Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migration of unmigrated content due to installation of a new plugin


CSS Stylesheet
h1, h2, {font-size: 18pt !important;}
h3 {font-size: 16pt !important;}
h4 {font-size: 14pt !important;}
h5 {font-size: 14pt !important;}


CSS Stylesheet
.wiki-content h1 {
border-top: 1px solid rgb(145,150,153);
}


Section


Column
width40%
Table of Contents
Panel

Table of Contents
maxLevel4



Column
width5%



Column
width55%


Noprint

Add_workflow_for_appnotes
AUTH1UserResourceIdentifier{userKey=8a00a02355cd1c2f0155cd26cec00c5c, userName='null'}
JIRAIDAUTHIOT-606
REV5UserResourceIdentifier{userKey=8a00a02355cd1c2f0155cd26cb220566, userName='null'}
REV6UserResourceIdentifier{userKey=8a00a02355cd1c2f0155cd26cd5909df, userName='null'}
REV4UserResourceIdentifier{userKey=8a00a02355cd1c2f0155cd26c8a10148, userName='null'}
REV1UserResourceIdentifier{userKey=8a00a02355cd1c2f0155cd26c99e02c0, userName='null'}



 

Pagebreak

Interoperable Vendors

   


© 2023 Ribbon Communications Operating Company, Inc. © 2023 ECI Telecom Ltd. All rights reserved. The compilation (meaning the collection, arrangement and assembly) of all content on this site is protected by U.S. and international copyright laws and treaty provisions and may not be used, copied, reproduced, modified, published, uploaded, posted, transmitted or distributed in any way, without prior written consent of Ribbon Communications Inc.

The trademarks, logos, service marks, trade names, and trade dress (“look and feel”) on this website, including without limitation the RIBBON and RIBBON logo marks, are protected by applicable US and foreign trademark rights and other proprietary rights and are the property of Ribbon Communications Operating Company, Inc. or its affiliates. Any third-party trademarks, logos, service marks, trade names and trade dress may be the property of their respective owners.  Any uses of the trademarks, logos, service marks, trade names, and trade dress without the prior written consent of Ribbon Communications Operating Company, Inc., its affiliates, or the third parties that own the proprietary rights, are expressly prohibited.

Document Overview

This document outlines the configuration best practices for the Ribbon solution covering the Ribbon SBC Core SWe when deployed with Microsoft Teams vSBA (virtual Survivable Branch Appliance).

About Ribbon SBC Core

A ​Session Border Controller​ (​SBC​) is a network element deployed to protect​ ​SIP​-based Voice over Internet Protocol​ (VoIP) networks. ​Early deployments of SBCs were focused on the borders between two service provider networks in a peering environment. This role has now expanded to include significant deployments between a service provider's access network and a backbone network to provide service to residential and/or enterprise customers. ​

The SBC Core (SBC 5K, 7K, SWe) addresses the next-generation needs of SIP communications by delivering embedded media transcoding, robust security, and advanced call routing in a high-performance, small form-factor device enabling service providers and enterprises to quickly and securely enhance their network by implementing services like SIP Trunking, secure Unified Communications, and Voice over IP (VoIP).

The SBC Core provides a reliable, scalable platform for IP interconnect to deliver security, session control, bandwidth management, advanced media services, and integrated billing/reporting tools in an SBC appliance. This versatile series of SBCs can be deployed as peering SBCs, access SBCs, or enterprise SBCs (eSBCs). The SBC product family is tested for interoperability and performance against a variety of third-party products and call flow configurations in the customer networks.

Note

The SBC 5400, 7000, and SWe are represented as "SBC Core" in the subsequent sections.

About Virtual Survivable Branch Appliance (vSBA)

The Direct Routing Virtual Survivable Branch Appliance (vSBA) is a Ribbon Communications SBC SWe Edge offer accomplished through close cooperation with Microsoft®. The vSBA allows users to make and receive Public Switched Telephone Network (PSTN) calls when there is an outage.

When a customer site using Direct Routing to connect to Microsoft Phone System experiences an internet outage, the intranet inside the branch will remain fully functional. Users can connect to the Session Border Controller (SBC) that is providing the PSTN connectivity.

During an internet outage, the Teams client should switch to the vSBA automatically. No action is required from the user. As soon as the Teams client detects that the internet service is restored and any outgoing calls are finished, the client will fall back to normal operation mode and connect to other Teams services.

The interoperability compliance testing focuses on verifying inbound and outbound call flows between the Ribbon SBC SWe Core and Teams vSBA.

Note

Direct Routing vSBA is available on the SBC SWe Edge Release 11.0x and later.

Contact your authorized Ribbon sales representative/partner for more information regarding approved SBC SWe Edge Direct Routing vSBA platforms and acquisition.


This guide contains the following configuration sections: 

Anchor
Non-Goals
Non-Goals
Non-Goals

It is not the goal of this guide to provide detailed configurations that will meet the requirements of every customer. Use this guide as a starting point and build the SBC configurations in consultation with network design and deployment engineers. 

Anchor
Audience
Audience
Audience

This is a technical document intended for telecommunications engineers with the purpose of configuring both the Ribbon SBCs and the third-party product.

To perform this interop, you need to:

  • use the graphical user interface (GUI) or command line interface (CLI) of the Ribbon product.
  • understand the basic concepts of TCP/UDP/TLS and IP/Routing.
  • have SIP/RTP/SRTP to complete the configuration, and for troubleshooting.


Info
titleNote

This configuration guide is offered as a convenience to Ribbon customers. The specifications and information regarding the product in this guide are subject to change without notice. All statements, information, and recommendations in this guide are believed to be accurate but are presented without warranty of any kind, express or implied, and are provided “AS IS”. Users must take full responsibility for the application of the specifications and information in this guide.

Prerequisites

The following aspects are required before proceeding with the interop:

  • Ribbon SBC SWe Core
  • Ribbon SWe Edge
  • Public IP Addresses
  • Microsoft admin account - a special type of account where the Teams user can be configured for Direct Routing SBA (Survivable Branch Appliance).
  • TLS Certificates for Ribbon SBC Core signed by one of the Microsoft approved CA vendors.
  • Certificates must have the FQDN or domain name that is configured on the Microsoft admin portal.
  • A Windows Server 2019 VM with a minimum of four virtual processors, 8GB memory, and 80GB of disk space to install vSBA.
  • Media Bypass is a prerequisite for vSBA deployments.

