Diese Präsentation wurde erfolgreich gemeldet.
Wir verwenden Ihre LinkedIn Profilangaben und Informationen zu Ihren Aktivitäten, um Anzeigen zu personalisieren und Ihnen relevantere Inhalte anzuzeigen. Sie können Ihre Anzeigeneinstellungen jederzeit ändern.

Cloud Connector configuration guide with Sonus cloud link

1.262 Aufrufe

Veröffentlicht am

Admin Guide for Office 365 Cloud Connector Edition.
Used with Sonus Cloud Link CCE Appliance. How to configure Cloud PBX with On-Premise PSTN breakout.

Veröffentlicht in: Technologie
  • Als Erste(r) kommentieren

Cloud Connector configuration guide with Sonus cloud link

  1. 1. Skype for Business Hybrid Voice Cloud Connector Edition Configuration Guide of Sonus Cloud Link Version 1.2 © 15.01.2017, Thomas Poett, MVP Office Servers and Services (Skype for Business) - Version 1.2 Contact: http://lyncuc.blogspot.com
  2. 2. Table of Contents Table of Contents .................................................................................................................................... 2 Introduction to Cloud Connector Edition................................................................................................ 5 CCE Planning and Configuration Guide .............................................................................................................. 5 CCE Voice Routing with Multi-site (Generic)...................................................................................................... 5 CCE Network Switches in Hyper-V...................................................................................................................... 7 Generic Sonus CCE Appliance (Sonus Cloud Link) Setup.................................................................................... 8 Advanced Features........................................................................................................................................ 9 Network Setup............................................................................................................................................. 10 Generating the CSR and Import Certificate................................................................................................. 10 Configuring the CCE..................................................................................................................................... 11 Scenario-based Infrastructure.......................................................................................................................... 12 System, MPLS and Connectivity Infrastructure ........................................................................................... 13 CCE Appliance Infrastructure....................................................................................................................... 15 Logical Infrastructure ....................................................................................................................................... 17 DNS.............................................................................................................................................................. 17 External Certificates .................................................................................................................................... 19 Internal Certificates..................................................................................................................................... 20 Firewall Port Configuration ......................................................................................................................... 21 Configuration Guide for Users, Dial-Plans, Voice Routes and PSTN Usage........................................... 22 Connect to MSOnline ....................................................................................................................................... 22 Connect to Skype for Business Online.............................................................................................................. 22 Management Guide for Users.......................................................................................................................... 23 Reading and Writing User Information and Settings ....................................................................................... 23 Configuration Guide for Cloud Connector on Sonus Appliance............................................................ 24 Cloud Connector Configuration Data Definition .............................................................................................. 25 Configuration Data Definition APSITE1 (Malaysia)...................................................................................... 26 Configuration Data Definition APSITE2 (Germany) ..................................................................................... 27 Cloud Connector Configuration Files (CloudConnector.ini) ........................................................................ 28 Configuring the Sonus Appliance ..................................................................................................................... 35 Sonus Appliance Setup – Germany Site....................................................................................................... 35 Sonus Appliance Setup – Malaysia Site ....................................................................................................... 48 Sonus Session Border Control Configuration Numbering (Normalization) ...................................................... 59 Normalization – CCE Deployment Overview ............................................................................................... 59 Normalization – Configuration .................................................................................................................... 60 Normalization – Germany Site (Munich and Toronto) ................................................................................ 61 Normalization – Malaysia Site (Kuala Lumpur)............................................................................................ 63 Normalization – Incoming from SIP Trunk (Summary) ................................................................................ 69 Setting Up the Contact Center Connections................................................................................................ 70 Configuring Office 365...................................................................................................................................... 75 Establishing a Skype for Business Online Session............................................................................................. 77
