Section |
---|
Info |
---|
| This document details a complete implmentation implementation of the SBC's RBA Feature |
|
...
Prerequisites
Tip |
---|
Assumes the user is familiar with navigating the SBCx000's WebUI |
...
Note |
---|
The RBA Feature is included only in SBC version 3.0 or betternewer. |
SBC Configuration
This quick start document shows the steps and interlational parameters required to configure a UX to successfully route calls. The configuration process of a UX should always begin with running a wizard; however, the wizard only needs to be run for the very first configuration.
Tip |
---|
There are many different architectures which might be used for connecting remote sites to a main site. The manual pages for this 3G4G feature specify a VLAN switch with the 3G4G and WAN networks sharing a single port of the UX. The implementation below uses a 3G4G router connected to the remote LAN segment, thus dedicating the WAN connection to a SBC port. This configuration elminates then need for a VLAN-capable switch. |
Network Diagram
Panel |
---|
|
Caption |
---|
| Image Modified |
|
Before Beginning
As a prerequisite to installing the RBA feature, check the following items:
...
Configure Send STUN Packets to Enabled in the Media | Media System Configuration.
Panel |
---|
|
Caption |
---|
| Image Modified |
|
RBA Image
Tip |
---|
If your HQ-side SBC was running version 2.2, you will need upgrade both the ASM image as well as the SBC firmware. The latest ASM image is available at support.net.com. |
...
Under the Tasks Tab | Application Solution Module | Reinitialize the pull-down selection will supply the possible images currently available on your ASM. Update your ASM images if you are implementing Lync Server 2013 and there is no Lync 2013 image available on your ASM.
Panel |
---|
|
Caption |
---|
| Image Modified |
|
Check the RBA License
Verify that your SBC is licensed for the RBA feature.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Check RBA License |
---|
| Image Modified |
|
DNS Configuration
Add both SBCs to the DNS server. In the example, SBC2000 is the HQ SBC and SBC1000 is the remote network SBC. The DNS server is configured only with the LAN-side IP addresses of these nodes, 10.1.1.74 and 10.1.2.71, respectively.
...
- Remote-network SBC
- HQ SBC
- HQ ASM
- Lync Server
Image Removed
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | DNS Configuration |
---|
| Image Added |
|
Lync Server Topology Configuration
...
Open the Lync Topology Builder
Start the Topo Builder
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Start Topology Builder |
---|
| Image Modified |
|
Enter Login Credentials
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Login Credentials |
---|
| Image Modified |
|
Download the Topology
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Download Topology |
---|
| Image Modified |
|
Specify a Filename
Image RemovedConfirm ChangesImage Removed
New Branch Site
| Image Added |
|
Confirm Changes
Panel |
---|
|
Caption |
---|
| Image Added |
|
New Branch Site
Add Add a new Branch Site. In the example, Taveuni is the new remote branch.
Right-click on Branch Sites and select New Branch Site
Panel |
---|
|
Caption |
---|
| Image Modified |
|
Enter the remote site identity
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Remote Site Identity |
---|
| Image Modified |
|
Configure the site details
Image Removed
New PSTN Gateway
Caption |
---|
| Image Added |
|
New PSTN Gateway
Add sbc1000.Add sbc1000.sbc.net as Taveuni's PSTN Gateway.
Panel |
---|
|
Caption |
---|
| Image Modified |
|
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Define PSTN Gateway |
---|
| Image Modified |
|
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Define IP Address |
---|
| Image Modified |
|
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Define Root Trunk |
---|
| Image Modified |
|
info
Info |
---|
The RBA function requires media bypass, which, in turn requires TLS/SRTP. Later this document, the remote PSTN gateway will be re-configured from TCP/RTP to TLS/SRTP. Employing the simplier TCP/RTP model will help ease the implementation by providing a phased approach to the implementation. |
...
Finally, Publish the newly configured topology.