Anchor
Product and device details
Product and device details
Product and Device Details

The sample configuration in this document uses the following equipment and software:

Caption
0Table
1Requirements



Appliance/Application/Tool

Software Version

Ribbon Communications

SBC SWe Core

V10.01.01-R002

SBC SWe Edge11.0.1 build 42
Microsoft Survivable Branch Appliance (SBA)v.2022.6.14.1
Teams Client1.5.00.17656 (64-bit)
PSTN PhonePhonerLite2.79
Administration and Debugging ToolsRibbon LX Tool2.1.0.6



Info
titleNote
  • Microsoft SBA version is v.2022.6.14.1 or later
  • Teams Client version is 1.5.00.17656 (64-bit) or later 
  • PhonerLite version is 2.79 or later


Note

SoftPhones and IP-PBX are used to simulate PSTN.

Anchor
Network Topology Diagram
Network Topology Diagram
Network Topology Diagram

This section covers the Ribbon SWe Core deployments in Wells Fargo.

Deployment Topology

Caption
0Figure
1Deployment Topology 1 & 2



Caption
0Figure
1Deployment Topology 3


Caption
0Figure
1Deployment Scenario 4

Interoperability Test Lab Topology

The lab topology describes the following scenarios:

  • Deployment Scenario 1: Teams Client 1 (behind Direct Routing) calls Teams Client 2 (behind vSBA1).


  • Deployment Scenario 2: Teams Client 2 (behind vSBA1) calls Teams Client 1 (behind Direct Routing).


  • Deployment Scenario 3: Teams Client 1 (behind vSBA1) calls Teams client 2 behind vSBA2.


  • Deployment Scenario 4: PSTN calls vSBA1, vSBA1 sends 4xx error response to SWeCore, SBC (SWeCore) sends call to Teams Client 2 behind vSBA2.


Caption
0Figure
1Deployment Scenario 1 and 2


Caption
0Figure
1Deployment Scenario 3


Caption
0Figure
1Deployment Scenario 4


Document Workflow


Anchor
Section A
Section A
Section A: SBC Core Configuration for Deployment Scenario 1 & 2

The following SBC Core configurations are included in this section:

Network and Connectivity

Static Routes

Configure SBC for MS Teams

Configure ERE for MS Teams

SBC Core SBA Leg Generic Configuration

Microsoft SBA Leg Configuration

Anchor
Network and Connectivity
Network and Connectivity
Network and Connectivity

Ribbon SBC is as shown below:

Caption
0Figure
1Ribbon SBC


Info

Mgmt is an RJ45 port and the management interface of the SBC.

Media 0/Media 1, depicted as pkt0/pkt1, are RJ45 OR optical SFP ports. Media 0 and Media 1 are used in the current deployment and the same interfaces can be used in SBC Core 5K and 7K (appliance based). Typically, on 5K/7K these ports would be optical SFPs.

For the SBC SWe (virtualized platform), the logical pkt0/pkt1 interface must be mapped to a physical port.

Anchor
Static Routes
Static Routes
Static Routes

Static routes are used to create communication to remote networks. In a production environment, static routes are mainly configured for routing from a specific network to a network that can only be accessed through one point or one interface (single path access or default route).

Tip
titleTip
  • For smaller networks with just one or two routes, configuring static routing is preferable. This is more efficient since a link is not wasted by exchanging dynamic routing information.
  • For networks that have a LAN-side Gateway on Voice VLAN or Multi-Switch Edge Devices (MSEs) with Voice VLAN towards SBC Core, static routing configurations are not required.

Static route towards SBA

Code Block
set addressContext default staticRoute 0.0.0.0 0 172.16.X.X LIF2 PKT1_V4 preference 100
commit

Anchor
Configure SBC for MS Teams
Configure SBC for MS Teams
Configure SBC for MS Teams

SBC Core should be configured for Teams Direct Routing and PSTN with the below link:

https://doc.rbbn.com/display/ALLDOC/SBC+8.2+-+Configure+SBC+for+MS+Teams


Info

Follow the section from Common SBC Configuration till Configure SBC for MS Teams Media Bypass.


Info
  • When using media bypass, the media between the Teams client and the SBC is using the SBC external (public) interface.
  • This solution is to allow calls to/from the SIP trunk/PSTN, when connectivity to Microsoft Teams is lost – survivability mode.

Anchor
Configure ERE for MS Teams
Configure ERE for MS Teams
Configure ERE for MS Teams

SBC Core has an Embedded Routing Engine (ERE). It can be configured as mentioned in the link below:

https://doc.rbbn.com/display/ALLDOC/SBC+8.2+-+Configure+ERE+for+MS+Teams


Note

Once the above 2 sections are configured, proceed with the below mentioned sections.

SBC Core SBA Leg Generic Configuration

Anchor
Crypto Suite
Crypto Suite
Crypto Suite Profile

Since there is a SRTP between the SBA and the SBC, a crypto suite profile needs to be created as follows:

Code Block
set profiles security cryptoSuiteProfile CRYPT_PROF entry 1 cryptoSuite AES-CM-128-HMAC-SHA1-80
commit

Anchor
PSTN Codec Entry
PSTN Codec Entry
Codec Entry

Codec entry allows you to specify the codec used for the call. Create the codec entry for G711 codec with a packet size 20 and rfc2833 method for dtmf.

Code Block
set profiles media codecEntry G711-TEAMS codec g711 
set profiles media codecEntry G711-TEAMS packetSize 20
set profiles media codecEntry G711-TEAMS law deriveFromOtherLeg
set profiles media codecEntry G711-TEAMS dtmf relay rfc2833
commit


Anchor
RTCP
RTCP
RTCP for Media

To configure the RTCP for media, execute the following commands:

Code Block
set system media mediaRtcpControl senderReportInterval 5
set system media mediaRtcpControl sendBYEPacket disabled
commit


Anchor
Configure SIP Domain
Configure SIP Domain
SIP Domain

The SBC SIP domain is configured as follows:

Code Block
set global sipDomain x.x.x.x
commit


Info

Replace "x.x.x.x"  with the SBC fqdn.


The SBA SIP domain is configured as follows:

Code Block
set global sipDomain y.y.y.y
commit


Info

Replace "y.y.y.y"  with the SBA fqdn.

