CSS Stylesheet |
---|
h1, h2, {font-size: 18pt !important;}
h3 {font-size: 16pt !important;}
h4 {font-size: 14pt !important;}
h5 {font-size: 14pt !important;} |
CSS Stylesheet |
---|
.wiki-content h1 {
border-top: 1px solid rgb(145,150,153);
} |
Section |
---|
Column |
---|
|
Noprint |
---|
Add_workflow_for_appnotes |
---|
AUTH1 | UserResourceIdentifier{userKey=8a00a02355cd1c2f0155cd26cec00c5c, userName='null'} |
---|
JIRAIDAUTH | IOT-673 |
---|
REV5 | UserResourceIdentifier{userKey=8a00a02355cd1c2f0155cd26cb220566, userName='null'} |
---|
REV6 | UserResourceIdentifier{userKey=8a00a02355cd1c2f0155cd26cd5909df, userName='null'} |
---|
REV4 | UserResourceIdentifier{userKey=8a00a02355cd1c2f0155cd26c8a10148, userName='null'} |
---|
REV1 | UserResourceIdentifier{userKey=8a00a02355cd1c2f0155cd26c8a10148, userName='null'} |
---|
|
|
|
|
Interoperable Vendors
Copyright
© 2023 Ribbon Communications Operating Company, Inc. © 2023 ECI Telecom Ltd. All rights reserved. The compilation (meaning the collection, arrangement and assembly) of all content on this site is protected by U.S. and international copyright laws and treaty provisions and may not be used, copied, reproduced, modified, published, uploaded, posted, transmitted or distributed in any way, without prior written consent of Ribbon Communications Inc.
The trademarks, logos, service marks, trade names, and trade dress (“look and feel”) on this website, including without limitation the RIBBON and RIBBON logo marks, are protected by applicable US and foreign trademark rights and other proprietary rights and are the property of Ribbon Communications Operating Company, Inc. or its affiliates. Any third-party trademarks, logos, service marks, trade names and trade dress may be the property of their respective owners. Any uses of the trademarks, logos, service marks, trade names, and trade dress without the prior written consent of Ribbon Communications Operating Company, Inc., its affiliates, or the third parties that own the proprietary rights, are expressly prohibited.
Document Overview
This document outlines the configuration best practices for the Ribbon solution covering the Ribbon SBC Edge when deployed with Microsoft Teams vSBA (virtual Survivable Branch Appliance).
About Ribbon SBC Edge
A Session Border Controller (SBC) is a network element deployed to protect SIP-based Voice over Internet Protocol (VoIP) networks. Early deployments of SBCs were focused on the borders between two service provider networks in a peering environment. This role has now expanded to include significant deployments between a service provider's access network and a backbone network to provide service to residential and/or enterprise customers.
The SBC Edge (SBC 1000/2000) addresses the next-generation needs of SIP communications by delivering embedded media transcoding, robust security, and advanced call routing in a high-performance, small form-factor device enabling service providers and enterprises to quickly and securely enhance their network by implementing services like SIP Trunking, secure Unified Communications, and Voice over IP (VoIP).
The SBC Edge provides a reliable, scalable platform for IP interconnect to deliver security, session control, bandwidth management, advanced media services, and integrated billing/reporting tools in an SBC appliance. This versatile series of SBCs is deployed as peering SBCs, access SBCs, or enterprise SBCs (eSBCs). The SBC product family is tested for interoperability and performance against a variety of third-party products and call flow configurations in the customer networks.
Note |
---|
SBC 1000, SBC 2000 and SWe Edge are represented as SBC Edge in the subsequent sections. |
About Microsoft Survivable Branch Appliance (SBA)
When a customer site using Direct Routing to connect to Microsoft Phone System experiences an internet outage, the intranet inside the branch is still fully functional. Users can connect to the Session Border Controller (SBC) that is providing the PSTN connectivity.
During an internet outage, the Teams Phone should switch to the SBA automatically. No action is required from the user. As soon as the Teams Phone detects that the internet service is restored and any outgoing calls are finished, the Teams Phone falls back to normal operation mode and connects to other Teams services.
