You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Current »

Overview

Caution

When the 

Unable to show "metadata-from": No such page "_space_variables"
is deployed in Azure, the 
Unable to show "metadata-from": No such page "_space_variables"
 supports Local Media Optimization.

The Central SBC and the Proxy SBC roles are supported in all deployments as follows:

  1. Confirm that in all deployments, private interfaces are assured between relevant parties, as identified at: https://docs.microsoft.com/en-us/microsoftteams/direct-routing-media-optimization 
  2. Secondly, acceptable network connectivity and performance between all nodes (typically indicated by KPIs) must be maintained for an acceptable level of LMO service.
  3. Exercise caution and ensure a high quality link to the Public Cloud (Azure) to ensure acceptable Central SBC/Proxy SBC roles and LMO behavior. Currently, Ribbon and Microsoft strongly encourage the use of ExpressRoute to ensure proper LMO performance.
  4. Ribbon and Microsoft reserve the right to decline support for LMO issues should proper care and network conditions not meet the requirements listed out in the point above.
Note

This best practice uses the term Microsoft Teams Direct Routing, which is also known as Phone System Direct Routing.

This best practice outlines how to use the 

Unable to show "metadata-from": No such page "_space_variables"
 
Unable to show "metadata-from": No such page "_space_variables"
to configure the Central SBC with Local Media Optimization for Microsoft Teams Direct Routing. Local Media Optimization allows the Microsoft Teams Direct Routing media flow to always use the shortest path to improve the
Unable to show "metadata-from": No such page "_space_variables"
's media quality and bandwidth usage. The Microsoft Teams Direct Routing media flow can be directly established between the Teams client and the
Unable to show "metadata-from": No such page "_space_variables"
, even if the 
Unable to show "metadata-from": No such page "_space_variables"
does not have Microsoft Teams Direct Routing connectivity. The
Unable to show "metadata-from": No such page "_space_variables"
,
Unable to show "metadata-from": No such page "_space_variables"
, and 
Unable to show "metadata-from": No such page "_space_variables"
support the Central SBC. For more details about this feature, refer to Local Media Optimization for Direct Routing.

Microsoft Teams Direct Routing Media Flow


This best practice describes greenfield and migration deployments and explains the requirements for each case. This best practice includes cautions to specify the deployment scenarios.

Though the

Unable to show "metadata-from": No such page "_space_variables"
,
Unable to show "metadata-from": No such page "_space_variables"
, and 
Unable to show "metadata-from": No such page "_space_variables"
support the Local Media Optimization Central SBC role for Microsoft Teams Direct Routing, this best practice uses the
Unable to show "metadata-from": No such page "_space_variables"
as a Central
Unable to show "metadata-from": No such page "_space_variables"
in the central site as an example.

Note

For the Central

Unable to show "metadata-from": No such page "_space_variables"
Unable to show "metadata-from": No such page "_space_variables"
recommends that you use the
Unable to show "metadata-from": No such page "_space_variables"
because it has higher CPS (up to 10 CPS) and higher session density (up to 1200 simultaneous Direct Routing calls).

Make sure the licensed quantity of sessions on the 

Unable to show "metadata-from": No such page "_space_variables"
accommodates the maximum number of Local Media Optimization calls.

Microsoft Considerations

The Ribbon TEAMS Local Media Optimization (LMO) solution supports Teams Music on Hold (MOH). The Microsoft Teams LMO document suggests disabling the MOH feature for an LMO deployment because not all SBC vendors support the Teams MOH feature for LMO deployments.

Microsoft does not support Early 183. You should disable Early 183 for all 

Unable to show "metadata-from": No such page "_space_variables"
signaling groups that use Local Media Optimization. For information about Early 183, refer to the Early 183 section in Creating and Modifying SIP Signaling Groups.

Prerequisites

This section outlines the prerequisites for Local Media Optimization for Microsoft Teams Direct Routing.