Panel |
---|
|
Caption |
---|
| Image Modified |
|
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Publishing Wizard Complete |
---|
| Image Modified |
|
Lync Server Configuration
Create a new Site Voice Policy
Click New
Panel |
---|
|
Caption |
---|
| Image Modified |
|
Add a Site Policy
Panel |
---|
|
Caption |
---|
| Image Modified |
|
Select the remote site you just added to the Lync topology.
Image Removed |
Add a new PSTN Usage
Image Removed |
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Select Remote Site |
---|
| Image Added |
|
Add a new PSTN Usage
Panel |
---|
|
Caption |
---|
| Image Added |
|
Supply Supply a Name and Add a Route
Panel |
---|
|
Caption |
---|
| Image Modified |
|
Configure a call route pattern
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Configure Call Route Pattern |
---|
| Image Modified |
|
Add a Trunk
Panel |
---|
|
Caption |
---|
| Image Modified |
|
Choose the newly added remote-network SBC
Panel |
---|
|
Caption |
---|
| Image Modified |
|
Click OKat each of the configuration layers
Image Removed |
Image Removed |
Image Removed |
Commit New Site Voice Policy
Commit the changes to the Voice Policy
Click the Commit pulldown and Commit All
Image Removed |
Click OK
Image Removed |
Verify Route and PSTN Usage
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Configuration Level 1 |
---|
| Image Added |
|
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Configuration Level 2 |
---|
| Image Added |
|
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Configuration Level 3 |
---|
| Image Added |
|
Commit New Site Voice Policy
Commit the changes to the Voice Policy
Click the Commit pulldown and Commit All
Panel |
---|
|
Caption |
---|
| Image Added |
|
Click OK.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | OK Configuration Settings |
---|
| Image Added |
|
Verify Route and PSTN Usage
Verify the Route and Verify the Route and PSTN Usages were added properly in the previous steps.
In the top navigation bar, click Route. Ensure that the route was added.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Ensure Route Added |
---|
| Image Modified |
|
In the top navigation bar, click PSTN Usage. Ensure that the PSTN Usage was added.
Image RemovedUsage. Ensure that the PSTN Usage was added.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Ensure PSTN Usage Added |
---|
| Image Added |
|
Create a User New Dial Plan
...
Click Dial Plan in the top navigation. Click New_and select _New User Plan.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | New User Dial Plan |
---|
| Image Modified |
|
Enter the information for your site and click OK.
Panel |
---|
|
Caption |
---|
| Image Modified |
|
Create A New User Voice Policy
...
Click Voice Policy in the top navigation. Click New and select User Policy.
Panel |
---|
|
Caption |
---|
| Image Modified |
|
Fill in the form as shown using information for your particular installation.
Image Removedinstallation.
Panel |
---|
|
Caption |
---|
| Image Added |
|
Click New under Associated PSTN Usages.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | New Associated PSTN Usages |
---|
| Image Modified |
|
Create a New PSTN Usage
Create a PSTN Usage to be used with the User-level policies.
Create a New PSTN Usage record.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Create PSTN Usage Record |
---|
| Image Modified |
|
Enter your site-specific configuration information.
Image Removed |
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Enter Configuration Information |
---|
| Image Added |
|
Click Add for Associated Trunk
Click Add for | Image Modified |
|
Select the remote-network SBC gateway
Image Removed |
Panel |
---|
|
Caption |
---|
| Image Added |
|
Click OKfor all the configuration layers.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Configuration Level 1 |
---|
| Image Added |
|
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Configuration Level 2 |
---|
| Image Added |
|
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Configuration Level 3 |
---|
| Image Added |
|
Click OKfor all the configuration layers.
Image Removed |
Image Removed |
Image Removed
Commit Changes
Commit the additions to your Lync configuration.
Click the Commit pulldown, then select Commit All.
Panel |
---|
|
Caption |
---|
| Image Modified |
|
Click OK.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | OK Configuration Settings |
---|
| Image Added |
|
Verify the Route was added.
Image Removed Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Verify Route Added |
---|
| Image Added |
|
Verify the Route PSTN Usagewas added.
Image Removed the was added. | Image Modified |
|
Add or Move a User into the
...
New Remote Location
You will need to have a user homed to the remote-network location.