  3. 3. Creating a Hybrid PSTN Site ............................................................................................................................. 78 Managing Hybrid PSTN Users........................................................................................................................... 79 Assigning a Hybrid PSTN Site to Users......................................................................................................... 79 Assigning Voice to Users (Cloud PBX).......................................................................................................... 79 Assigning On-premises Phone Numbers to Cloud PBX Users...................................................................... 82 Testing All Configurations and Connections................................................................................................ 85 DialPlans With CCE in Office 365................................................................................................................. 91 Commandlets for Online Configuration................................................................................................ 92 Dial-in Conferencing Commandlets............................................................................................................. 92 E911 and Location Information Service (LIS) Commandlets........................................................................ 92 Skype Meeting Broadcast Commandlets..................................................................................................... 92 PSTN Calling Commandlets.......................................................................................................................... 92 Hybrid PSTN Site and User Commandlets ................................................................................................... 93 Internet Protocol (IP) Phone Commandlets ................................................................................................ 93 Reporting Commandlets.............................................................................................................................. 93 Online User Commandlets........................................................................................................................... 93 Cloud Connector INI File Parameters.................................................................................................... 94
  4. 4. Special Thanks To my wife Jau Dih: I very much appreciate her compassion towards me, and allowing me to spend a lot of our private time making this Sonus CCE Guide possible. I owe her more than a big kiss and hug. To Adrien Plessis (Sonus): Adrien helped me tremendously with the Test Lab setup, scenario-based configuration, guidance on the early deployment, and access to the Sonus SBC 2000 CCE. He also personally supported me a lot, helping me become an expert on Sonus gateways. And a special thanks for spending an entire weekend preparing the CCE VM base setup. To Michael Reckert and Daniel Furrer (Sonus): For the valued contact they established with Adrien, and convincing him to support this activity. To all my Westcon workmates: For their valued feedback and support, and making Westcon a valued Sonus distributor. And thanks for sharing our technical and logistical knowledge with all Microsoft partners and other potential resellers. Version History Version Comment Date Version 0.9 Released without the Sonus Appliance April 12th 2016 Version 1.0 Released without the Sonus Appliance August 20th 2016 Version 2.0 Interim Version: Cloud Connector Edition - Hybrid Voice Guide - Version 2.0 December 12th 2017 Version 1.1 Admin Guide based on Sonus 1k/2k Cloud Link Appliance November 29th 2016 Version 1.2 Added PowerShell provide CCE installation, change to several cmdlets January 15th 2017
  5. 5. Introduction to Cloud Connector Edition CCE Planning and Configuration Guide In a previously released document, the technical requirements, planning approach and configuration scenario for Hyper Voice PSTN sites was described. In it, a free Ebook download (Cloud Connector Edition - Hybrid Voice Guide - Version 2.0) was offered for more detailed information. If you have not yet, please download and read this guide to gain the knowledge required for this technical configuration guide. The download is at Cloud Connector Edition - Hybrid Voice Guide - Version 2.0 CCE Voice Routing with Multi-site (Generic) Cloud Connector Edition with Cloud PBX in Microsoft Office 365 does not support:  The CSVoiceRoute commandlet  Least cost routing  Destination routing The question might be asked, “How can we use different CCE sites with different PSTN breakouts assigned?” The answer is, by utilizing a simple two-site deployment that allows replicating the configuration to larger designs with N-Sites. For the examples that follow, there will be two locations. The first in Munich, Germany, and the other in London, UK. Both sites have their own dedicated PSTN breakout. It will not matter if the connection to the PSTN gateway is via an ISDN/PRI, or an SIP Trunk line. However, there can be a PBX behind the local site gateway. If Media Bypass is not available, the user can connect to the customer’s LAN, and the connection to the Mediation Server can be direct if firewall rules allow this path. In this scenario, the users connect over the Internet. PSTN-based calls can generally flow in two directions, from PSTN -> Cloud PBX user, or from the Cloud PBX user -> PSTN. The simplest call flow is the incoming call from PSTN -> Cloud PBX. Every CCE has a direct connection/path to the Microsoft Office 365 Skype for Business online platform. Therefore, every incoming call will be signalized to the Cloud PBX directly. There are no other logical or technical considerations. It is much different for outgoing calls. There must be a mechanism to determine the destination each call should route to, and in this example it would be either Munich or London. The call flow for outgoing calls is illustrated below, showing the SIP signaling and the media path. Keep in mind that signaling starts before the media. Assume there are two users, User A and User B.
