You must follow these steps completely and in the order shown. Failure to do so increases the risk of node failure.
The intent of this article to provide a step-by-step procedure for CCE High Availability Deployment on SBC Edge.
Following diagram displays the typical CCE Deployment Scenarios:
A public domain name prepared and mapped with your Office 365 tenant.See: Create an Office 365 tenant
An Office 365 tenant with some E5 license or E3 + Cloud PBX. See: Create an Office 365 tenant.
Have an O365 tenant account with ADMIN privileges that will be used during CCERe-DeploymentSpecificSteps.
A public certificate authority ready to sign a certificate for EDGE FQDN. See https://technet.microsoft.com/en-us/library/mt605227.aspx, Information you need to gather before deployment \ Certificate requirements.
A properly configured firewall. See: https://technet.microsoft.com/en-us/library/mt605227.aspx. See https://technet.microsoft.com/en-us/library/mt605227.aspx, Information you need to gather before deployment \ \ Ports and protocols.
Latest System Release 6.1.0 SBC Firmtware.
Latest System Release 6.1.0 SbcComms Firmware.
Optionally, if you want to configure a secondary
For this best practice, CCE deployment is completed in the following network:
The following rules are applied:
Microsoft defines the multi-site CCE deployment in https://technet.microsoft.com/en-us/library/mt740650.aspx. Based on this article, we will use the following information in our best practice example:
CCE Site FQDN | Aepsite1.sonusms01.com |
CCE-1: Edge Server External IP | 192.168.211.86 | CCE-2 Edge Server External IP | 192.168.211.81 | |
CCE-1: Edge Server Public IP | 12.8.245.86 | CCE-2: Edge Server Public IP | 12.8.245.81 | |
CCE-1: Domain Controller IP | 192.168.210.115 | CCE-2: Domain Controller IP | 192.168.210.121 | |
CCE-1: Central Management Store IP | 192.168.210.116 | CCE-2: Central Management Store IP | 192.168.210.122 | |
CCE-1: Mediation Server IP | 192.168.210.117 | CCE-2: Mediation Server IP | 192.168.210.123 | |
CCE-1: Edge Server Internal IP | 192.168.210.118 | CCE-2: Edge Server Internal IP | 192.168.210.124 | |
SBC-1 FQDN and IP | 192.168.210.113 | SBC-2 FQDN and IP | 192.168.210.125 |
Based on above table entries and on our deployment scenario, make sure that CCE FQDN is resolving to both Edge Server PublicIP addresses. To do so, login to your DNS server and create the relevant entries as shown below:
The following sections describe a clean install of the CCE. If your environment has already deployed with CCE, and you are planning to re-deploy, it is necessary to clean up the site(s) that may already exists in O365. To do so, please follow the steps in CCE Re-Deployment Specific Steps in Best Practice for CCE Deployment on SBC Edge.
Both ASMs must be re-initialized with the latest image that contains the latest CCE software (in this example it is 1.4.1 version).
To do so:
ASM-1 | ASM-2 |
---|---|
Both ASM's must be re-initialized with the latest image that contains the latest CCE software (in this example it is 1.4.1 version).
To do so:
ASM-1 | ASM-2 |
---|---|
Change the Admin Password on both ASM:
ASM-1 | ASM-2 |
---|---|
SBC-1 | SBC-2 |
---|---|
CCE-1 | CCE-2 |
---|---|
CCE-1 | CCE-2 |
---|---|
CCE-1 | CCE-2 |
---|---|
After the step above, several checks and (if needed) corrections are needed in the INI file.
The CCE deployment internally sets the domain suffix as defined under VirtualMachineDomain attribute. Although your SBC may have an FQDN that can be reached from your corporate network, it is important to setup the SBC's Gateway FQDN parameter accordingly with the VirtualMachineDomain value, so that CCE can communicate with SBC without a problem.
In addition, when deploying a High Availability systems, it is important to have Management IP Prefix to be unique on each HA system. For instance, if your HA Master CCE system has 192.168.213.x as the Management IP Prefix, you need to be sure to configure this attribute differently on HA Slave system. While doing this, also make sure that subnet that you are defining in this field does NOT conflict in your IP infrastructure.
To verify these values or correct them in Configuration.INI file, follow the steps as shown below:
Above step creates a shared site directory that both CCE-1 and CCE-2 will use on SBC Edge-1 ASM. To verify that this particular directory is successfully created proceed with the following steps:
CCE-1 | CCE-2 |
---|---|
ASM-1 | ASM-2 |
---|---|
While on ASM > PoweShell, you may verify the appliances registration by using the O365 Tenant user with Admin privileges (by running series of commands on PowerShell:)
enter the credentials for O365 Admin Tenant
Once the login is successful, execute Get-CsHybridPSTNAppliance command on PowerShell as shown below:
Please note that due to a possible certificate issue, this step may fail! Relevant workaround for this is already covered in:
Best Practice for CCE Deployment on SBC Edge section Best Practice for CCE Deployment on SBC Edge
after fixing the certificate issue, starting the Edge Server Services, and fixing the Virtual Machine Network adapter settings, CCE High Availability Master Node settings completes. Now you need to publish the CcAppliance to proceed with CcAppliance installation on HA Slave Node.
Similarly, due to a possible certificate issue, this step may fail as well. Relevant workaround for this is already covered in:
Best Practice for CCE Deployment on SBC Edge section Best Practice for CCE Deployment on SBC Edge
after fixing the certificate issue, starting the Edge Server Services, and fixing the Virtual Machine Network adapter settings, CCE High Availability Slave Node settings completes.
Above wizard run configures the necessary settings for SBC Edge-1 and CCE integration, which you can see all relevant configuration items in Settings tab as shown below:
Above wizard run configures the necessary settings for SBC Edge-2 and CCE integration, which you can see all relevant configuration items in Settings tab as shown below:
To allow SIP communication between the CCE Mediation Server and SBC-Edge, Split DNS entries need to be added on each SBC-Edge systems with the following information:
as shown below:
SBCE Edge-1 | SBCE Edge-2 |
---|---|
Lastly, the Mediation Server FQDNs MUST be added to SIP Server Table and SIP Signaling Group Federated FQDN fields with the following information:
SBCE Edge-1 | SBCE Edge-2 |
---|---|