Anchor
Path Check Profile
Path Check Profile
Path Check Profile

Create and attach a Path Check Profile to the SBA side:

Code Block
set profiles services pathCheckProfile SBA_OPTIONS protocol sipOptions sendInterval 50 replyTimeoutCount 1 recoveryCount 1
set profiles services pathCheckProfile SBA_OPTIONS transportPreference preference1 tls-tcp
commit

Anchor
Teams SBA Leg Configuration
Teams SBA Leg Configuration
Microsoft SBA Leg Configuration

Create profiles with a specific set of characteristics corresponding to the Microsoft SBA. This includes the configuration of the following entities on the Microsoft SBA leg:

IP Interface Group

Zone

SIP Signaling Port

IP Peer

SIP Trunk Group

Routing Label

Call Routing

Anchor
IP Interface Group
IP Interface Group
IP Interface Group

Create an IP interface group.

Info

Replace "x.x.x.x" with the SBC's packet interface (pkt) IP address towards SBA (example pkt1 IP), and "Y" with its prefix length. Provide the ceName used during an SBC deployment.

For example, the ceName is "TEAMSSBA1".


Code Block
set addressContext default ipInterfaceGroup LIF2 ipInterface PKT1_V4 ceName TEAMSSBA1 portName pkt1
set addressContext default ipInterfaceGroup LIF2 ipInterface PKT1_V4 ipAddress x.x.x.x prefix Y
set addressContext default ipInterfaceGroup LIF2 ipInterface PKT1_V4 mode inService state enabled
commit

Anchor
Zone
Zone
Zone

Create a Zone towards the SBA and specify the ID of the zone.

Info

This Zone groups the set of objects used for communication towards the SBA.


Code Block
set addressContext default zone SBA_ZONE id 6
commit

Anchor
SIP Signaling Port
SIP Signaling Port
SIP Signaling Port

Set the SIP Signaling port, which is a logical address used to send and receive SIP call signaling packets and is permanently bound to a specific zone.

Info

Replace "x.x.x.x" with the SIP Signaling Port IP address of the SBC towards the SBA.


Code Block
set addressContext default zone SBA_ZONE sipSigPort 7 ipInterfaceGroupName LIF2
set addressContext default zone SBA_ZONE sipSigPort 7 ipAddressV4 x.x.x.x
set addressContext default zone SBA_ZONE sipSigPort 7 portNumber 5060
set addressContext default zone SBA_ZONE sipSigPort 7 tlsProfileName SBA_TLS
set addressContext default zone SBA_ZONE sipSigPort 7 transportProtocolsAllowed sip-tls-tcp
set addressContext default zone SBA_ZONE sipSigPort 7 mode inService
set addressContext default zone SBA_ZONE sipSigPort 7 state enabled
commit


Note

Attach the TLS Profile created earlier in Configure SBC for TLS.


Warning

There are a few areas that result in a TLS negotiation issue. One area involves assigning the incorrect port. Ensure the following are accomplished: 

  • SBA listens on port number 5061 (default setting).

  • Configure port number 5060 on the SBC IP-Peer, since Ribbon SBC Core increments the port by 1 when the transport protocol is TLS.

Anchor
IP Peer
IP Peer
IP Peer

Create an IP Peer with the signaling fqdn of the SBA and assign it to the SBA Zone.

Info

Replace "x.x.x.x"  with the SBA fqdn.


Code Block
set addressContext default zone SBA_ZONE ipPeer SBA policy description ""
set addressContext default zone SBA_ZONE ipPeer SBA policy sip fqdn X.X.X.X
set addressContext default zone SBA_ZONE ipPeer SBA policy sip fqdnPort 5060
set addressContext default zone SBA_ZONE ipPeer SBA pathCheck profile SBA_OPTIONS
set addressContext default zone SBA_ZONE ipPeer SBA pathCheck hostName X.X.X.X
set addressContext default zone SBA_ZONE ipPeer SBA pathCheck hostPort 5060
set addressContext default zone SBA_ZONE ipPeer SBA pathCheck state enabled
commit

Anchor
DmPm
DmPm
DmPm Rule

Teams Client 1 needs to dial an external number (i.e. any number, other than the Teams Phone number present in the Active Directory) in order for the call to reach SBC Core.

SBC Core applies digit manipulation (DmPmRule) to convert the external number to the Teams Client 2 number. DmPmRule is applied based on DmPmCriteria.

DmPmCriteria

DmPmCriteria is matched based on the called number +196200445566.

Code Block
set profiles digitParameterHandling dmPmCriteria MATCH_FULL_NUM criteriaType digit digitType calledNumber digitCriteria digitMatch operation equals value matchValue +196200445566 numberOfDigits 0 startDigitPosition 0

DmPmRule

DmPmRule is applied here to modify the called number to the billing number +17779992001.

Code Block
set profiles digitParameterHandling dmPmRule MODIFY_CALLED subRule 0 criteria MATCH_FULL_NUM ruleType digit digitManipulation numberType calledNumber digitStringManipulation startDigitPosition 0 numberOfDigits 30 replacement type constant digitString billingNumber value +17779992001


Info

In the above example, the DmPmRule External called number +196200445566 is converted to the Teams Phone Number +17779992001.


For the calls from Teams Client 1 behind Teams Cloud to Teams Client 2 behind vSBA1, dmPmRule need to be applied to TEAMS_TG, so that SBC Core would modify the called number from external number to Teams Phone number.

Code Block
set addressContext default zone TEAMS_ZONE sipTrunkGroup TEAMS_TG policy digitParameterHandling ingressDmPmRule MODIFY_CALLED


Note

DmPmRule is applied on SIP Trunk Group TEAMS_TG, as the call is originating from TEAMS_TG.

SIP Message Manipulation (SMM)

Microsoft SBA expects the fqdn in the From and Contact header of the OPTIONS message. Replace <user_input1> with the SBC's fqdn in the SMM below.

  • rule 1 - replace the From header with the SBC's fqdn.
  • rule 2 - replace the Contact header with the SBC's fqdn.
  • rule 3 - add the User Agent header.