  6. 6.  User A is associated with Germany  User B is associated with Malaysia  The first CCE Site is called “Germany”  The second CCE Site is called “Malaysia” The following diagram describes a CCE Multi-site deployment, and shows the outgoing call flow for the users associated with the different CCE sites. On Premise (SITE MUNICH) PSTN User Cloud Connector Edition VMs Office 365 including Skype for Business Online (E5 Plan) CloudPBX Online Users MEDIA SIP Signaling On Premise (SITE MALAYSIA) User Cloud Connector Edition VMs User A /Site Germany Call to: +49 89 123456789 CCE Edge DC and CA CMS Mediation CCE Edge DC and CA CMS Mediation User B /Site Malaysia Call to: +49 89 123456789 New-CsHybridPstnSite -Identity GERMANY -EdgeFQDN EDGEDE01.SIPDOMAIN.COM New-CsHybridPstnSite -Identity MALAYSIA -EdgeFQDN EDGEUK01.SIPDOMAIN.COM Set-CsUserPstnSettings - Identity UserA - HybridPSTNSite GERMANY - AllowInternationalCalls $true Set-CsUserPstnSettings - Identity UserB - HybridPSTNSite MALAYSIA - AllowInternationalCalls $true EDGEMY01.SIPDOMAIN.COM MEDIA SIP Signaling EDGEDE01.SIPDOMAIN.COM SIP PBX or Provider Gateway SIP PBX or Provider Gateway Interestingly, and not surprisingly, calls will always flow through the CCE site the user is associated with. This is because voice routes cannot be defined with a Cloud PBX or a CCE. In addition, as long as the CCE local setup can recognize the incoming call, it will be sent to the Cloud PBX, which–through Reverse Number Lookup (RNL)–knows which user should be addressed. Normalization for this incoming call scenario can be provided on the PSTN/SIP Trunk gateway. The next section is a guide through the Cloud PBX site setup and user site assignment.
  7. 7. Cloud Connector Edition VMs Edge DC and CA CMS Mediation CCE HOST Facing Internetinternal external Facing CCE VMs VM environment ISO to VDHX Conversion store On local host SfBCCECorpnetvLAN DMZ2DMZ2 SfB CCE Internet vLAN DMZ1DMZ1 SfB CCE Internet Switch 192.168.219.0 SfB CCE Management Switch (temporary) VM Remote Desktop SfB CCE Corpnet Switch 192.168.100.119 Temporary BaseVMIP for ISO2VHDX conversion and dad Windows update's CCE Network Switches in Hyper-V Central to the CCE image installation is the ISO -> VHDX conversion. This process generates the VM, including dedicated disks. The Windows Server ISO image is taken from local storage (HDD) and a Windows Update process is required before generalization can occur. This is done via a temporary IP address that is assigned to the SfB CCE Corpnet Switch, but to use a temporary IP address from the BaseVMIP parameter, a Windows update may be required. In total, there must be three virtual switches in Hyper-V:  SfB CCE Corpnet Switch Corpnet enables VMs to access each other–that is, all VMs on the same host–and allows RDP into the VM. It also allows Skype for Business Clients to connect to the Mediation Server, and connects the Mediation Server to the PSTN gateway. This switch requires an Internet connection for Windows and SfB updates.  SfB CCE Management Switch The management switch provides temporary network connectivity to host and VMs during VM deployment, and will be disconnected after provisioning. The Management IP Address Prefix MUST be configured as a different subnet from other internal IPs. The network is an “internal” host only network switch.  SfB CCE Internet Switch This switch is only used for external edge access to the DMZ1, which is Internet-facing.