Unable to show "metadata-from": No such page "_space_variables"
 Capacity

When deploying Local Media Optimization, the Central

Unable to show "metadata-from": No such page "_space_variables"
has to handle the local traffic plus all the traffic from other non-LMO SBCs (SBC not processing the LMO calls), You must ensure the Central
Unable to show "metadata-from": No such page "_space_variables"
has the capacity and the license to handle the load. See the following load impacts:

  • Call made to and from a Teams client that is internal to the customer network:
    • The Central
      Unable to show "metadata-from": No such page "_space_variables"
      consumes the Proxy Media Mode with Encryption resource.
    • The non-LMO SBC
      Unable to show "metadata-from": No such page "_space_variables"
      (SBC not processing the LMO calls)  consumes the SIP with corresponding RTP Media resource.
  • Call made to and from a Teams client that is external to the customer network:
    • The Proxy 
      Unable to show "metadata-from": No such page "_space_variables"
      consumes the SIP with corresponding RTP Media resource.
    • The Downstream 
      Unable to show "metadata-from": No such page "_space_variables"
      consumes the       SIP with corresponding RTP Media resource.

Firmware Requirement

The Central

Unable to show "metadata-from": No such page "_space_variables"
requires the following firmware: 9.0.0 and later.

Note

This document outlines only the recommended firmware.

Microsoft Direct Routing Configuration

You must configure the following for Microsoft Teams Direct Routing:

  • You must plan the Microsoft Teams tenant for Local Media Optimization usage according to the Local Media Optimization for Direct Routing document.
  • You must configure the Microsoft Teams tenant for Local Media Optimization usage according to the Configure Local Media Optimization for Direct Routing document. When you configure the Microsoft Teams Direct Routing, you must also configure the following items:

    • CsTenantTrustedIPAddress

    • CsTenantNetworkRegion

    • CsTenantNetworkSite

    • CsTenantNetworkSubnet

    • CSOnlinePSTNGateway

    • CsOnlineVoiceRoute

Licensing Requirements

The LMO functionality requires the Downstream SBCs to use a Proxy/Central SBC as a registrar, hence this requires the Proxy/Central SBC to have SIP Registration licenses. This applies for both 1000/2000 and SBC SWe Edge. 

Certificate Usage

The Central

Unable to show "metadata-from": No such page "_space_variables"
requires a certificate signed by a public certificate authority.

Public Certificate

The public certificate must be issued by one of the supported certification authorities (CAs). Wildcard certificates are supported.

Domain Name

For the 

Unable to show "metadata-from": No such page "_space_variables"
to pair with Microsoft Teams, the 
Unable to show "metadata-from": No such page "_space_variables"
FQDN domain name must match a name registered in both the Domains and DomainUrlMap fields of the Tenant. Verify the correct domain name is configured for the Tenant as follows:

  1. On the Microsoft Teams Tenant side, execute Get-CsTenant.
  2. Review the output.
  3. Verify that the Domain Name configured is listed in the Domains and DomainUrlMap attributes for the Tenant. If the Domain Name is incorrect or missing, the 
    Unable to show "metadata-from": No such page "_space_variables"
    will not pair with Microsoft Teams.

Users may be from any SIP domain registered for the tenant. For example, you can configure user user@SonusMS01.com with the 

Unable to show "metadata-from": No such page "_space_variables"
FQDN name sbc1.hybridvoice.org, as long as both names are registered for the tenant.

Domain Name Examples

Domain Name*

Use for 

Unable to show "metadata-from": No such page "_space_variables"
FQDN?

FQDN Names - Examples
SonusMS01.com(tick)

Valid names:

  • aepsite6.SonusMS01.com

hybridvoice.org

(tick)

Valid names:

  • sbc1. hybridvoice.org
  • ussbcs15. hybridvoice.org
  • europe. hybridvoice.org

Non-Valid name:

sbc1.europe.hybridvoice.org (requires registering domain name europe. hybridvoice.org in “Domains” first)

*Do not use the *.onmicrosoft.com tenant for the domain name.

Configure Domain Names - Example

 

Name Resolution

The Central

Unable to show "metadata-from": No such page "_space_variables"
FQDN needs to be resolved in a publicly accessible DNS.

Note

This best practice uses host entries.

Implementation

This best practice uses the FQDN and ports illustrated in the following figure.

FQDN and Port Usage


Prepare Central
Unable to show "metadata-from": No such page "_space_variables"

This section outlines how to prepare the Central

Unable to show "metadata-from": No such page "_space_variables"
.