The interoperability compliance testing focuses on verifying inbound and outbound call flows between the Ribbon SBC Edge, Teams vSBA, and Teams Phone.
This guide contains the following configuration sections:
Non-Goals
It is not the goal of this guide to provide detailed configurations that meet the requirements of every customer. Use this guide as a starting point and build the SBC configurations in consultation with network design and deployment engineers.
Audience
This is a technical document intended for telecommunications engineers with the purpose of configuring both the Ribbon SBCs and the third-party product.
To perform this interop, you need to:
- use the graphical user interface (GUI) or command line interface (CLI) of the Ribbon product.
- understand the basic concepts of TCP/UDP/TLS and IP/Routing.
- have SIP/RTP/SRTP to complete the configuration and for troubleshooting.
Info |
---|
|
This configuration guide is offered as a convenience to Ribbon customers. The specifications and information regarding the product in this guide are subject to change without notice. All statements, information, and recommendations in this guide are believed to be accurate but are presented without warranty of any kind, express or implied, and are provided “as is”. Users must take full responsibility for the application of the specifications and information in this guide. |
Prerequisites
The following aspects are required before proceeding with the interop:
- Ribbon SBC Edge
- Public IP Addresses
- Microsoft admin account - a special type of account where the Teams user is configurable for Direct Routing SBA (Survivable Branch Appliance).
- TLS Certificates for the Ribbon SBC signed by one of the Microsoft approved CA vendors.
- Certificates must have the FQDN or domain name that is configured on the Microsoft admin portal.
Anchor |
---|
| Product and device details |
---|
| Product and device details |
---|
|
Product and Device Details
The sample configuration in this document uses the following equipment and software:
Caption |
---|
|
| Appliance/Application/Tool | Software Version |
---|
Ribbon Communications | SBC 2K | 11.0.1 build 634 |
---|
Microsoft | Survivable Branch Appliance (SBA) | v.2022.6.14.1 | Teams Client | 8.0.1.4106 | PSTN Phone | Jitsi | 2.10 | Administration and Debugging Tools | Ribbon LX Tool | 2.1.0.6 |
|
Info |
---|
|
- Microsoft SBA version is v.2022.6.14.1 or later.
- Jitsi version is 2.10 or later.
|
Anchor |
---|
| Network Topology Diagram |
---|
| Network Topology Diagram |
---|
|
Network Topology Diagram
This section covers the Ribbon SBC Edge deployment topology and the Interoperability Test Lab Topology.
Deployment Topology - Ribbon SBC 2K
Caption |
---|
0 | Figure |
---|
1 | Ribbon SWe Edge Deployment Topology |
---|
|
|
Interoperability Test Lab Topology - Ribbon SBC 2K
The following lab topology diagram shows connectivity between Ribbon SBC 2K, Microsoft vSBA.
Caption |
---|
0 | Figure |
---|
1 | SBC 2K and Microsoft Virtual SBA interoperability Test Lab Topology |
---|
|
|
Document Workflow
The sections in this document use the following sequence. The reader is advised to complete each section for successful configuration.
Section A: Ribbon SBC Edge Configuration
The following SBC Edge configurations are included in this section:
Connectivity
Network
Static Routes
TLS Configuration between SBC Edge and Microsoft SBA
Easy Config Wizard
Connectivity Caption |
---|
0 | Figure |
---|
1 | SBC 2000 Front Panel |
---|
|
|
Info |
---|
The SBC 2000 is connected to the network as follows: Ethernet 1: RJ45 "1" is connected towards the PSTN leg.
Ethernet 3: RJ45 "3" is connected towards the Teams Direct Routing leg. Ethernet 4: RJ45 "4" is connected towards the Teams Direct Routing SBA leg. USB 1: USB - LAN adapter used to connect ASM to network. USB 2: Connected to the keyboard. |
Caption |
---|
0 | Figure |
---|
1 | SBC Edge Connectivity |
---|
|
|
Info |
---|
The SBC Edge is connected to the network as follows: Ethernet 1: RJ45 "1" is connected towards the PSTN leg.