  8. 8. Generic Sonus CCE Appliance (Sonus Cloud Link) Setup The platform for the new Sonus Cloud Link CCE Appliance is the well-known Sonus 1000 and 2000 series. To install and run the CCE Appliance software, an Application Solution Module (ASM) board– which has the recommended hardware and capability to run the virtual machines–is required. A full- blown Windows Server 2012 R2 also needs to be installed, along with Hyper-V. Some points to consider during setup are:  Microsoft Cloud Connector Edition is software that provides PSTN connectivity through Office 365 – Packaged VMs are installed on the customer’s hardware – Cloud PBX users are able to use on-premises PSTN – There is supports for up to 500 concurrent calls  No IM, conferencing, or other local functions – Users log in and are homed to Office 365 – WAN resiliency is vital to avoid potential downtime – Sonus SBC will host embedded CCE on ASM (2H2016)  PSTN connectivity and survivability are provided by Sonus SBC via: – SIP – ISDN PRI – Analog
  9. 9. To ensure appliances have the maximum required level of security, Sonus built in the following:  Updated ASM – State of the art CPU and memory – Windows Server 2012 R2 Standard – CCE application/Setup Wizard  True appliance model – Firewalled off from the network – No Internet Explorer, IIS or Windows networking – Managed like an appliance, not a server  Internal Ethernet connection – Configuration of IP address via SBC GUI Advanced Features CCE includes an important new feature that deserves to be highlighted. If a call runs through the SBC/GW, the call can be identified and associated by the caller or call recipient. Once identified, the Rich Presence to those users can be updated. This feature is helpful and provides the best user experience possible, especially when–during a PBX migration and Office 365 users have not yet migrated to Enterprise Voice–phone calls must still route through legacy PBX systems. ASM CCE “Bits” Windows Server 2012 R2 SBC/GW Firewall/SBC Ethernet Office 365 Microsoft Office and Exchange PSTN SIPISDN Analog
  10. 10. Simplified CCE setup–which is key to fast deployment–is achieved through the new wizard, which collects the required setup information for CCE implementation. Network Setup The first step defines the ASM and the Windows Server host setup. Note: The host needs Internet access in order to load the CCE Appliance, and also to receive updates directly from Microsoft. Generating the CSR and Import Certificate The CCE Edge Server VM requires a public certificate to communicate with the Office 365 infrastructure.
  11. 11. Creating the CSR request is fast and easy because the included wizard will generate or import whatever is required into the CCE setup process. You can either us the generate CSR and paste the certificate answer file or you can import an existing certificate including a private key. The imported certificate requires a password. Configuring the CCE Configuring the CCE with its INI files can be quite complex (see the subsection Network and CloudConnector.ini on CCE Site under the Configuring the Sonus Appliance section) but with the included wizard it is simple and straightforward. All that is needed are the external IP addresses for the Edge Server VM, and compliance with the general setup of an on-premises Edge Server. Since the Edge Server IP address is the most NATed IP address in both the internal DMZ as well as the Edge Server external public IP, it will the IP address assigned to the firewall. This also includes external network connections, where the firewall acts as the Internet gateway. Some points of interest regarding Deployment Type and CCE Internal Network Type:  A CCE can be built with up to four systems in parallel over time  As of the writing of this guide, an appliance can support a high-availability (HA) solution with two systems  This limitation is due to setup script complexity, and future updates will address this  The Deployment Type setup will be Standalone or HA (Master and Slave)
  12. 12. Infrastructure Definition of Cloud Connector Edition Scenario-based Infrastructure Suppose there is a customer in Germany who is interested in Office 365 with the E5 plan. They want to utilize Office 365 with Cloud PBX as much as possible, but their internal contact center, along with certain applications requiring PSTN connectivity, are preventing the move to the cloud entirely (PSTN calling service). Adding to this challenge are two subsidiaries, one in Malaysia and another in Canada. In Canada, there is a sales office with less than 10 employees in the office, and five home office workers. Home office work is also a future goal for Germany, but not Malaysia. In each location, the sales staff have shared office space, but 75% of the time they are out of the office. The MPLS connection between Germany and Malaysia is approximately 140 ms, but between Germany and Canada a ping round trip was measured at less than 50 ms. QoS is activated for SIP traffic on the local LAN as well as the MPLS. The customer has an MPLS between all three locations. The profiles for the three locations look like this: Munich, Germany Users: 1500 Country code: +49 Area number: 89 Number block: 561234-100/999 Contact center: 561235-0/09 needs to be routed via SIP on the gateway PSTN break out: Central SIP Trunk covering Germany and Canada Kuala Lumpur, Malaysia Users: 100 Country code: +60 Area number: 3 Number block: 30901-100/199 PSTN break out: SIP Trunk covering Malaysia Toronto, Canada Users: 50 Country code: +1 Area number: 416 Number block: 406-1000/1099 No PSTN break out: SIP is on the same SIP Trunk in the Germany location physical infrastructure Based on the locations and telephony requirements above, the physical infrastructure would require matching the scenario-based assumption.