Install 
Unable to show "metadata-from": No such page "_space_variables"
and Perform Initial Setup

Caution

Perform this procedure only if you are creating a new 

Unable to show "metadata-from": No such page "_space_variables"
for the Central role (a greenfield scenario).

Use the following procedure to install the 

Unable to show "metadata-from": No such page "_space_variables"
and perform the initial setup: Installing SBC SWe Edge

Note

For the

Unable to show "metadata-from": No such page "_space_variables"
, use the following procedure to install the SBC and perform the initial setup: Installing SBC 1000/2000

Run Easy Config Wizard on Central
Unable to show "metadata-from": No such page "_space_variables"

Once your 

Unable to show "metadata-from": No such page "_space_variables"
is up and running, you must configure the 
Unable to show "metadata-from": No such page "_space_variables"
to connect to the Microsoft Teams Direct Routing Server and allow the Downstream 
Unable to show "metadata-from": No such page "_space_variables"
connection.

  1. Access a compatible web browser.
  2. In the browser, enter the IP address of the 
    Unable to show "metadata-from": No such page "_space_variables"
    in the URL address bar. The Welcome to
    Unable to show "metadata-from": No such page "_space_variables"
    screen is displayed.
  3. Review the Pre-Login message.
  4. Enter the administrator User Name and Password configured during initial setup.
  5. If the Acknowledge Pre-Login Message checkbox is displayed, click on it to acknowledge you have reviewed the pre-login information above. After initial login, this checkbox can be enabled and disabled via the Global Security Options. By default, this checkbox is configured as disabled.

  6. Click Login. The main screen provides all WebUI functions, including tabbed options, menu tree, device name, and the last login date and time of the system.

  7. Select Tasks > SBC Easy Setup > Easy Config Wizard.

    Easy Config Wizard

  8.  In the Application field, select your application. This best practice configures the SIP Trunk  Microsoft Teams.

    Easy Configuration Step 1

  9. Configure the other fields in Step 1 and click Next.

  10. In the SIP Trunk section, configure the Border Element Server with the FQDN or IP of the central SIP Trunk.

  11. In the Teams Connection Type field, select Local Media Optimization.

    The Easy Configuration Wizard automatically generates two ACL tables for Microsoft Teams Direct Routing. In the table that contains the Teams Direct Routing ACL in the name, Rule #4 was setup for deployments where a single ethernet port was used for both Microsoft Teams Direct Routing and a SIP Trunk; this rule may be too permissive for your configuration. If the SBC was deployed with only Microsoft Teams Direct Routing on an ethernet port, Rule #4 could be modified to have the Source IP Address set to 52.112.0.0 and Source Netmask set to 255.252.0.0. This change allows only SIP Signaling from Microsoft Teams.

  12. Configure the other fields in the Microsoft Teams section and click Next.

  13. Review your configuration information in Step 3 and click Finish.

Import Certificate on Central
Unable to show "metadata-from": No such page "_space_variables"

This section outlines how to import a certificate on the Central

Unable to show "metadata-from": No such page "_space_variables"
.

Configure and Generate Certificates on the
Unable to show "metadata-from": No such page "_space_variables"

Warning: Common Encryption Certificate Issues Arise from Missing Root Certificates
  • Did you only install the CA-signed 
    Unable to show "metadata-from": No such page "_space_variables"
    certificate, along with the intermediate certificate(s) sent by your issuing CA?
  • Did you get the following error message from the
    Unable to show "metadata-from": No such page "_space_variables"
    ?



If so, the likely reason is a missing CA Root Certificate. The 

Unable to show "metadata-from": No such page "_space_variables"
does not have any pre-installed CA root X.509 certificates, unlike typical browsers found on your PC. Ensure the entire certificate chain of trust is installed on the
Unable to show "metadata-from": No such page "_space_variables"
, including the root certificate. Acquire the CA root certificate as follows:

  1. Contact your system administrator or certificate vendor to acquire the root, and any further missing intermediate certificate(s) to provision the entire certificate chain of trust within the
    Unable to show "metadata-from": No such page "_space_variables"
    ;
  2. Load the root certificate, along with the intermediate and 
    Unable to show "metadata-from": No such page "_space_variables"
    certificates, according to Importing Trusted Root CA Certificates.