Ethernet 3: RJ45 "3" is connected towards the Teams Direct Routing leg. Ethernet 4: RJ45 "4" is connected towards the Teams Direct Routing SBA leg. |
Network
Configure Ethernet 1, Ethernet 3, and Ethernet 4 of the SBC Edge with the IP as follows:
Navigate to Node Interfaces > Logical Interfaces.
Caption |
---|
0 | Figure |
---|
1 | Logical Interfaces |
---|
|
|
Caption |
---|
|
|
Caption |
---|
|
|
Caption |
---|
|
|
Tip |
---|
- To configure Ethernet 1, Ethernet 2, and Ethernet 3 of an SBC SWe Edge, navigate to Networking Interfaces > Logical Interfaces.
- The SBC Edge is configurable with any of the available Ethernet ports. In the current testing Ethernet 1, 3, and 4 are used.
|
Anchor |
---|
| Static Routes |
---|
| Static Routes |
---|
|
Static RoutesStatic routes are used to create communication to remote networks. In a production environment, static routes are mainly configured for routing from a specific network to a network that can only be accessed through one point or one interface (single path access or default route).
Tip |
---|
|
- For smaller networks with just one or two routes, configuring static routing is preferable. This is often more efficient since a link is not wasted by exchanging dynamic routing information.
- For networks that have a LAN-side Gateway on Voice VLAN or Multi-Switch Edge Devices (MSEs) with Voice VLAN towards the SBC Edge, static routing configurations are not required.
|
Add static routes towards the Eth1 interface 172.16.X.X (PSTN) and the Eth2 interface 172.16.X.X (Microsoft SBA).
The default static route is towards the Eth1, which is in a private network.
- Navigate to Settings > Protocol > IP > Static Routes to configure the routes.
Caption |
---|
0 | Figure |
---|
1 | Static Routes |
---|
3 | Static Routes |
---|
|
|
Anchor |
---|
| TLS Configuration between Ribbon SBC Edge and ZPLS |
---|
| TLS Configuration between Ribbon SBC Edge and ZPLS |
---|
|
TLS Configuration between SBC Edge and Microsoft SBA
Prerequisites:
Request a certificate for the SBC and configure it based on the example using Go Daddy as follows:
- Generate a Certificate Signing Request (CSR) and obtain the certificate from a Certificate Authority.
- Import the Public CA Root/Intermediate Certificate and the SBC Certificate on the SBC.
Step 1: Generate a Certificate Signing Request and obtain the certificate from a Certificate Authority (CA).
Caption |
---|
0 | Figure |
---|
1 | Generate Certificate Signing Request |
---|
|
|
Step 2: Deploy the Root/Intermediate and SBC certificates on the SBC.
After receiving the certificates from the certificate authority, install the SBC Certificate and the Root/Intermediate certificates as follows:
Caption |
---|
0 | Figure |
---|
1 | Trusted CA Certificate Table |
---|
|
|
- Click Import and select X.509 Signed Certificate.
- Validate that the certificate is installed correctly.
Caption |
---|
0 | Figure |
---|
1 | Validate certificate |
---|
|
|
Anchor |
---|
| Easy Config Wizard |
---|
| Easy Config Wizard |
---|
|
Easy Config WizardConfigure the SBC Edge with Teams Direct Routing SBA using the Easy Config Wizard.
- Access the WebUI of SBC Edge.
- Click on the Tasks tab.
- From the left side menu, click SBC Easy Setup > Easy Config Wizard.
Caption |
---|
0 | Figure |
---|
1 | Easy Config Wizard |
---|
|
|
Fill in the details for Step 1 as follows:
- Application SIP Trunk↔Microsoft Teams.
- Scenario Description as Teams SBA.
- SIP Sessions as 100.
Info |
---|
Enter a value for SIP sessions as per the requirement. The value is listed up to 960. |
Caption |
---|
|
|
Fill in the details for Step 2 as follows:
- Border Element Server is the PSTN IP.
- Use Secondary Border Element Server is Disabled.
- Teams Connection Type is Standalone Direct Connection.
- The SBC Signaling/Media Source IP towards Teams Direct Routing (public IP).
- Configure Direct Routing SBA is set to True.