  13. 13. System, MPLS and Connectivity Infrastructure Two Sonus CCE Appliances (SBC 2000 CCE) would be required, one in Germany and one in Malaysia. They would connect over the Internet to Office 365, with the Cloud PBX feature enabled. Additionally, there would be two PSTN breakouts (SIP Trunks) per location, each with an applied CCE Appliance. Canada would use the MPLS network, connecting directly to the Sonus SBC in Germany, which is where the Canadian phone numbers terminate via the allocated SIP Trunk.
  14. 14. Logical infrastructure scenario with Express Route Setup The setup would be identical to the Internet connection-based setup–unlike with the MPLS approach–where now the Sonus CCE Appliance connects to the CCE component directly with Office 365. There is no need to look any further into this setup since the Azure Express Route has requirements that are not crucial for the general understanding of Cloud Connector Edition deployment. So, for the sake of simplicity and to ensure better understanding, the Contact Center is removed from the following illustration.
  15. 15. CCE Appliance Infrastructure Hardware and other components involved in the Cloud Connector installation are delivered during the setup of the Hyper-V virtual machines (VM). Each VM contains a featured server role from Skype for Business. Microsoft provides a download that will unpack itself and start deploying VMs. Once the deployment has started, unattended setup will do everything else for you, from installing and configuring the VMs–including the VM network–as well as the Domain Controller, AD and the Skype for Business components. It is important to ensure high quality and reliable networks, and while Azure ExpressRoute is no longer recommended, it does offer clear advantages. The same applies to the internal network, so careful planning is crucial; consider where the SfB client is located, and how the client will connect to the Mediation Server. Facilities can also run their own ACP to offer personal conferencing dial-in numbers on their CCE. Audio is sent from the Skype for Business Online conferencing MCU directly to the CCE, but the QoS must be integrated throughout the network, including the Office 365 tenant. Note: A minimum of two PSTN Gateways (CCE Appliances) are recommended for redundancy.
  16. 16. Sonus Cloud Link (CCE Appliance)1 Sonus Cloud Link integrates Skype for Business Cloud Connector Edition in a single, flexible and secure appliance that reduces the CAPEX associated with server hardware and software procurement and implementation. Sonus Cloud Link also preserves existing PSTN connectivity, supports legacy PBXs and analog devices and provides an enterprise-wide legacy dial plan, as well as Active Directory dial plan integration. This helps customers migrate to Office 365 Cloud PBX at their own pace while avoiding disruption caused by the cutover. Sonus Cloud Link is an integrated appliance solution that combines Sonus’ award winning SBC 1000 and 2000 session border controllers. These run embedded Microsoft Skype for Business Cloud Connector Edition software which connects directly into the Office 365 Cloud PBX feature. Cloud Link features include:  Sonus Cloud Link Support for up to 500 concurrent Skype for Business Cloud Connector Edition managed calls in a single, secure, 1U appliance  Up to four appliances for scalability and high availability (Microsoft has a limit of 1,500 concurrent calls per CCE pool)  Easy-to-use Web GUI Setup Wizard for rapid provisioning and management  Sonus based Call Admission Control (CAC)2 to deny excessive calls based on session establishment rate per trunk group  Advanced call routing features such Active Directory integration, Lightweight Directory Access Protocol (LDAP) server routing integration, onboard call forking which “forks” a single call from any source to up to eight unique destinations (including legacy PRI/FXS/FXO/BRI- based endpoints), and other flexible routing options  Seamless integration with existing enterprise telephony infrastructure  Interconnects Skype for Business Cloud PBX to SIP, TDM and analog PSTN-bound trunks to support on-premises Service Provider connectivity with a wide variety of SIP and legacy port interfaces 1 Sonus Cloud Link for Microsoft CCE webpage 2 This CAC is not in Skype for Business; it is implemented on the Sonus Cloud Link only. At the point of writing this guide, CAC is not available in SfB Online.