NOTE: Root certificates are easily acquired from the certificate authorities. For example, the root certificate for the GoDaddy Class 2 Certification Authority may be found at https://ssl-ccp.godaddy.com/repository?origin=CALLISTO . For more information about root certificates, intermediate certificates, and the 

Unable to show "metadata-from": No such page "_space_variables"
server (“leaf”) certificates, refer to this tutorial.

For other certificate-related errors, refer to Common Troubleshooting Issues with Certificates in SBC Edge Portfolio.

Microsoft Teams Direct Routing allows only TLS connections from the 

Unable to show "metadata-from": No such page "_space_variables"
for SIP traffic with a certificate signed by one of the trusted certification authorities.

Request a certificate for the 

Unable to show "metadata-from": No such page "_space_variables"
External interface and configure it based on the example using GlobalSign as follows:

  • Generate a Certificate Signing Request (CSR) and obtain the certificate from a supported Certification Authority.
  • Import the Public CA Root/Intermediate Certificate on the
    Unable to show "metadata-from": No such page "_space_variables"
    .
  • Import the Microsoft CA Certificate on the
    Unable to show "metadata-from": No such page "_space_variables"
    .
  • Import the 
    Unable to show "metadata-from": No such page "_space_variables"
    Certificate.
Note

The certificate is obtained through the Certificate Signing Request (instructions below). The Trusted Root and Intermediary Signing Certificates are obtained from your certification authority.

Step 1: Generate a Certificate Signing Request and obtain the certificate from a supported Certification Authority (CA)

Many CA's do not support a private key with a length of 1024 bits. Validate with your CA requirements and select the appropriate length of the key.

  1. Access a compatible web browser.
  2. In the browser, enter the IP address of the 
    Unable to show "metadata-from": No such page "_space_variables"
    in the URL address bar. The Welcome to
    Unable to show "metadata-from": No such page "_space_variables"
    screen is displayed.
  3. Review the Pre-Login message.
  4. Enter the administrator User Name and Password configured during initial setup.
  5. If the Acknowledge Pre-Login Message checkbox is displayed, click on it to acknowledge you have reviewed the pre-login information above. After initial login, this checkbox can be enabled and disabled via the Global Security Options. By default, this checkbox is configured as disabled.

  6. Click Login. The main screen provides all WebUI functions, including tabbed options, menu tree, device name, and the last login date and time of the system.

  7. Access Settings > Security > SBC Certificates.

  8. Click Generate 

    Unable to show "metadata-from": No such page "_space_variables"
    CSR.

  9. Enter data in the required fields.

  10. Click OK. After the Certificate Signing request finishes generating, copy the result to the clipboard.

  11. Use the generated CSR text from the clipboard to obtain the certificate. 

Step 2: Deploy the 
Unable to show "metadata-from": No such page "_space_variables"
and Root/Intermediate Certificates on the
Unable to show "metadata-from": No such page "_space_variables"

After receiving the certificates from the certification authority, install the 

Unable to show "metadata-from": No such page "_space_variables"
Certificate and Root/Intermediate Certificates as follows:

  1. Obtain Trusted Root and Intermediary signing certificates from your certification authority.
  2. Access a compatible web browser.
  3. In the browser, enter the IP address of the 
    Unable to show "metadata-from": No such page "_space_variables"
    in the URL address bar. The Welcome to
    Unable to show "metadata-from": No such page "_space_variables"
    screen is displayed.
  4. Review the Pre-Login message.
  5. Enter the administrator User Name and Password configured during initial setup.
  6. If the Acknowledge Pre-Login Message checkbox is displayed, click on it to acknowledge you have reviewed the pre-login information above. After initial login, this checkbox can be enabled and disabled via the Global Security Options. By default, this checkbox is configured as disabled.

  7. Click Login. The main screen provides all WebUI functions, including tabbed options, menu tree, device name, and the last login date and time of the system.

  8. To install Trusted Root Certificates, click Settings > Security > SBC Certificates > Trusted Root Certificates.
  9. Click Import and select the trusted root certificates.
  10. To install the 
    Unable to show "metadata-from": No such page "_space_variables"
    certificate, open Settings > Security > SBC Certificates > SBC Primary Certificate.