- Direct Routing SBA FQDN as ioteamsba.customers.interopdomain.com.
- The SBC Signaling /Media Source IP towards Teams Direct Routing SBA.
Caption |
---|
|
|
Review the configurations in Step 1 and Step 2, and click on the Finish button.
Note |
---|
The SBC 2000 would not have the option to choose the Signaling/Media Interface - "SBA Signaling/Media Source IP". |
Caption |
---|
|
|
Section B: Microsoft SBA Configuration
For information on configuring the Survivable Branch Appliance (SBA) for Direct Routing, refer to following link:
https://docs.microsoft.com/en-us/microsoftteams/direct-routing-survivable-branch-appliance
For the Prerequisites, Installation, and Configuring the Direct Routing SBA, refer to following link:
https://doc.rbbn.com/display/UXDOC110/Best+Practice+-+Configure+Direct+Routing+Virtual+Survivable+Branch+Appliance#
Prerequisites
For Prerequisites on Direct routing SBA, refer to the following link:
https://doc.rbbn.com/display/UXDOC110/Best+Practice+-+Configure+Direct+Routing+Virtual+Survivable+Branch+Appliance#BestPracticeConfigureDirectRoutingVirtualSurvivableBranchAppliance-Prerequisites
Installation
For Installation on Direct routing SBA, refer to Step 1 in the following link:
https://doc.rbbn.com/display/UXDOC110/Best+Practice+-+Configure+Direct+Routing+Virtual+Survivable+Branch+Appliance#BestPracticeConfigureDirectRoutingVirtualSurvivableBranchAppliance-Step1:InstallVirtualSBASoftware
Anchor |
---|
| Configuration |
---|
| Configuration |
---|
|
Configuration
For Configuring on Direct routing SBA, refer to Step 2 in the following link:
https://doc.rbbn.com/display/UXDOC110/Best+Practice+-+Configure+Direct+Routing+Virtual+Survivable+Branch+Appliance#BestPracticeConfigureDirectRoutingVirtualSurvivableBranchAppliance-Step2:SetuptheOffice365DirectRoutingvSBA
Anchor |
---|
| Supplementary |
---|
| Supplementary |
---|
|
Supplementary Services and Features Coverage
The following checklist depicts the set of services/features covered through the configuration defined in this Interop Guide.
Sr. No. | Supplementary Features/Services | Coverage |
---|
1 | OPTIONS ping (SBC to SBA) | |
2 | OPTIONS ping (SBA to SBC) | |
3 | Basic Call from PSTN to Teams | |
4 | Basic Call from Teams to PSTN | |
5 | Call Hold & Call Resume | |
Legend
| Supported |
| Not Supported |
N/A | Not Applicable |
Caveats
The following items were observed during this Interop - these are either limitations, untested elements, or useful information pertaining to the Interoperability:
- Message on the Teams Client desktop in Survivable Mode - "No internet connection. Calling, including emergency calls, is only available to and from phone numbers". This indicates that the Teams phone is now registered or connected with Microsoft SBA.
- Teams User status would be "Offline" in Survivable mode.
Note |
---|
Above mentioned caveats doesn't hamper the Teams performance, instead it's the Teams client user notifications in Survivability mode. |
Support
For any support related queries about this guide, contact your local Ribbon representative, or use the details below:
References
For detailed information about Ribbon products & solutions, go to:
https://ribboncommunications.com/products
For information about Microsoft Survivable Branch Appliance (SBA) & solutions, go to:
https://learn.microsoft.com/en-us/microsoftteams/direct-routing-survivable-branch-appliance
Conclusion
This Interoperability Guide describes a successful configuration of the Ribbon SBC Edge and Microsoft Survivable Branch Appliance .
All features and capabilities tested are detailed within this document - any limitations, notes, or observations are also recorded in order to provide the reader with an accurate understanding of what has been covered, and what has not.
Configuration guidance is provided to enable the reader to replicate the same base setup - there maybe additional configuration changes required to suit the exact deployment environment.
© 2023 Ribbon Communications Operating Company, Inc. © 2023 ECI Telecom Ltd. All rights reserved.