Click Users in the left-hand navigation. Enter the name of the user to move to the remote network and click Find.
Panel |
---|
|
Caption |
---|
| Image Modified |
|
In the Edit pulldown, select Show Details.
Panel |
---|
|
Caption |
---|
| Image Modified |
|
Set the Dial Plan and Voice Policy of the user to thos of the remote network Userpolicies.
Image Removed Userpolicies.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Edit Lync Server User |
---|
| Image Added |
|
Configure the Network Configuration
...
Click Network Configuration in the left-hand navigation. Click Global in the top navigation, click the Edit pulldown, and select Show Details.
Panel |
---|
|
Caption |
---|
| Image Modified |
|
Ensure that the CAC and Bypass options are selected. Change the settings and commit, if necessary.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Edit Global Setting |
---|
| Image Modified |
|
Create a
...
New Bandwidth Policy
Create a Bandwidth Policy to be used to control the CAC from the RBA function.
Click Bandwidth Policy in the top navigation and select New.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | New Bandwidth Policy |
---|
| Image Modified |
|
Enter the bandwidth specification for your remote network link, then click Commit.
Image Removed Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Enter Bandwidth Specification |
---|
| Image Added |
|
Create a
...
New Region
Create regions to be used with the RBA feature. There will be a region for the HQ, as well as the remote-network.
Click Region in the top navigation and select New.
Panel |
---|
|
Caption |
---|
| Image Modified |
|
Add a record for the remote region and Commit.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Remote Region Record |
---|
| Image Modified |
|
Click New New to add the second region.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Add Second Region |
---|
| Image Modified |
|
Add a record for the HQ site and Commit.
Panel |
---|
|
Caption |
---|
| Image Added |
|
Add a record for the HQ site and Commit.
Image Removed
Create a new Site
Create sites to be used for the RBA function. Again, there will be a HQ site, as well as a remote site.
Click Site in the top navigation and select New.
Panel |
---|
|
Caption |
---|
| Image Modified |
|
Enter the information for your remote site. Click Commit.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Remote Site Information |
---|
| Image Modified |
|
Click New and enter the information for your HQ site. Click Commit.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | HQ Site Information |
---|
| Image Modified |
|
Create
...
New Subnets
IP addresses are used by the Lync Server to identify the origin of a Lync client. Create subnet records for both the HQ and remote network sites.
Click Subnet in the top navigation and select New.
Image Removed New.
Panel |
---|
|
Caption |
---|
| Image Added |
|
Enter the IP network information for the remote network.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | IP Network Information - Remote Network |
---|
| Image Modified |
|
Click Newand enter the IP network information for the HQ network.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | IP Network Information - HQ Network |
---|
| Image Modified |
|
Create a Region Link
Create a Region Link between the sites.
Click Region Link in the top navigation and select New.
Panel |
---|
|
Caption |
---|
| Image Modified |
|
Using the pulldowns, select the HQ Region, the Remote Region and the Bandwidth Policy profile you previously created.
Image Removedpreviously created.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Select From Pulldowns |
---|
| Image Added |
|
Create a
...
New Region Route
Create a Region Route for the Region Link.
Click Region Route in the top navigation and select New.
Panel |
---|
|
Caption |
---|
| Image Modified |
|
Add the Network Regions as shown and add the newly created Region Link.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Add Network Regions |
---|
| Image Modified |
|
Domain Controller Configuration
...
On the Domain Controller, open the Server Manager
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Open Server Manager |
---|
| Image Modified |
|
Add a new computer to Active Directory. You should have already selected a FQDN for the ASM module during the DNS Configuration section.
Image Removedsection.