  11. Validate the certificate is installed correctly.

  12. Click Import  and select X.509 Signed Certificate.

  13. Validate the certificate is installed correctly.

Update the Current Call Routing

Caution

Perform this procedure only if you are using a node that is already configured with another signaling group (a migration scenario).

If this is not a newly deployed 

Unable to show "metadata-from": No such page "_space_variables"
and you have already configured one of the following, follow the corresponding instructions:

  • If you configured a SIP Trunk or PSTN Access on this

    Unable to show "metadata-from": No such page "_space_variables"
    , you must perform the following procedure to select the previously created signaling group in the From Microsoft Teams Direct Routing table (see the following example call flow).

    Call Routing Setup to old PSTN - Proxy SBC

    1. Select Settings > Call Routing > Call Routing Table.

    2. Select the call routing table for Microsoft Teams Direct Routing.

    3. Select the To Outside (Passthrough) route entry.

    4. In the Destination Signaling Groups field, select the Border Element signaling group and click Remove.

    5. In the Destination Signaling Groups field, click Add and add your previously created SIP Trunk or PSTN Access.

    6. In the Audio Stream Mode field, select Direct Preferred over DSP.

    7. Click Apply.

    8. Click Signaling Groups.
    9. Delete the Border Element signaling group.

  • If you configured a connection to Teams Direct Routing or Skype for Business, you must remove the previously created signaling group (see the following example call flow).

    Call Routing Setup to new Teams - Proxy SBC

Verify the Deployment

After you configure the Central

Unable to show "metadata-from": No such page "_space_variables"
, use the following procedure to verify that the 
Unable to show "metadata-from": No such page "_space_variables"
works properly.

  1. Access a compatible web browser.
  2. In the browser, enter the IP address of the 
    Unable to show "metadata-from": No such page "_space_variables"
    in the URL address bar. The Welcome to
    Unable to show "metadata-from": No such page "_space_variables"
    screen is displayed.
  3. Review the Pre-Login message.
  4. Enter the administrator User Name and Password configured during initial setup.
  5. If the Acknowledge Pre-Login Message checkbox is displayed, click on it to acknowledge you have reviewed the pre-login information above. After initial login, this checkbox can be enabled and disabled via the Global Security Options. By default, this checkbox is configured as disabled.

  6. Click Login. The main screen provides all WebUI functions, including tabbed options, menu tree, device name, and the last login date and time of the system.

  7. Select Settings > Signaling Groups.

  8. Make sure the Service Status for all signaling groups is Up.

  9. If the Service Status for the Teams Direct Routing signaling group is Down, refer to Best Practice - Troubleshoot Issues with Microsoft Teams Direct Routing.

Place a Test Call

Use the following procedure to place a test call.

  1. Access a compatible web browser.
  2. In the browser, enter the IP address of the 
    Unable to show "metadata-from": No such page "_space_variables"
    in the URL address bar. The Welcome to
    Unable to show "metadata-from": No such page "_space_variables"
    screen is displayed.
  3. Review the Pre-Login message.
  4. Enter the administrator User Name and Password configured during initial setup.
  5. If the Acknowledge Pre-Login Message checkbox is displayed, click on it to acknowledge you have reviewed the pre-login information above. After initial login, this checkbox can be enabled and disabled via the Global Security Options. By default, this checkbox is configured as disabled.

  6. Click Login. The main screen provides all WebUI functions, including tabbed options, menu tree, device name, and the last login date and time of the system.

  7. In the WebUI, click the Diagnostics tab.

  8. In the left navigation pane, click Test a Call.

  9. Use the following table to configure the parameters for your Central SBC.

    Test Call for a Central SBC - Parameters

    ParameterValue

    Destination Number

    Number assigned to a Teams user.

    Origination/Calling Number

    Number assigned to a Local user.

    Call Routing Table

    The routing table that handles the call from the Central

    Unable to show "metadata-from": No such page "_space_variables"
    .

    See the following example configuration of testing a call for a Central SBC.

    Test Call for a Central SBC - Configuration

  10. Click OK.


  • No labels