  17. 17. Logical Infrastructure DNS DNS access is required externally for the Access Edge Server and the Media Relay (Audio); video is not implemented for local breakouts. The internal CCE servers must resolve internal DNS names and the Access Edge component via external DNS. Therefore, the Access Edge should resolve DNS externally and have a host file (C:WindowsSystem32drivershosts) for internal DNS resolution. Note: The onmicrosoft.com DNS suffix external tenant is not supported. SIP.<sipdomain> for any CCE is not supported, it is reserved for the Office 365 Access Edge. External DNS entries for CCE (also used for certificates): Access Edge: e.g., access.sipdomain.com CCE Site (x) Access Edge SIP domain: e.g., sip.sipdomain.com Office 365 Access Edge DNS Record for sonusms01.com Record Type Setting Comment CCE Site A Accesspool A 123.123.123.1 IP of Access Edge, Single CCE SITE or Site A mr01 A 123.123.123.2 Not required to be set (mr can be the same IP as Access Edge CCE Site B accesspool02 A 12.123.123.1 IP of Access Edge, Multi CCE SITES, e.g. Site B mr02 A 12.123.123.2 Not required to be set Office 365 sip CNAME sipdir.online.lync.com lyncdiscover CNAME webdir.online.lync.com _sip.tls SRV 100 1 443 sipdir.online.lync.com _sipfederationtls.tcp SRV sipfed.online.lync.com Note: Media Relay is not required in the certificate. The MRAS service will issue its own certificate for media encryption. Therefore, a DNS Record is not required too and optional. The MR can have its own IP Address, but is neither required nor a good advice.
  18. 18. DNS Access queries in CCE All internal VMs will query the CCE AD DNS installed automatically on the DC VM. The Edge Server VM, has a an host file install for internal DNS and uses any external “public” DNS Server for Internet related queries, as for the Office 365 tenant. Mediation Edge DC and DNS CMS Cloud Connector Edition Setup (DNS) INTERNETHOSTS Note: All other DNS records necessary for the internal and external (Internet) networks remain unchanged for Office 365 deployments. Note: During CCE installation is might be required setting the internal DNS (AD) pointing to an external system.
  19. 19. External Certificates Notes: A CN starting with SIP.<domain> is not supported with others than wildcard certificate. SIP is a placeholder for access edge client logins. It is possible to use a single certificate for all CCE sites, as long the other sites are listed with their fully qualified domain name (FQDN) in the SAN entries. Single CCE Site In addition to the DNS entries, publicly-signed SAN certificates are also required: SN/CN accesspool.sonusms01.com Single CCE SITE SAN accesspool.sonusms01.com SAN sip.sonusms01.com Note: Single CCE site deployment is similar to the well-known on-premises deployments for Edge Servers; the principals are identical. That is, if an Edge Pool is used, the external Pool Name must be addressed with HLB or DNS LB, but if it is a single server, only the server name is needed. Multi-Site CCE Site with Shared Certificates Multiple CCE Sites can be registered with Office 365: SN/CN accesspool.sonusms01.com SAN accesspool.sonusms01.com CCE Site 1 SAN accesspool01.sonusms01.com CCE Site 2 SAN sip.sonusms01.com Wildcard Certificates Wildcard certificate are support. SN/CN name.sonusms01.com It can be sip.* too in this case SAN sip.sonusms01.com 1 SAN *.sonusms01.com Wildcard SAN xx Any other SAN Notes: Wildcards are supported as sn=sip.sipdomain.com, san=sip.sipdomain.com + san=*.sipdomain.com. Microsoft also supports sn=*.sipdomain.com, san=sip.sipdomain.com + san=*.sipdomain.com.
  20. 20. Internal Certificates All internal servers–including the Domain Controller–require certificates, which can be either private certificates or externally signed.  Typically, a CA is installed using the CCE automated setup, and the certificate can be generated automatically based on the CA  The “Member Servers” are in a joint domain joint with the CCE Active Directory Forest  Root Certificates are propagated automatically, but with the Edge component, you have to import the Root Certificate for the internal site of the Edge CMS VMs (primary or backup) require a default certificate with server FQDN as the subject name. Mediation Server VMs require a default certificate with the Mediation Server Pool FQDN as the subject name. A single certificate can be used across all mediation server VMs, or each VM can use its own certificate, as long as they all have the pool FQDN in the subject name. Edge VMs require an internal certificate with the Edge Server internal pool FQDN as the subject name. A single certificate can be used across all Edge Server VMs, or each VM can use its own certificate, as long as they all have the internal pool FQDN in the subject name. Note: Remember to import the Root CA certificates if internal or private certificates are going to be used. With the Sonus CCE Appliance, this step is handled by the CCE Installation Wizard.
