode, digest authentication, and incoming/outgoing transport type settings.

  • From Cisco Unified CM Administration, navigate to System > Security > SIP Trunk Security Profile.
  • Click Add New.

  • Provide the desired Name and Description.
  • Choose Non Secure from Device Security Mode.
        - No security features except image authentication apply. A TCP or UDP connection opens to Unified Communications Manager.
  • From Incoming Transport Type, select TCP+UDP.
        - When Device Security Mode is Non Secure, TCP+UDP specifies the transport type.
  • Select Outgoing Transport Type as UDP.
  • Click Save.

Configure SIP Profiles

A SIP profile comprises the set of SIP attributes that are associated with SIP trunks and SIP endpoints. SIP profiles include information such as name, description, timing, retry, call pickup URI, and so on. The profiles contain some standard entries that you cannot delete or change.

  • From Cisco Unified CM Administration, navigate to Device > Device Settings > SIP Profile.
  • Click Add New.

  • Enter a name to identify the SIP profile.
  • Provide description to identify the purpose of the SIP profile.

  • From SIP Rel1XX Options drop-down, choose Send PRACK for all 1xx Messages.
  • From Early Offer support for voice and video calls drop-down, choose Best Effort (no MTP inserted).
        - Provide Early Offer for the outbound call only when caller side's media port, IP and codec information is available.
        - Provide Delayed Offer for the outbound call when caller side's media port, IP and codec information is not available. No MTP is inserted to provide Early Offer in this case.

  • Enable SIP OPTIONS Ping.
        - SIP OPTIONS are requests to the configured destination address on the SIP trunk.
  • Click Save.

Configure Media Resource Group

Media resource management comprises working with media resource groups and media resource group lists. Media resource management provides a mechanism for managing media resources, so all Cisco Unified Communications Managers within a cluster can share them. Media resources provide conferencing, transcoding, media termination, annunciator, and music on hold services.

  • From Cisco Unified CM Administration, navigate to Media Resources > Media Resource Group.
  • Click Add New.

  • Enter a unique name in this required field to identify the media resource group.
  • Enter a description for the media resource group. 
  • To add a media resource for this media resource group, choose one (MoH_2 in this case) from the available Media Resources list and click the down arrow. After a media resource is added, its name moves to the Selected Media Resources pane.

  • Click Save.

Configure Media Resource Group List

A Media Resource Group List provides a prioritized grouping of media resource groups. An application selects the required media resource, such as a music on hold server, from among the available media resources according to the priority order that is defined in a Media Resource Group List.

  • From Cisco Unified CM Administration, navigate to Media Resources > Media Resource Group List menu path to configure media resource group lists.
  • Click Add New.

  • Enter a unique name in this required field to identify the Media Resource Group List.

  • Choose the Media Resource Group created in the previous step from the Available Media Resource Groups list and click the down arrow that is located between the two panes. After a media resource group is added, its name moves to the Selected Media Resource Groups pane.

  • Click Save.

Trunk Configuration

Use a trunk device to configure a logical route to a SIP network.

  • From Cisco Unified CM Administration, choose Device > Trunk.
  • Click Add New.

  • From the Trunk Type drop-down list, choose SIP Trunk.
  • Choose SIP from Device Protocol drop-down.
  • From Trunk Service Type, select the default value (None).
  • Click Next.

  • Enter a unique identifier for the trunk.
  • Enter a descriptive name for the trunk.
  • Choose the Default Device Pool.
  • Choose the Media Resource Group List created in the previous step.

  • Provide the destination address.
        - The Destination Address represents the remote SIP peer with which this trunk will communicate.
        - SIP trunks only accept incoming requests from the configured Destination Address and the specified incoming port that is specified in the SIP Trunk Security Profile that is associated with this trunk.
  • Choose the SIP Trunk Security Profile created to apply to the SIP trunk.
  • Select the SIP Profile created from the list.
  • Choose RFC 2833 as DTMF Signaling Method.
  • Click Save.

  • Click OK.

  • Click the Reset button.

  • Reset, Restart and Close the window. Refresh the SIP trunk page and wait until the Server status changes from Unknown to Full Service.

Note

Resetting/restarting a SIP device does not physically reset/restart the hardware; it only reinitializes the configuration that is loaded by Cisco Unified Communications Manager.

For SIP trunks, Restart and Reset behave the same way, so all active calls will disconnect when either choice is pressed.

Configure Call Routing

A route pattern comprises a string of digits (an address) and a set of associated digit manipulations that route calls to a route list or a gateway. Route patterns provide flexibility in network design. They work in conjunction with route filters and route lists to direct calls to specific devices and to include, exclude, or modify specific digit patterns.

  • In Cisco Unified Communications Manager Administration, use the Call Routing > Route/Hunt > Route Pattern menu path to configure route patterns.
  • Click Add New.