Code Block
set profiles signaling sipAdaptorProfile SBAOPT state enabled
set profiles signaling sipAdaptorProfile SBAOPT advancedSMM disabled
set profiles signaling sipAdaptorProfile SBAOPT profileType messageManipulation
set profiles signaling sipAdaptorProfile SBAOPT rule 1 applyMatchHeader one
set profiles signaling sipAdaptorProfile SBAOPT rule 1 criterion 1 type message
set profiles signaling sipAdaptorProfile SBAOPT rule 1 criterion 1 message
set profiles signaling sipAdaptorProfile SBAOPT rule 1 criterion 1 message messageTypes requestAll
set profiles signaling sipAdaptorProfile SBAOPT rule 1 criterion 2 type header
set profiles signaling sipAdaptorProfile SBAOPT rule 1 criterion 2 header
set profiles signaling sipAdaptorProfile SBAOPT rule 1 criterion 2 header name From
set profiles signaling sipAdaptorProfile SBAOPT rule 1 criterion 2 header condition exist
set profiles signaling sipAdaptorProfile SBAOPT rule 1 criterion 2 header hdrInstance all
set profiles signaling sipAdaptorProfile SBAOPT rule 1 criterion 3 type token
set profiles signaling sipAdaptorProfile SBAOPT rule 1 criterion 3 token
set profiles signaling sipAdaptorProfile SBAOPT rule 1 criterion 3 token condition exist
set profiles signaling sipAdaptorProfile SBAOPT rule 1 criterion 3 token tokenType urihostname
set profiles signaling sipAdaptorProfile SBAOPT rule 1 action 1 type token
set profiles signaling sipAdaptorProfile SBAOPT rule 1 action 1 operation modify
set profiles signaling sipAdaptorProfile SBAOPT rule 1 action 1 from
set profiles signaling sipAdaptorProfile SBAOPT rule 1 action 1 from type value
set profiles signaling sipAdaptorProfile SBAOPT rule 1 action 1 from value <user_input1>
set profiles signaling sipAdaptorProfile SBAOPT rule 1 action 1 to
set profiles signaling sipAdaptorProfile SBAOPT rule 1 action 1 to type token
set profiles signaling sipAdaptorProfile SBAOPT rule 1 action 1 to tokenValue urihostname
set profiles signaling sipAdaptorProfile SBAOPT rule 2 applyMatchHeader one
set profiles signaling sipAdaptorProfile SBAOPT rule 2 criterion 1 type message
set profiles signaling sipAdaptorProfile SBAOPT rule 2 criterion 1 message
set profiles signaling sipAdaptorProfile SBAOPT rule 2 criterion 1 message messageTypes requestAll
set profiles signaling sipAdaptorProfile SBAOPT rule 2 criterion 2 type header
set profiles signaling sipAdaptorProfile SBAOPT rule 2 criterion 2 header
set profiles signaling sipAdaptorProfile SBAOPT rule 2 criterion 2 header name Contact
set profiles signaling sipAdaptorProfile SBAOPT rule 2 criterion 2 header condition exist
set profiles signaling sipAdaptorProfile SBAOPT rule 2 criterion 2 header hdrInstance all
set profiles signaling sipAdaptorProfile SBAOPT rule 2 criterion 3 type token
set profiles signaling sipAdaptorProfile SBAOPT rule 2 criterion 3 token
set profiles signaling sipAdaptorProfile SBAOPT rule 2 criterion 3 token condition exist
set profiles signaling sipAdaptorProfile SBAOPT rule 2 criterion 3 token tokenType urihostname
set profiles signaling sipAdaptorProfile SBAOPT rule 2 action 1 type token
set profiles signaling sipAdaptorProfile SBAOPT rule 2 action 1 operation modify
set profiles signaling sipAdaptorProfile SBAOPT rule 2 action 1 from
set profiles signaling sipAdaptorProfile SBAOPT rule 2 action 1 from type value
set profiles signaling sipAdaptorProfile SBAOPT rule 2 action 1 from value <user_input1>
set profiles signaling sipAdaptorProfile SBAOPT rule 2 action 1 to
set profiles signaling sipAdaptorProfile SBAOPT rule 2 action 1 to type token
set profiles signaling sipAdaptorProfile SBAOPT rule 2 action 1 to tokenValue urihostname
set profiles signaling sipAdaptorProfile SBAOPT rule 3 applyMatchHeader one
set profiles signaling sipAdaptorProfile SBAOPT rule 3 criterion 1 type message
set profiles signaling sipAdaptorProfile SBAOPT rule 3 criterion 1 message
set profiles signaling sipAdaptorProfile SBAOPT rule 3 criterion 1 message messageTypes requestAll
set profiles signaling sipAdaptorProfile SBAOPT rule 3 criterion 2 type header
set profiles signaling sipAdaptorProfile SBAOPT rule 3 criterion 2 header
set profiles signaling sipAdaptorProfile SBAOPT rule 3 criterion 2 header name From
set profiles signaling sipAdaptorProfile SBAOPT rule 3 criterion 2 header condition exist
set profiles signaling sipAdaptorProfile SBAOPT rule 3 criterion 2 header hdrInstance all
set profiles signaling sipAdaptorProfile SBAOPT rule 3 criterion 3 type token
set profiles signaling sipAdaptorProfile SBAOPT rule 3 criterion 3 token
set profiles signaling sipAdaptorProfile SBAOPT rule 3 criterion 3 token condition exist
set profiles signaling sipAdaptorProfile SBAOPT rule 3 criterion 3 token tokenType urihostname
set profiles signaling sipAdaptorProfile SBAOPT rule 3 action 1 type header
set profiles signaling sipAdaptorProfile SBAOPT rule 3 action 1 operation add
set profiles signaling sipAdaptorProfile SBAOPT rule 3 action 1 headerPosition last
set profiles signaling sipAdaptorProfile SBAOPT rule 3 action 1 from
set profiles signaling sipAdaptorProfile SBAOPT rule 3 action 1 from type value
set profiles signaling sipAdaptorProfile SBAOPT rule 3 action 1 from value "Ribbon SBCvirtual V10.01.01R002"
set profiles signaling sipAdaptorProfile SBAOPT rule 3 action 1 to
set profiles signaling sipAdaptorProfile SBAOPT rule 3 action 1 to type header
set profiles signaling sipAdaptorProfile SBAOPT rule 3 action 1 to value User-Agent

Anchor
SIP Trunk Group
SIP Trunk Group
SIP Trunk Group

Create a SIP Trunk Group towards the SBA and assign the corresponding profiles such as PSP and IPSP which were created in earlier steps.