  21. 21. Firewall Port Configuration3 Internal Firewall Source IP Destination IP Source Port Destination Port Cloud Connector Mediation component SBC/PSTN Gateway Any TCP 5060** SBC/PSTN Gateway Cloud Connector Mediation component Any TCP 5068/TLS 5067 Cloud Connector Mediation component Internal clients 49 152–57 500* TCP 50,000– 50,019 Cloud Connector Mediation component Internal clients 49 152–57 500* UDP 50,000– 50,019 Internal clients Cloud Connector Mediation component TCP 50,000– 50,019 49 152–57 500* Internal clients Cloud Connector Mediation component UDP 50,000– 50,019 49 152–57 500* * This is the default port range on the Mediation component. For optimal call flow, four ports per call are required. ** This port should be configured on the SBC/PSTN gateway; 5060 is an example. Other ports on the SBC/PSTN gateway can be configured as required. External Firewall - Minimum Configuration Source IP Destination IP Source Port Destination Port Any Cloud Connector Edge External Interface Any TCP 5061 Cloud Connector Edge External Interface Any UDP 3478 UDP 3478 Any Cloud Connector Edge External Interface TCP 50,000– 59,999 TCP 443 Any Cloud Connector Edge External Interface UDP 3478 UDP 3478 Cloud Connector Edge External Interface Any TCP 50,000– 59,999 TCP 443 External Firewall - Recommended Configuration Source IP Destination IP Source Port Destination Port Any Cloud Connector Edge External Interface Any TCP 5061 Cloud Connector Edge External Interface Any TCP 50,000–59,999 Any Cloud Connector Edge External Interface Any UDP 3478; UDP 50,000–59,999 Any Any Cloud Connector Edge External Interface Any TCP 443; TCP 50,000–59,999 Any Cloud Connector Edge External Interface Any UDP 3478; UDP 50,000–59,999 3 Taken from TechNet
  22. 22. Configuration Guide for Users, Dial-Plans, Voice Routes and PSTN Usage This section covers the view for Cloud Connector Edition Setup only. Remember to assign an Office 365 license before users are enabled for a Skype for Business online account. Connect to MSOnline Best is connecting to MSOnline too Import-Module MSOnline $credential = get-credential Connect-MsolService -Credential $credential Connect to Skype for Business Online The Business Online Connector (Windows PowerShell module) can be download from the Microsoft download center. For more information go to Configuring your computer for Skype for Business Online management. Import-Module skypeonlineconnector $cred = Get-Credential $Session = New-CsOnlineSession -Credential $cred -Verbose Import-PSSession $session
  23. 23. Management Guide for Users The Set-CsUser command is used for both types of installation – on-premises as well as the Skype for Business Online version. Using the Skype for Business Management Shell (that is delivered with Skype for Business on-premises) is not recommended for configuring Skype for Business Online in Office 365. Instead, the standard PowerShell is used and the skypeonlineconnector is imported in a standalone setup. This way, the on-premises version commandlets are not visible nor usable. It is important to understand that Skype for Business users cannot simply be created. Rather, the user must be created either in Office 365 (Azure AD) or in an on-premises AD, and then synced to Office 365 (Azure AD). From here a user for Skype for Business Online can be enabled, or the parameters can be modified. Reading and Writing User Information and Settings Once the Skype for Business Online accounts are started, the well-known on-premises commands are working. Therefore, Get-CsUser must be replaced with Get-CsOnlineUser as an example. Note that for syncing users and changing settings, the online Admin Center is used. WARNING: The Set-CsUser commandlet is available to Skype for Business Online administrators. However, Set-CsUser cannot currently be used to manage Skype for Business Online, except for setting the AudioVideoDisabled parameter. Attempting to run the commandlet with any other parameter will fail, and the following error message will appear: “Unable to set SipAddress. This parameter is restricted within Remote Tenant PowerShell.”
  24. 24. Configuration Guide for Cloud Connector on Sonus Appliance The scenarios presented so far are in the controlled environment of a Sonus Lab. However, in a live production environment, there might be more internal network segments, including possibly two firewall systems.