  • Enter the route pattern, including numbers and wildcards (do not use spaces); for example, for NANP, enter 9.@ for typical local access or 8XXX for a typical private network numbering plan. Valid characters include the uppercase characters A, B, C, and D and \+, which represents the international escape character +.
  • Configure the Route Pattern as below. This will allow all the destination numbers dialed with +.
  • Choose SIP Trunk created from the gateway or route list drop-down to add the route pattern. 

  • Or, Configure the pattern as 1.\+XXXXXXXXXXXX. This would require dialing the number as 1.+XXXXXXXXXXXX from the endpoint.
  • Choose the SIP Trunk created earlier from the gateway or route list drop-down to add the route pattern. 

  • This way of configuring Route Pattern requires additional settings to remove the digits before the Dot.
  • From Discard Digits drop-down, choose PreDot.
        - This would remove the digits which are present before the Dot (1 in this case).

Configure End Users

The End User Configuration window allows you to add, search, display, and maintain information about Unified Communications Manager end users. End users can control phones after you associate a phone in the End User Configuration window. 

  • In Cisco Unified CM Administration, use the User Management > End User menu path to configure end users.
  • Click Add New.

  • Enter the unique end user identification name.
  • Enter alphanumeric or special characters for the end user password and confirm the same.
  • Enter numeric characters for the end user PIN and confirm.
  • Enter the end user last name.
  • For Digest Credentials, enter a string of alphanumeric characters and confirm.

Phone Setup

  • In Cisco Unified Communications Manager Administration, use the Device > Phone menu path to configure phones.
  • Click Add New.

  • From the Phone Type drop-down, choose Third-party AS-SIP Endpoint.
  • Click Next.

  • Choose Device Trust Mode as Not Trusted.
  • Enter the Media Access Control (MAC) address that identifies Cisco Unified IP Phones. Make sure that the value comprises 12 hexadecimal characters.
  • Choose Default Device pool.
        - A Device pool defines sets of common characteristics for devices, such as region, date/time group, and soft key template.
  • Choose Third-party AS-SIP Endpoint from the phone button template drop-down.
        - The phone button template determines the configuration of buttons on a phone and identifies which feature (line, speed dial, and so on) is used for each button.
  • Associate the Media Resource Group List created.
  • Choose the user ID of the assigned phone user.

  • Choose the security profile Third-party AS-SIP Endpoint - Standard SIP Non-Secure Profile to apply to the device.
  • Associate the SIP Profile created before.
        - SIP profiles provide specific SIP information for the phone such as registration and keep-alive timers, media ports, and do not disturb control.
  • Choose an end user that you want to associate with the phone for this setting that is used with digest authentication (SIP security).
  • Click Save.

  • Click this link to add a remote destination to associate with this device. The Remote Destination Configuration window displays, which allows you to add a new remote destination to associate with this device.

  • Add the Directory number.
  • Click Save.

  • Click the Associate End User button.

  • Select the end user created from the list and click Add Selected.

  • After the above step, the user association is completed.
  • Save the configuration.

  • Click Apply Config followed by the Reset button.
  • Reset, Restart and Close the window.

Device Association

  • Navigate back to User Management > End User.
  • In the Device Information field, click Device AssociationThis will display all the available devices. 

  • Select the device created in the previous step and save.

  • After selecting the appropriate device, it will appear in the Controlled Devices pane.

Enable MoH

In Cisco Unified Communications Manager Administration, use the System Service Parameters menu path to configure service parameters.

  • In the Server drop-down list box in the Service Parameter Configuration window, choose the CCUCM server being used. In this case, active means that you provisioned the server in Cisco Unified Communications Manager Administration.
  • From Service drop-down select Cisco CallManager. The service displays as active in the Service Parameters Configuration window.

  • Set the Duplex Streaming Enabled flag to True. This parameter determines whether Music On Hold (MOH) and Annunciator use duplex streaming.
  • Click Save.

Configuration for SIP-URI calling

The SIP URI scheme is a Uniform Resource Identifier(URI) scheme for the Session Initiation Protocol(SIP) multimedia communications protocol. 

Configure End user

  • In Cisco Unified CM Administration, navigate to User Management > End User.
  • Click Find. This will display all the end users created.

  • Click on the user to configure with sip-uri.

Configure Route

Cisco Unified Communications Manager uses SIP route patterns to route or block both internal and external calls.

  • In Cisco Unified Communications Manager Administration, use the Call Routing > SIP Route Pattern menu path to configure SIP route patterns.
  • Click Add New.

  • For Domain Routing pattern usage, enter a domain name(interopdmain.com in this case) IPv4 Pattern field that can resolve to an IPv4 address.
  • From the drop-down list choose the SIP trunk created earlier to associate the route pattern.
  • Click Save.

Directory Number Information

Using Cisco Unified Communications Manager Administration, you configure and modify directory numbers (DNs) that are assigned to specific phones. 

Assign Directory URIs to a Directory Number. Use the Directory Number Configuration window to associate directory URIs to a directory number. This allows Cisco Unified Communications Manager to support dialing using either the directory number or the directory URI. Each directory URI address must resolve to a single directory number in a partition.

  • In Cisco Unified Communications Manager Administration, navigate to Call Routing > Directory Number.
  • Click Find.

