Page History
...
Requirements for configuring the SBC Edge in support of Teams Direct Routing include:
SBC Edge Requirements
| Requirement | How it is Used |
|---|---|
Public IP address of NAT device (must be Static)* Private IP address of the SBC | Required for SBC Behind the NAT deployment. |
| Public IP address of SBC | Required for SBC with Public IP deployment. |
| Public FQDN | The Public FQDN must point to the Public IP Address. |
*NAT translates a public IP address to a Private IP address.
...
| Pagebreak |
|---|
Domain Name Examples
| Domain Name* | Use for SBC FQDN? | FQDN Names - Examples |
|---|---|---|
| SonusMS01.com |  | Valid names: |
| Valid names:
Non-Valid name: sbc1.europe.hybridvoice.org (requires registering domain name europe. hybridvoice.org in “Domains” first) |
*Do not use the *.onmicrosoft.com tenant for the domain name.
...
| Expand | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Inbound Public (Internet to SBC)
Outbound Public (SBC to Internet)
Public Access InformationThe tables below represent ACL (Access Control List) examples that protect the SBC Edge. When using Easy Configuration Teams related wizards in an Enterprise deployment, these attributes are automatically provisioned. If you are manually configuring the SBC Edge as part of a Microsoft Teams Direct Routing migration scenario (for example Skype for Business or CCE), you must manually configure these ports. For details on ACLs, refer to Creating and Modifying Rules for IPv6 Access Control Lists. Public Access In - Requirements
Public Access Out - Requirements
* Define in Tenant configuration ** SBC SWe Edge does not require this rule to be created since Media ports are opened as needed. This rule is required only for SBC 1000, SBC 2000 and then depends of the Media Port paired configured in the SBC. |
...
| Expand | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||||||||||||||||||
Apply the following firewall rules below:
Inbound Public (Internet to SBC)Media for SBC 1000: UDP 17586-21186** Media for SBC 2000: UDP 19386-28386** Outbound Public (SBC to Internet)Media: UDP 50000-50019 If the device that handles the NAT between the Teams Client and SBC Public IP is performing PAT (), verify that this device has the source port range of the Teams Client media or open all the ports from 1024 to 65535. For SBC behind NAT, the firewall should allow access between the firewall IP and the NAT device's IP. For SBC not using NAT, there must be access between the firewall and the SBC's Public IP. Public Access The tables below represent ACL (Access Control List) examples that protect the SBC Edge; these ACL attributes are automatically provisioned if the Teams-related Easy Configuration wizards are used (applies to the greenfield deployment scenario only). Public Access In - Requirements (Media Bypass Scenario)
Public Access Out - Requirements (Media Bypass Scenario)
* Define in Tenant configuration ** SBC SWe Edge does not require this rule to be created since Media ports are opened as needed. This rule is required only for SBC 1000, SBC 2000 and then depends of the Media Port paired configured in the SBC. |
...
Overview
Content Tools