Panel |
---|
|
Caption |
---|
| Image Added |
|
Input the name of the ASM computer
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Input Name of ASM Computer |
---|
| Image Modified |
|
Add the computer to the RTCUniversalServerAdminsgroup
Image Removed |
Click OK
Image Removed |
RTCUniversalServerAdminsgroup
Panel |
---|
|
Caption |
---|
| Image Added |
|
Click OK
Panel |
---|
|
Caption |
---|
| Image Added |
|
Click OK
Panel |
---|
|
Caption |
---|
| Image Added |
|
Click OK
Image Removed
Configuring the RBA
Tip |
---|
Have you added the RBA as a computer in the Domain Controller and made it part of the RTCUniversalServerAdmins group? |
Verify the ASM Board is Available using the Tasks Tab | Operational Statusselection
Panel |
---|
|
Caption |
---|
| Image Modified |
|
Click Setup SBA in the left-hand navigation
Panel |
---|
|
Caption |
---|
| Image Modified |
|
Click the ASM Config Tab and supply the information for your ASM. Click Apply.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Apply ASM Information |
---|
| Image Modified |
|
Click the Domain tab and supply the domain information for your network. Click OK. It will take a minutes to add the ASM to the domain and reboot.
Image Removedthe domain and reboot.
Panel |
---|
|
Caption |
---|
| Image Added |
|
The Current Activity Panel will show when the domain join and rebooting processes are complete
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Current Activity Panel |
---|
| Image Modified |
|
Click the Deploy SBA tab and select Prepare SBA. This will install the necessary components for the ASM to process the CAC changes supplied by the remote-network SBC. It will take approximately 30 minutes for the installation to complete.
Panel |
---|
|
Caption |
---|
| Image Modified |
|
Info |
---|
The RBA requires only the Prep SBA step. The other SBA deployment steps are not required. |
...
Ensuring the WAN and IPsec traffic use the appropriate routes is crucial to successful RBA failover.
SBC 1000 Static Routes
Click the Settings Tab and select Static Routes as shown in the diagram
Panel |
---|
|
Caption |
---|
| Image Modified |
|
On the remote-network SBC, add a Static IP Route
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Add Static IP Route |
---|
| Image Added |
|
Image Removed
Create a default route that points to the WAN interface on the HQ SBC. Set the Metric to 1.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Create Default Route - Metric 1 |
---|
| Image Modified |
|
Create another default route that points to the IPSec IPsec interface on the HQ SBC. Set the Metric to 2.
Tip |
---|
Default routes are required for the automated routing failover to function. Only use default routes. |
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Create Default Route - Metric 2 |
---|
| Image Modified |
|
Verify the newly added static routes
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Verify Static Routes |
---|
| Image Modified |
|
SBC 2000 Static Routes
On the HQ SBC, add specific subnet routes that point to the remote-network. One route should use the remote-network SBC's WAN connection (metric 1), the other should point to the Internet gateway (metric 2).
- When the WAN is up, the WAN-specific route to the remote-network will be used.
- When the WAN is down, the default Internet router will be used to send the traffic via the 3G4G carrier network.network.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Static IP Route Table |
---|
| Image Added |
|
Image Removed
SIP Server Tables and Signaling Groups
...
Click SIP Server Tablesin the left-hand navigation
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | SIP Server Tables |
---|
| Image Modified |
|
Add a SIP Server Table
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Add SIP Server Table |
---|
| Image Modified |
|
Enter a description and click Apply.
Image Removed |
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Apply Description |
---|
| Image Added |
|
Click the newly added SIP Server Table
Click the newly added | Image Modified |
|
Enter the information for the HQ SBC
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | HQ SBC Information |
---|
| Image Modified |
|
SBC 1000 Signaling Groups
Click Signaling Groupsin the left-hand navigation. Add a Signaling Group for the HQ SBC.
Panel |
---|
|
Caption |
---|
| Image Modified |
|
Add the information to the newly added SG.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Add SG Information |
---|
| Image Modified |
|
SBC 2000 SIP Server Table
On the HQ SBC, add a SIP Server Table that points to the remote-network SBC
Image RemovedSBC
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Add SIP Server Table |
---|
| Image Added |
|
SCB 2000 Signaling Groups
On the HQ SBC, add a Signaling Group that points to the remote-network SBC
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Add Signaling Group |
---|
| Image Modified |
|
On both SBCs, ensure that the Signaling Groups come Up
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Ensure Signaling Groups Come Up - SBC 1000 |
---|
| Image Modified |
|
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Ensure Signaling Groups Come Up - SBC 2000 |
---|
| Image Modified |
|
Verification
Verifying Routing
On the HQ SBC, verify that the Routing Table shows the route to the remote network using the WAN IP address of the remote SBC. In this case, the route to 10.1.2.0 (remote network) uses the remote SBC's 134.56.242.16 as the gateway..