  • Click on the Directory number that needs a Directory URI assigned.
  • Add the SIP-URI and save.
  • Click Apply ConfigReset and Restart for the configuration to reflect.

MS TEAMS Configuration

For Microsoft Teams Direct Routing configuration for SBC SWe Lite, refer to the following: Connect SBC Edge to Microsoft Teams Direct Routing

Please check the connectivity for interfacing with Microsoft Teams Direct Routing before making the calls by following the procedure provided at the following link: Working with Connectivity Check - Verifying Service and Port Requirements for CCE and Teams

Note

This interop was performed with Media-Bypass OFF configuration on Microsoft Teams Direct Routing.

Monitor Real Time Status

Place a Test Call

Access SBC SWe Lite's WebUI and click the Monitor tab. Confirm all the SIP Signaling Groups are active. This panel provides current information on the status of Ports, Channels and in-progress Calls on the Ribbon SBC SWe Lite system.

The below snapshot indicates all the SIP Signaling Groups are Active.


  • Place a test call from Microsoft Teams client to PSTN.
  • Make sure the PSTN is presented with an incoming call(Phone display).
  • TEAMS-TWILIO_US: Teams Direct Routing SIP Signaling Group and TEAMS-TWILIO_EMEA: Border Element SIP Signaling Group present an alerting indication (magenta) in the respective channels. Click on the seized channels for the details.

Answer Call and Confirm Connection

  • Answer the call on PSTN endpoint.
  • TEAMS-TWILIO_US: Teams Direct Routing SIP Signaling Group and TEAMS-TWILIO_EMEA: Border Element SIP Signaling Group present a connected indication (blue) in the respective channels. Click on the seized channels for the details.

Disconnect the Call

  • Disconnect the call and ensure that the Channel Status is Idle.

Note
  • Click Show Legend for Channel/SG State Legend information.
  • Place Test Calls between Twilio, MS Teams and Cisco endpoints to confirm the successful configuration and monitor the status.

Supplementary Services and Features Coverage

The following checklist depicts the set of services/features covered through the configuration defined in this Interop Guide.

Sr. No.

Supplementary Services/ Features

Coverage

1OPTIONS validation

2Call Setup and Termination over UDP and TLS

3Ringing and Local Ringback Tone

4Remote Ringback Tone Handling

5Cancel Call, No Answer, Busy and Call Rejection

6Basic Call with different codecs

7Voice mail

8FAX

9DTMF

10Toll Free Calls and Operator Assisted Calls

11Emergency Calls

12Anonymous Calls

13Call Hold and Resume

14Session Timers

15Call Forward - Unconditional, Busy and No Answer

16Call Transfer (Blind/Unattended)

17Call Transfer (Attended)

18Call Conference

19Route Crankback

204xx/5xx Response Handling

21Long Duration Calls

22Early and Late Media

23Simultaneous Ringing

24Group Call Pickup

25Auto Attendant number dialing

26Call Queue

27Transcode Calls

28SIP-URI Calling

29Session Audits

Legend

Supported

Not Supported

Caveats

Note the following items in relation to this Interop:

  • OPUS codec with Asymmetric Payload negotiation is not supported. Hence, Customers are recommended to use Symmetric Payload type on both the ends.
  • MS Teams does not support SIP-URI calling with Direct Routing. The SIP-URI testing has been done only from CUCM to MS Teams via SBC SWe Lite.

Support

For any support related queries about this guide, please contact your local Ribbon representative, or use the details below:

References

For detailed information about Ribbon products and solutions, please visit:
https://ribboncommunications.com/products

For additional information on Cisco Unified Communication Manager, please visit: 
https://www.cisco.com/c/en/us/support/unified-communications/unified-communications-manager-callmanager/products-installation-and-configuration-guides-list.html

For additional information on Ribbon SBC SWe Lite on AWS, please visit:
Deploying an SBC SWe Lite via Amazon Web Services-AWS

For additional information on Teams, please visit:

Best Practice - Troubleshoot Issues with Microsoft Teams Direct Routing and Connect SBC Edge to Microsoft Teams Direct Routing

For detailed information about Twilio Elastic SIP Trunking and solutions, please visit:
https://www.twilio.com/sip-trunkinghttps://www.twilio.com/docs/sip-trunking and https://www.twilio.com/docs/sip-trunking/elastic-sip-trunking-solution-blueprints

Conclusion

This Interoperability Guide describes successful configuration for Twilio Elastic SIP Trunking interop involving Ribbon SBC SWe Lite on AWS, Cisco Unified Communication Manager and Microsoft Teams Direct Routing.

All features and capabilities tested are detailed within this document - any limitations, notes or observations are also recorded in order to provide the reader with an accurate understanding of what has been covered and what has not.

Configuration guidance is provided to enable the reader to replicate the same base setup - additional configuration changes are possibly required to suit the exact deployment environment.



© 2021 Ribbon Communications Operating Company, Inc. © 2021 ECI Telecom Ltd. All rights reserved.