Warning

You must configure Trunk Group names using capital letters.


Code Block
set addressContext default zone SBA_ZONE sipTrunkGroup SBA_TG media mediaIpInterfaceGroupName LIF1
set addressContext default zone SBA_ZONE sipTrunkGroup SBA_TG ingressIpPrefix 0.0.0.0 0 commit
commit

set addressContext default zone SBA_ZONE sipTrunkGroup SBA_TG policy callRouting elementRoutingPriority TEAMS_ERP
set addressContext default zone SBA_ZONE sipTrunkGroup SBA_TG policy callRouting digitParameterHandling ingressDmPmRule MODIFY_CALLED
set addressContext default zone SBA_ZONE sipTrunkGroup SBA_TG policy media packetServiceProfile TEAMS_PSP
set addressContext default zone SBA_ZONE sipTrunkGroup SBA_TG policy media toneAndAnnouncementProfile TEAMS_LRBT_PROF
set addressContext default zone SBA_ZONE sipTrunkGroup SBA_TG policy services classOfService DEFAULT_IP
set addressContext default zone SBA_ZONE sipTrunkGroup SBA_TG policy signaling ipSignalingProfile TEAMS_IPSP
set addressContext default zone SBA_ZONE sipTrunkGroup SBA_TG signaling relayNonInviteRequest enabled
set addressContext default zone SBA_ZONE sipTrunkGroup SBA_TG signaling messageManipulation outputAdapterProfile SBAOPT
set addressContext default zone SBA_ZONE sipTrunkGroup SBA_TG services natTraversal iceSupport iceWebrtc
set addressContext default zone SBA_ZONE sipTrunkGroup SBA_TG ingressIpPrefix 0.0.0.0 0
commit

Anchor
Z Routing Label
Z Routing Label
Routing Label

Create a Routing Label with a single Routing Label Route to bind the SBA Trunk Group with the SBA IP Peer.

Code Block
set global callRouting routingLabel SBA_RL routingLabelRoute 1 trunkGroup SBA_TG
set global callRouting routingLabel SBA_RL routingLabelRoute 1 ipPeer SBA
set global callRouting routingLabel SBA_RL routingLabelRoute 1 inService inService
commit

Anchor
ZOOM Call Routing
ZOOM Call Routing
Call Routing

To route all the calls coming from the Teams Direct Routing (DR) towards the Teams Survivable Branch Appliance (SBA), input the following command:

Info

Provide ceName used during an SBC deployment. "TEAMSSBA" is the ceName.


Code Block
set global callRouting route trunkGroup TEAMS_TG TEAMSSBA standard Sonus_NULL 1 all all ALL none Sonus_NULL routingLabel SBA_RL
commit

To route all the calls, coming from the Teams Survivable Branch Appliance (SBA) towards Teams Direct Routing (DR):

Code Block
set global callRouting route trunkGroup SBA_TG TEAMSSBA standard Sonus_NULL 1 all all ALL none Sonus_NULL routingLabel TEAMS_RL
commit


Note
  • DmPmRule is applied on SIP Trunk Group SBA_TG, since the call is originating from the SBA_TG for the calls from the Teams Survivable Branch Appliance (SBA) towards Teams Direct Routing (DR).
  • SBC Core configuration remains the same for Deployment Scenario 1 and 2.
  • Additional SBC Configurations required for Deployment scenarios are covered in Deployment Scenario 3 and Deployment Scenario 4.

Anchor
Section B
Section B
Section B: SBC Core Configuration for Deployment Scenario 3

Deployment Scenario 3 covers Teams Client 1 (behind vSBA1) calling Teams Client 2 (behind vSBA2).

This Deployment Scenario would require 2 Microsoft vSBAs, nomenclature used is vSBA1 and vSBA2. The user must configure a new Zone, SIP Signaling Port, IP Peer, SIP Trunk Group, Routing Label, and Call Routing for vSBA2.

Microsoft SBA2 Leg Configuration

Create profiles with a specific set of characteristics corresponding to the Microsoft SBA2. This includes the configuration of the following entities on the Microsoft SBA2 leg:

Zone

SIP Signaling Port

IP Peer

SIP Trunk Group

Routing Label

Call Routing

Anchor
Zone
Zone
Zone

Create a Zone towards the SBA and specify the ID of the zone.

Info

This Zone groups the set of objects used for communication towards the SBA.


Code Block
set addressContext default zone SBA2_ZONE id 30
commit

Anchor
SIP Signaling Port
SIP Signaling Port
SIP Signaling Port

Set the SIP Signaling port, which is a logical address used to send and receive SIP call signaling packets and is permanently bound to a specific zone.

Info

Replace "x.x.x.x" with the SIP Signaling Port IP address of the SBC towards the SBA2.


Code Block
set addressContext default zone SBA2_ZONE sipSigPort 31 ipInterfaceGroupName LIF2
set addressContext default zone SBA2_ZONE sipSigPort 31 ipAddressV4 x.x.x.x
set addressContext default zone SBA2_ZONE sipSigPort 31 portNumber 5060
set addressContext default zone SBA2_ZONE sipSigPort 31 tlsProfileName SBA_TLS
set addressContext default zone SBA2_ZONE sipSigPort 31 transportProtocolsAllowed sip-tls-tcp
set addressContext default zone SBA2_ZONE sipSigPort 31 mode inService
set addressContext default zone SBA2_ZONE sipSigPort 31 state enabled
commit


Note

Attach the TLS Profile created earlier in Configure SBC for TLS.


Warning

There are a few areas that result in a TLS negotiation issue. One area involves assigning the incorrect port. Ensure the following are accomplished: 

  • SBA listens on port number 5061 (default setting).

  • Configure port number 5060 on the SBC IP-Peer, since Ribbon SBC Core increments the port by 1 when the transport protocol is TLS.

Anchor
IP Peer
IP Peer
IP Peer

Create an IP Peer with the signaling fqdn of the SBA2 and assign it to the SBA2 Zone.

Info

Replace "x.x.x.x"  with the SBA2 fqdn.