Panel |
---|
|
Caption |
---|
| Image Modified |
|
Testing Connectivity over the WAN Link
...
At this point you should be able to call Lync-to-Lync over the WAN.
Creating the
...
IPsec Tunnel
Use the following steps to configure an IPsec tunnel between the remote and HQ SBCs.
SBC1000
...
IPsec Configuration
The following steps configure the remote SBC to generate an IPsec tunnel to the HQ SBC when the WAN is down.
Click IPSec IPsec | Tunnel Tablein the left-hand navigation.
Panel |
---|
|
Caption |
---|
| Image Modified |
|
Add a Tunnel Table
Panel |
---|
|
Caption |
---|
| Image Modified |
|
- Enter the configuraton information for your IPsec tunnel.
- The Local Subnet Address must be programmed with IP information for the remote network.
The Remote Subnet Addressmust be programmed with IP information for the HQ network.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Enter Configuration Information |
---|
| Image Modified |
|
SBC2000
...
IPsec Tunnel Configuration
The following steps configure the HQ SBC to receive an IPsec tunnel from the remote SBC when the WAN is down.
Configure an IPsec tunnel on the HQ SBC with information appropriate to your network. On the HQ SBC, the Local Subnet Address is the HQ network, the Remote Subnet Addressis the remote network subnet(s).
Image Removedsubnet(s).
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Create IPsec Tunnel Entry |
---|
| Image Added |
|
Verification
In this section you will test the IPsec tunnel to ensure connectivity exists when the WAN link is down.
...
- Pull the cable from the WAN port on the Remote SBC. You must pull the cable from the WAN port on the Remote SBC for this verification step. Downing the WAN port results in automatically disabling the WAN IP route.
Manually remove the WAN Route from the HQ SBC
Panel |
---|
|
Caption |
---|
| Image Modified |
|
On the Remote SBC, use the refresh button to verify the Service Status is Link Up.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Verify Service Status |
---|
| Image Modified |
|
The Signaling Groups should come back up after the IPsec tunnel is esablished.
Image Removed.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Signaling Groups - SBC 1000 |
---|
| Image Added |
|
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Signaling Groups - SBC 2000 |
---|
| Image Modified |
|
Verifying PC Connectivity
...
Before proceeding, replace the HQ SBC WAN route to the remote SBC.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Create Static IP Route Entry |
---|
| Image Modified |
|
Configuring for Automated Switchover
With the successful testing of the static IPsec tunnel, it is time to make the tunnel dynamic so that the 3G4G link is only used activated when the WAN is down.
Modify the Remote SBC IPSec IPsec Tunnel Activation to Link Monitor Action and click OK.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Modify Tunnel Activation |
---|
| Image Modified |
|
SBC 1000 CAC Profiles
The CAC profiles are transmitted to the Lync Server via the HQ SBC when the WAN transitions link states.
...
Click WAN in the left-hand navigation and select CAC Profiles.
Panel |
---|
|
Caption |
---|
| Image Modified |
|
Create a profile for the WAN up situation. Set the bandwidths according to your desired WAN link configuration and capacity. Click Applywhen finished.
Image Removed.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Create Profile for WAN Up |
---|
| Image Added |
|
Now, create a CAC profile for WAN down. Setting the Bandwidth State to Disabledresults in any HQ<>remote-network calls being routed over the PSTN.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Create CAC Profile for WAN Down |
---|
| Image Modified |
|
SBC 1000 Link Monitor Configuration
The Link Monitors provide the ability for the remote SBC to know whether the WAN is up and available.'
