This section describes using Connectivity Check to verify inbound and outbound service requirements for Cloud Connector Edition (CCE) and to check connectivity for interfacing with Microsoft Teams Direct Routing.
Service Requirements for CCE
The Connectivity Check feature verifies the following inbound and outbound service requirements for CCE:
Outbound:
- DNS (UDP/TCP 53): The Domain Name Service (DNS) resolves the Public FQDN of the Microsoft Signaling Server
- HTTP (TCP 80): Hyper Text Transport Protocol (HTTP) is used for certificate revocation, and for Certificate Revocation List (CRL) check and retrieval
- STUN (TCP 443): Session Traversal Utilities for NAT (STUN)/Traversal Using Relays around NAT (TURN) is used for negotiation of candidates
- STUN (UDP 3478): STUN is used to determine the SBC Edge version with which the Skype server is communicating
- SIP/MTLS (TCP 5061): SIP and Multiplexed Transport Layer Security (MTLS) signaling are used for establishing outbound voice communication
Inbound:
- SIP/MTLS (TCP 5061): SIP and MTLS signaling are used for establishing outbound voice communications
- STUN (TCP 443): STUN/TURN is used for negotiation of candidates
- STUN (UDP 3478): STUN is used to determine the SBC Edge version with which the Skype server is communicating
Service Requirements for Teams Direct Routing
The Connectivity Check feature verifies the following inbound and outbound service requirements for Teams Direct Routing:
Outbound:
- DNS (UDP/TCP 53): DNS resolves the Public FQDN of the Microsoft Signaling Server
- NTP (UDP 123): NTP supports time in certificate usage
- SIP TLS (TCP 5061): Handles signaling for voice communication
- RTP (UDP 49152-65535): Handles media for voice communication
Inbound:
- SIP TLS (TCP 5061): Handles signaling for voice communication
- RTP (UDP 16384-17584): Handles media for voice communication
Running Connectivity Check
To check connectivity required for services and ports used with CCE and Teams, complete the following steps:
- In the WebUI, click the Diagnostics tab.
In the left navigation pane, click Teams Direct Routing > Connectivity Check.
Running Connectivity Checks
- Specify the values for each field for the service for which you need to verify port readiness. For SIP/TLS (TCP), the primary and secondary server IP addresses are hard-coded (not editable).
Click Apply. Service connectivity is checked and the Connectivity Check results display.
Example of Connectivity Check Results
For example, after connectivity is checked for DNS (TCP), the message: "DNS TCP check on <ip address>: Port (<ip address:port number>) is open" displays in the Connectivity Check Results. A second result using the same format displays the results for the Secondary Server specified. For more information, refer to Connectivity_Check_Results.- Repeat Steps 3 and 4 for each service that requires verification of port readiness.
Connectivity Checks - Field Definitions
Specify the values for fields to specify the services for which Connectivity Check will verify port readiness.
Server Type
The Service for which connectivity requires checking. Valid options: DNS (UDP); DNS (TCP); NTP (UDP); and SIP (TCP).
Destination
The FQDN that is the destination for a service. The Destination field displays only for DNS Service Types.
Primary Server
IP address of the primary server used with a service.
For CCE, Connectivity Check uses the primary server only to perform checks for the SIP/MTLS service.
Secondary Server
IP address of the secondary server used with a service. For CCE, the secondary server is not used for checking connectivity for SIP services.
Third Server
IP address of the third server used with a service; the Third Server field displays only for SIP (TCP). For CCE, the third server is not used for checking connectivity for SIP services.
Destination Port
Port used to access the service's destination
Connectivity Check - Results
The following table describes the services for which Connectivity Check verifies port readiness and the format for results.
Connectivity Check Results
| Service and Protocol | Port | CCE | Teams Direct Routing | Description | Connectivity Check Results |
|---|---|---|---|---|---|
| Inbound | |||||
| SIP/MTLS (TCP) | 5061 |  | Handles signaling for voice communications | ||
| STUN (TCP) | 443 | | STUN/TURN negotiation of candidates | ||
| STUN (UDP) | 3478 | | Determines the version of the Edge Server with which the Skype server is communicating | ||
| SIP/TLS (TCP) | 5061 | | Handles signaling for voice communications; primary and secondary server IP addresses are hard-coded. | ||
| RTP (UDP) | 16384 - 17584 | | Handles media for voice communications | ||
| Outbound | |||||
| DNS (UDP/TCP) | 53 | | | For the service that resolves the Public FQDN for the Microsoft Signaling Server, the Connectivity Check populates a default destination from the Host Name and Domain Name attributes in Host Information (that is, Web UI's Settings > System > Node-Level Settings). The tool opens the UDP socket and sends a homemade DNS packet. | If the remote server responds with a DNS response packet the port is reported as open. Otherwise, the port is reported as closed. |
| NTP (UDP) | 123 | | Service to support timestamps in certificate usage | ||
| HTTP (TCP) | 80 | | Certificate revocation check and Certificate Revocation The host field is filled by default with the FQDN found in the SBC certificate, under the attribute: CRL Distribution Point. | ||
| RTP (UDP) | 49152-65535 | | Handles media for voice communications | ||
| SIP/TLS (TCP) | 5061 | | Handles signaling for voice communications; primary and secondary server IP addresses are hard-coded.
For Teams Direct Routing, the SIP target can be the Microsoft SIP signaling server; Connectivity Check routes to: sip.pstnhub.microsoft.com, sip2.pstnhub.microsoft.com, sip3.pstnhub.microsoft.com. | ||
| STUN (TCP) | 443 | | For the service handling STUN/TURN negotiation of candidates, the Connectivity Check opens a UDP socket and sends a homemade STUN packet. | If the remote server does not respond with a STUN error packet, the port is reported as closed. The remote peer is the Microsoft Cloud Edge Server and the STUN protocol determines the Public IP address. | |
| STUN (UDP) | 3748 | | For the STUN service that determines the version of the Edge Server with which the Skype server is communicating, Connectivity Check populates a default destination from from the Host Name and Domain Name attributes in Host Information (that is, Web UI's Settings > System > Node-Level Settings). The tool opens the UDP socket and sends a homemade DNS packet. | If the remote server responds with a DNS response packet the port is reported as open. Otherwise the port is reported as closed. | |
| SIP/MTLS (TCP) | 5061 | | Service to resolve Microsoft Signaling Server Public FQDN For CCE, the Connectivity Check routes to sip.YourSbcDomain | ||
Overview
Content Tools