Code Block
set addressContext default zone SBA2_ZONE ipPeer SBA2 policy description ""
set addressContext default zone SBA2_ZONE ipPeer SBA2 policy sip fqdn X.X.X.X
set addressContext default zone SBA2_ZONE ipPeer SBA2 policy sip fqdnPort 5060
set addressContext default zone SBA2_ZONE ipPeer SBA2 pathCheck profile SBA_OPTIONS
set addressContext default zone SBA2_ZONE ipPeer SBA2 pathCheck hostName X.X.X.X
set addressContext default zone SBA2_ZONE ipPeer SBA2 pathCheck hostPort 5060
set addressContext default zone SBA2_ZONE ipPeer SBA2 pathCheck state enabled
commit

SIP Message Manipulation (SMM)

The Microsoft SBA expects the fqdn in the From and Contact header of the OPTIONS message. Replace <user_input1> with the SBC's fqdn1 and <user_input2> with the SBC's fqdn2 in the SMM below.

  • rule 1 - replace the From header SBC's sipSigPort IP towards vSBA1 with the SBC's  fqdn1 and SBC's sipSigPort IP towards vSBA2 with the SBC's  fqdn2 .
  • rule 2 - replace the Contact header SBC's sipSigPort IP towards vSBA1 with the SBC's  fqdn1 and SBC's sipSigPort IP towards vSBA2 with the SBC's  fqdn2.
  • rule 3 - add the User Agent header.


Code Block
set profiles signaling sipAdaptorProfile TESTOPT state enabled
set profiles signaling sipAdaptorProfile TESTOPT advancedSMM disabled
set profiles signaling sipAdaptorProfile TESTOPT profileType messageManipulation
set profiles signaling sipAdaptorProfile TESTOPT rule 1 applyMatchHeader one
set profiles signaling sipAdaptorProfile TESTOPT rule 1 criterion 1 type message
set profiles signaling sipAdaptorProfile TESTOPT rule 1 criterion 1 message
set profiles signaling sipAdaptorProfile TESTOPT rule 1 criterion 1 message messageTypes requestAll
set profiles signaling sipAdaptorProfile TESTOPT rule 1 criterion 2 type header
set profiles signaling sipAdaptorProfile TESTOPT rule 1 criterion 2 header
set profiles signaling sipAdaptorProfile TESTOPT rule 1 criterion 2 header name From
set profiles signaling sipAdaptorProfile TESTOPT rule 1 criterion 2 header condition exist
set profiles signaling sipAdaptorProfile TESTOPT rule 1 criterion 2 header hdrInstance all
set profiles signaling sipAdaptorProfile TESTOPT rule 1 criterion 3 type token
set profiles signaling sipAdaptorProfile TESTOPT rule 1 criterion 3 token
set profiles signaling sipAdaptorProfile TESTOPT rule 1 criterion 3 token condition exist
set profiles signaling sipAdaptorProfile TESTOPT rule 1 criterion 3 token tokenType urihostname
set profiles signaling sipAdaptorProfile TESTOPT rule 1 action 1 type header
set profiles signaling sipAdaptorProfile TESTOPT rule 1 action 1 operation regsub
set profiles signaling sipAdaptorProfile TESTOPT rule 1 action 1 headerInfo headerValue
set profiles signaling sipAdaptorProfile TESTOPT rule 1 action 1 from
set profiles signaling sipAdaptorProfile TESTOPT rule 1 action 1 from type value
set profiles signaling sipAdaptorProfile TESTOPT rule 1 action 1 from value <user_input1>
set profiles signaling sipAdaptorProfile TESTOPT rule 1 action 1 to
set profiles signaling sipAdaptorProfile TESTOPT rule 1 action 1 to type header
set profiles signaling sipAdaptorProfile TESTOPT rule 1 action 1 to value From
set profiles signaling sipAdaptorProfile TESTOPT rule 1 action 1 regexp
set profiles signaling sipAdaptorProfile TESTOPT rule 1 action 1 regexp string 10.54.23.23
set profiles signaling sipAdaptorProfile TESTOPT rule 1 action 1 regexp matchInstance all
set profiles signaling sipAdaptorProfile TESTOPT rule 1 action 2 type header
set profiles signaling sipAdaptorProfile TESTOPT rule 1 action 2 operation regsub
set profiles signaling sipAdaptorProfile TESTOPT rule 1 action 2 headerInfo headerValue
set profiles signaling sipAdaptorProfile TESTOPT rule 1 action 2 from
set profiles signaling sipAdaptorProfile TESTOPT rule 1 action 2 from type value
set profiles signaling sipAdaptorProfile TESTOPT rule 1 action 2 from value <user_input2>
set profiles signaling sipAdaptorProfile TESTOPT rule 1 action 2 to
set profiles signaling sipAdaptorProfile TESTOPT rule 1 action 2 to type header
set profiles signaling sipAdaptorProfile TESTOPT rule 1 action 2 to value From
set profiles signaling sipAdaptorProfile TESTOPT rule 1 action 2 regexp
set profiles signaling sipAdaptorProfile TESTOPT rule 1 action 2 regexp string 10.54.23.18
set profiles signaling sipAdaptorProfile TESTOPT rule 1 action 2 regexp matchInstance all
set profiles signaling sipAdaptorProfile TESTOPT rule 2 applyMatchHeader one
set profiles signaling sipAdaptorProfile TESTOPT rule 2 criterion 1 type message
set profiles signaling sipAdaptorProfile TESTOPT rule 2 criterion 1 message
set profiles signaling sipAdaptorProfile TESTOPT rule 2 criterion 1 message messageTypes requestAll
set profiles signaling sipAdaptorProfile TESTOPT rule 2 criterion 2 type header
set profiles signaling sipAdaptorProfile TESTOPT rule 2 criterion 2 header
set profiles signaling sipAdaptorProfile TESTOPT rule 2 criterion 2 header name Contact
set profiles signaling sipAdaptorProfile TESTOPT rule 2 criterion 2 header condition exist
set profiles signaling sipAdaptorProfile TESTOPT rule 2 criterion 2 header hdrInstance all
set profiles signaling sipAdaptorProfile TESTOPT rule 2 criterion 3 type token
set profiles signaling sipAdaptorProfile TESTOPT rule 2 criterion 3 token
set profiles signaling sipAdaptorProfile TESTOPT rule 2 criterion 3 token condition exist
set profiles signaling sipAdaptorProfile TESTOPT rule 2 criterion 3 token tokenType urihostname
set profiles signaling sipAdaptorProfile TESTOPT rule 2 action 1 type header
set profiles signaling sipAdaptorProfile TESTOPT rule 2 action 1 operation regsub
set profiles signaling sipAdaptorProfile TESTOPT rule 2 action 1 headerInfo headerValue
set profiles signaling sipAdaptorProfile TESTOPT rule 2 action 1 from
set profiles signaling sipAdaptorProfile TESTOPT rule 2 action 1 from type value
set profiles signaling sipAdaptorProfile TESTOPT rule 2 action 1 from value <user_input1>
set profiles signaling sipAdaptorProfile TESTOPT rule 2 action 1 to
set profiles signaling sipAdaptorProfile TESTOPT rule 2 action 1 to type header
set profiles signaling sipAdaptorProfile TESTOPT rule 2 action 1 to value Contact
set profiles signaling sipAdaptorProfile TESTOPT rule 2 action 1 regexp
set profiles signaling sipAdaptorProfile TESTOPT rule 2 action 1 regexp string 10.54.23.23
set profiles signaling sipAdaptorProfile TESTOPT rule 2 action 1 regexp matchInstance all
set profiles signaling sipAdaptorProfile TESTOPT rule 2 action 2 type header
set profiles signaling sipAdaptorProfile TESTOPT rule 2 action 2 operation regsub
set profiles signaling sipAdaptorProfile TESTOPT rule 2 action 2 headerInfo headerValue
set profiles signaling sipAdaptorProfile TESTOPT rule 2 action 2 from
set profiles signaling sipAdaptorProfile TESTOPT rule 2 action 2 from type value
set profiles signaling sipAdaptorProfile TESTOPT rule 2 action 2 from value <user_input2>
set profiles signaling sipAdaptorProfile TESTOPT rule 2 action 2 to
set profiles signaling sipAdaptorProfile TESTOPT rule 2 action 2 to type header
set profiles signaling sipAdaptorProfile TESTOPT rule 2 action 2 to value Contact
set profiles signaling sipAdaptorProfile TESTOPT rule 2 action 2 regexp
set profiles signaling sipAdaptorProfile TESTOPT rule 2 action 2 regexp string 10.54.23.18
set profiles signaling sipAdaptorProfile TESTOPT rule 2 action 2 regexp matchInstance all
set profiles signaling sipAdaptorProfile TESTOPT rule 3 applyMatchHeader one
set profiles signaling sipAdaptorProfile TESTOPT rule 3 criterion 1 type message
set profiles signaling sipAdaptorProfile TESTOPT rule 3 criterion 1 message
set profiles signaling sipAdaptorProfile TESTOPT rule 3 criterion 1 message messageTypes requestAll
set profiles signaling sipAdaptorProfile TESTOPT rule 3 criterion 2 type header
set profiles signaling sipAdaptorProfile TESTOPT rule 3 criterion 2 header
set profiles signaling sipAdaptorProfile TESTOPT rule 3 criterion 2 header name From
set profiles signaling sipAdaptorProfile TESTOPT rule 3 criterion 2 header condition exist
set profiles signaling sipAdaptorProfile TESTOPT rule 3 criterion 2 header hdrInstance all
set profiles signaling sipAdaptorProfile TESTOPT rule 3 criterion 3 type token
set profiles signaling sipAdaptorProfile TESTOPT rule 3 criterion 3 token
set profiles signaling sipAdaptorProfile TESTOPT rule 3 criterion 3 token condition exist
set profiles signaling sipAdaptorProfile TESTOPT rule 3 criterion 3 token tokenType urihostname
set profiles signaling sipAdaptorProfile TESTOPT rule 3 action 1 type header
set profiles signaling sipAdaptorProfile TESTOPT rule 3 action 1 operation add
set profiles signaling sipAdaptorProfile TESTOPT rule 3 action 1 headerPosition last
set profiles signaling sipAdaptorProfile TESTOPT rule 3 action 1 from
set profiles signaling sipAdaptorProfile TESTOPT rule 3 action 1 from type value
set profiles signaling sipAdaptorProfile TESTOPT rule 3 action 1 from value "Ribbon SBCvirtual V10.01.01R002"
set profiles signaling sipAdaptorProfile TESTOPT rule 3 action 1 to
set profiles signaling sipAdaptorProfile TESTOPT rule 3 action 1 to type header
set profiles signaling sipAdaptorProfile TESTOPT rule 3 action 1 to value User-Agent