Click Link Monitor Configuration
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Link Monitor Configuration |
---|
| Image Modified |
|
Add a monitor to monitor the public IP interface of the HQ SBC and click Apply.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Monitor Public IP Interface |
---|
| Image Modified |
|
Add a monitor to monitor the 3G4G router port. Associate this Link Monitor with the IPsec Tunnel you recently created. With this link activated (due to WAN down), the IPsec tunnel will be automatically started.
Image Removedtunnel will be automatically started.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Monitor 3G4G Router Port |
---|
| Image Added |
|
Verification
Verify the following tables on the remote SBC
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Verify CAC Profile Table |
---|
| Image Modified |
|
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Verify Link Monitor Configuration Table |
---|
| Image Modified |
|
SBC 2000 Link Monitor Configuration
...
Create a fake CAC entry. This entry will be ignored for purposes of bandwidth adjustment.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Create Fake CAC Entry |
---|
| Image Modified |
|
Create a Link Monitor that monitors the WAN interface of the remote SBC.
Image Removedremote SBC.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Create Link Monitor |
---|
| Image Added |
|
Verification
Verify the condition of the routes and IPsec links.
...
With the WAN link up, the HQ SBC routing table and Link Monitor should resemble the following.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | HQ SBC Routing Table |
---|
| Image Modified |
|
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | HQ SBC Link Monitor |
---|
| Image Modified |
|
Remote SBC
With the WAN link up, the remote SBC's routing table should point to the WAN interface on the HQ SBC.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Routing Table - Point to WAN Interface |
---|
| Image Modified |
|
The Link Monitor Table should be Readyon the WAN link
Image RemovedWAN link
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Link Monitor Table - Ready |
---|
| Image Added |
|
The IPsec tunnel should be Link Down
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | IPsec Tunnel - Link Down |
---|
| Image Modified |
|
Lync Server
Verify the Lync Bandwidth Profile using the Bandwidth Policy Service Monitor, which is installed as a component of the optional Lync Server Resource Kit (available from the Microsoft Lync Server website).
Open Windows Explorer to C:\Program Files\Microsoft Lync Server 2013\ResKit\BandwidthPolicyServiceMonitor and select PDPMonUI.exe.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Select PDPMonUI.exe |
---|
| Image Modified |
|
Expand the server name in the left-hand navigation and select the expanded server.
Image Removed |
and select the expanded server.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Expanded Server Name |
---|
| Image Added |
|
Click the Topology Infotab
Click the | Image Modified |
|
Verify the bandwidth settings are for the WAN up values.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Verify Bandwidth Settings |
---|
| Image Modified |
|
Lync Clients
Test a call between a HQ and Remote Lync client. Calls between HQ and Lync clients should connect directly over the WAN without need for a PSTN connection.
...
Downing the WAN Link should result in the following status. With the WAN link down, verify your implementation to the following:
HQ SBC Status
On the HQ SBC, the WAN Link Monitor should show down and the IPsec tunnel up.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Link Monitor Service Status |
---|
|
|
...
| Image Added |
|
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | IPsec Tunnel Service Status |
---|
| Image Added |
|
On the HQ SBC, the WAN Link Monitor should show down and the IPsec tunnel up.
Image Removed |
Image Removed
Remote SBC Status
On the Remote SBC, the Link Monitor should show the 3G4G link up, the WAN link down, and the IPsec tunnel up.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | 3G4G Link Up and WAN Link Down |
---|
| Image Modified |
|
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | IPsec Tunnel Link UP |
---|
| Image Modified |
|
Lync Server
Within two or three minutes, the Bandwidth Policy should automatically update to the Bandwidth Policy should automatically update to the WAN down bandwidth values.
...
WAN down bandwidth values.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Bandwidth Policy Update |
---|
| Image Added |
|
Lync Clients
Test a call between a HQ and Remote Lync client. In the WAN down condition, you should be able to call between HQ and Remote Lync clients. The calls should utilize the PSTN connection between the SBCs.
...
On the Lync Server, start the Topology Builder and Edit Properties for the remote site Trunk.