Anchor
SIP Trunk Group
SIP Trunk Group
SIP Trunk Group

Create a SIP Trunk Group towards the SBA2 and assign corresponding profiles such as PSP and IPSP which were created in earlier steps.

Warning

You must configure Trunk Group names using capital letters.


Code Block
set addressContext default zone SBA2_ZONE sipTrunkGroup SBA2_TG media mediaIpInterfaceGroupName LIF1
set addressContext default zone SBA2_ZONE sipTrunkGroup SBA2_TG ingressIpPrefix 0.0.0.0 0 commit
commit

set addressContext default zone SBA_ZONE sipTrunkGroup SBA2_TG policy callRouting elementRoutingPriority TEAMS_ERP
set addressContext default zone SBA_ZONE sipTrunkGroup SBA2_TG policy media packetServiceProfile TEAMS_PSP
set addressContext default zone SBA_ZONE sipTrunkGroup SBA2_TG policy media toneAndAnnouncementProfile TEAMS_LRBT_PROF
set addressContext default zone SBA_ZONE sipTrunkGroup SBA2_TG policy services classOfService DEFAULT_IP
set addressContext default zone SBA_ZONE sipTrunkGroup SBA2_TG policy signaling ipSignalingProfile TEAMS_IPSP
set addressContext default zone SBA_ZONE sipTrunkGroup SBA2_TG signaling relayNonInviteRequest enabled
set addressContext default zone SBA_ZONE sipTrunkGroup SBA2_TG signaling messageManipulation outputAdapterProfile TESTOPT
set addressContext default zone SBA_ZONE sipTrunkGroup SBA2_TG services natTraversal iceSupport iceWebrtc
set addressContext default zone SBA_ZONE sipTrunkGroup SBA2_TG ingressIpPrefix 0.0.0.0 0
commit

Anchor
Z Routing Label
Z Routing Label
Routing Label

Create a Routing Label with a single Routing Label Route to bind the SBA2 Trunk Group with the SBA2 IP Peer.