Panel |
---|
|
Caption |
---|
| Image Modified |
|
Change the port and configuration to support TLS as shown.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Change Port and Configuration |
---|
| Image Modified |
|
Publish the topology.
Panel |
---|
|
Caption |
---|
| Image Modified |
|
Certificate for the SBC
Certificates are required for TLS/SRTP functionality. The following steps will assist you in installing certificates on the remote SBC.
Click the Taskstab.
Image Removed.
Panel |
---|
|
Caption |
---|
| Image Added |
|
Click Lync Setupin the left-hand navigation
Panel |
---|
|
Caption |
---|
| Image Modified |
|
Obatin the root certificate from your network administrator and copy it to your PC. From the webui, click Import Trusted CA Certificateas shown.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Import Trusted CA Certificate |
---|
| Image Modified |
|
Set the Mode to File Upload and Browseto find the file containing the root certificate.
Image Removed |
the root certificate.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | CA Certificate File Upload |
---|
| Image Added |
|
Click OKto import the root certificate.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Import Root Certificate |
---|
| Image Added |
|
Click OKto import the root certificate.
Image RemovedClick the Generate CSRto generate a certificate request for the SBC. You will send this certificate request to be signed by the your certificae authority.
Panel |
---|
|
Caption |
---|
| Image Modified |
|
Copy and paste the certificate request into a file and send it to your root certificate authority for signing.
Panel |
---|
|
Caption |
---|
| Image Modified |
|
When the signed certificate is returned, click the Sonus SBC Certificatetab and import the certificate.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Import Certificate |
---|
| Image Modified |
|
Set the Mode to File Upload and Browseto find the file containing the SBC certificate.
Image Removedthe SBC certificate.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | SBC Server Certificate File Upload |
---|
| Image Added |
|
Verify the SBC and root certificates
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Sonus SBC Certificate |
---|
| Image Modified |
|
Panel |
---|
|
Caption |
---|
| Image Modified |
|
Setting the SIP Server and Signaling Group for TLS/SRTP
On the remote SBC, set/create the Lync Server SIP Server as shown.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Set/Create Lync Server SIP Server |
---|
| Image Modified |
|
Set/create a Lync Server Signaling Group as shown.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | SIP Signaling Group Details |
---|
| Image Modified |
|
The Lync Server Signaling Group should come up
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Lync Server Signaling Group - Up |
---|
| Image Modified |
|
RBA Data Flows
WAN Up Flow
Image Removed |
WAN Down Instant Message Flow
Image Removed |
WAN Up Flow
Panel |
---|
|
Caption |
---|
| Image Added |
|
WAN Down Instant Message Flow
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | WAN Down Instant Message Flow |
---|
| Image Added |
|
WAN Down Lync-to-Lync Call Flow
...
| WAN Down Lync-to-Lync Call Flow |
---|
| Image Modified |
|
- As an IP router, the SBC forwards the SIP request from the remote Lync to the Lync Server
- Lync server sends a SIP request to the remote SBC (as a SIP --> PSTN gateway)
- Remote SBC dials the HQ SBC via PSTN
- HQ SBC (as a SIP Gateway) sends a SIP request to the Lync server
- Lync Server sends SIP Request to the HQ Lync client
- Remote Lync client audio bypasses directly to the remote SBC.
...
A wireshark trace which shows an exception due to an unrecognized cmdlet is likely due to the Prep SBA function not being executed. Review the Configuring the RBA section of this document.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Prep SBA Function Not Executed |
---|
| Image Modified |
|
RBA computer not a member of RTCUniversalServerAdmins group
...
Check the routing table on the remote SBC. The remote SBC must use default routes (0.0.0.0/0) rather than network routes.
Panel |
---|
|
Caption |
---|
0 | Figure |
---|
1 | Link Monitor Configuration Table |
---|
| Image Modified |
|
...
...
...
| Image Added |
|
OPTIONS with Carrier's IP address
...
This wireshark trace shows a properly working cmdlet to change the CAC bandwidth policies.
Panel |
---|
|
Caption |
---|
| Image Modified |
|
rev 0.2