Code Block
set global callRouting routingLabel SBA2_RL routingLabelRoute 1 trunkGroup SBA2_TG
set global callRouting routingLabel SBA2_RL routingLabelRoute 1 ipPeer SBA2
set global callRouting routingLabel SBA2_RL routingLabelRoute 1 inService inService
commit

Anchor
ZOOM Call Routing
ZOOM Call Routing
Call Routing

Route all the calls coming from the vSBA1 towards the vSBA2.

Info

Provide ceName used during an SBC deployment. "TEAMSSBA" is the ceName.


Code Block
set global callRouting route trunkGroup SBA_TG TEAMSSBA standard Sonus_NULL 1 all all ALL none Sonus_NULL routingLabel SBA2_RL
commit

Anchor
Section C
Section C
Section C: SBC Core Configuration for Deployment Scenario 4

In this deployment scenario, PSTN calls Teams Client 2 behind vSBA2. The call flow is as follows:

  • SBC Core receives the INVITE from PSTN and sends it to vSBA1.
  • vSBA1 responds with 4xx error response to SBC Core.
  • SBC Core sends the INVITE to vSBA2.
  • vSBA2 sends the INVITE to Teams Client 2.

Crankback Profile

The crankback profile is used in the existing deployment scenario to route the call to vSBA2, when the vSBA1 sends the 4xx error response.

Code Block
set profiles callRouting crankbackProfile C1 lateCrankback enabled
set profiles callRouting crankbackProfile C1 reason 18
set profiles callRouting crankbackProfile C1 reason 31
commit

The crankback profile needs to be attached to the PSTN trunk group as follows:

Code Block
set addressContext default zone PSTN_ZONE sipTrunkGroup PSTN_TG callRouting crankBackProfile C1
commit

Routing Label 

Routing Label for this deployment scenario would be as mentioned below:

Code Block
set global callRouting routingLabel SBA_REDUNDANCY_RL routingLabelRoute 1 trunkGroup SBA_TG ipPeer SBA inService inService
set global callRouting routingLabel SBA_REDUNDANCY_RL routingLabelRoute 2 trunkGroup SBA2_TG ipPeer SBA2 inService inService
commit

Call Route

Code Block
set global callRouting route trunkGroup PSTN_TG TEAMSSBA standard Sonus_NULL 1 all all ALL none Sonus_NULL routingLabel SBA_REDUNDANCY_RL
commit


Anchor
Section D
Section D
Section D: Microsoft SBA Configuration

For information on configuring the Survivable Branch Appliance (SBA) for Direct Routing refer to following link:

https://learn.microsoft.com/en-us/microsoftteams/direct-routing-survivable-branch-appliance

For the Prerequisites, Installation and Configuring the Direct Routing SBA refer to following link:

https://doc.rbbn.com/display/UXDOC110/Best+Practice+-+Configure+Direct+Routing+Virtual+Survivable+Branch+Appliance#

Anchor
Prereq
Prereq
Prerequisites

For Prerequisites on Direct routing SBA, refer to the following link:

https://doc.rbbn.com/display/UXDOC110/Best+Practice+-+Configure+Direct+Routing+Virtual+Survivable+Branch+Appliance#BestPracticeConfigureDirectRoutingVirtualSurvivableBranchAppliance-Prerequisites

Anchor
Installation
Installation
Installation

For Installation on Direct routing SBA refer to Step 1 in the following link:

https://doc.rbbn.com/display/UXDOC110/Best+Practice+-+Configure+Direct+Routing+Virtual+Survivable+Branch+Appliance#BestPracticeConfigureDirectRoutingVirtualSurvivableBranchAppliance-Step1:InstallVirtualSBASoftware

Anchor
Configuration
Configuration
Configuration

For Configuring on Direct routing SBA refer to Step 2 in the following link:

https://doc.rbbn.com/display/UXDOC110/Best+Practice+-+Configure+Direct+Routing+Virtual+Survivable+Branch+Appliance#BestPracticeConfigureDirectRoutingVirtualSurvivableBranchAppliance-Step2:SetuptheOffice365DirectRoutingvSBA

Info


Warning

As SWe Core would be interacting with Virtual Survivable Branch Appliance (vSBA) in the current deployment scenario, configuring Step 3: Configure SBC SWe Edge is not required, as this step is strictly for deployment scenarios involving Ribbon SWe Edge and vSBA.

           

 
Anchor
Supplementary
Supplementary
Supplementary Services and Features Coverage

The following checklist depicts the set of services/features covered through the configuration defined in this Interop Guide. 

Sr. No.Supplementary Features/ServicesCoverage
1Teams Client 1 (behind Direct Routing) calls Teams Client 2 (behind vSBA1)

2Teams Client 2 (behind vSBA1) calls Teams Client 1 (behind Direct Routing)

3Teams Client 1 (behind vSBA1) calls Teams client 2 behind vSBA2

44xx vSBA redirecting scenario *


Legend

Supported

Not Supported
 N/ANot Applicable

* PSTN Calls vSBA1, vSBA1 sends 4xx error response to SWe Core, SWe Core sends call to Teams Client 2 behind vSBA2.

Caveats

The following items have been observed during this Interop - these are either limitations, untested elements, or useful information pertaining to the Interoperability.

  • If the site loses internet connectivity and the service provider accesses the same internet connection, then the call will still fail because there is no path to the SIP trunk.
  • Microsoft does not support LMO in vSBA deployments.

Support

For any support related queries about this guide, contact your local Ribbon representative, or use the details below:

References

For detailed information about Ribbon products & solutions, go to :

https://ribboncommunications.com/products

For information about microsoft products & solutions, go to:

https://docs.microsoft.com/en-us/microsoftteams/

Conclusion

This Interoperability Guide describes a successful configuration of the Microsoft SBA interoperability with Ribbon SBC Core for Wells Fargo deployments.

All features and capabilities tested are detailed within this document - any limitations, notes or observations are also recorded in order to provide the reader with an accurate understanding of what has been covered, and what has not.

Configuration guidance is provided to enable the reader to replicate the same base setup - there maybe additional configuration changes required to suit the exact deployment environment.




© 2023 Ribbon Communications Operating Company, Inc. © 2023 ECI Telecom Ltd. All rights reserved.