  25. 25. Note: It is crucial to verify the SBC and Mediation Server listening ports. The SBC (that is, the PSTN/SIP Trunk gateway) should listen on TCP 5060, or if encrypted, on TLS 5061. The Skype for Business VM containing the Mediation Server has to listen on TCP 5068, or if encrypted, on TLC 5067. For this port configuration, the requirements for the CloudConnector.ini and the Sonus Gateway configuration should be considered. Cloud Connector Configuration Data Definition In the configuration example–which includes a Microsoft Office 365 E5 Plan-based tenant–the multi- site CCE deployment worked using real data from a Sonus Lab. Most of the parameters are defined within the CCE Setup Wizard included with the appliance. However, if a Sonus SBC and standard- deployed Hyper-V-based CCE is used, the table on the following page contains the parameters needed. The CCE board is included on the Sonus SBC 2000 chassis, which also contains the PSTN gateway. Since there is no Media Bypass possible with CCE (at this time), the Mediation Server <-> Gateway communication should be unencrypted, which lets the Mediation Server talk and listen on TCP Port 5068, and the Gateway on TCP Port 5060. Before starting the configuration, the parameters in the following sections need to be defined.
  26. 26. Configuration Data Definition APSITE1 (Malaysia) The LAN site is network address 192.168.210.0/24 Parameter Value SIP Domain sonusms01.com Virtual Machine Domain sfbhybridtest.local Server Name AD IP 192.168.210.115 Online SIP Federation FQDN sipfed.online.lync.com Site Name AEPSITE1 Base VMIP 192.168.210.119 Management Switch Name SfB CCE Management Switch Internet Switch Name SfB CCE Internet Switch Corpnet Switch Name SfB CCE Corpnet Switch Management IP Address Prefix 192.168.219.0 Internet Default Gateway 192.168.211.1 Corpnet Default Gateway 192.168.210.1 Internet DNS IP Address 8.8.8.8 Corpnet DNS IP Address 8.8.8.8 Primary CMS Server Name CMS-Server IP Address 192.168.210.116 Share Name CmsFileStore Mediation Server Server Name MediationServer Pool Name mspool IP Address 192.168.210.117 Edge Server Internal Server Name Edge-064913 External MR Public IPs 12.8.245.86 External SIP IPs 192.168.211.86 Internal Pool Name Edgepool Internal Server IPs 192.168.210.118 External MR IPs 192.168.211.86 External SIP Pool Name AEPSITE2 Gateway FQDN Sbc1.sfbhybridtest.local IP Address 192.168.210.113 PORT 5060 Protocol TCP Enable Refer Support true Sonus Network (specific too) Network Type intranet Deployment Type standalone
  27. 27. Configuration Data Definition APSITE2 (Germany) The LAN site is network address 192.168.100.0/24 Parameter Value SIP Domain sonusms01.com Virtual Machine Domain sfbhybridtest.local Server Name AD-064913 IP Address 192.168.100.115 Online SIP Federation FQDN sipfed.online.lync.com Site Name AEPSITE2 Base VM IP Address 192.168.100.119 Management Switch Name SfB CCE Management Switch Internet Switch Name SfB CCE Internet Switch Corpnet Switch Name SfB CCE Corpnet Switch Management IP Address Prefix 192.168.219.0 Internet Default Gateway 192.168.211.1 Corpnet Default Gateway 192.168.100.1 Internet DNS IP Address 8.8.8.8 Corpnet DNS IP Address 8.8.8.8 Primary CMS Server Name CMS-064913 IP Address 192.168.100.116 Share Name CmsFileStore Mediation Server Server Name Med-064913 Pool Name mspool IP Address 192.168.100.117 Edge Server Internal Server Name Edge-064913 External MR Public IPs 12.8.245.84 External SIP IPs 192.168.211.84 Internal Pool Name Edgepool Internal Server IPs 192.168.100.118 External MR IPs 192.168.211.84 External SIP Pool Name AEPSITE2 Gateway FQDN sbc2.sfbhybridtest.local IP Address 192.168.100.113 Port 5060 Protocol TCP Enable Refer Support true Sonus Network (specific too) Network Type intranet Deployment Type standalone
  28. 28. Cloud Connector Configuration Files (CloudConnector.ini) Both systems have wizard-based automatically-generated CloudConnector.ini files. CloudConnector.ini (Malaysia) ; Build number 6.0.9319.255 - Keep this comment for diagnostic purpose ;;;;;;;;;;;;;; Common (topology-wide) parameters. ;;;;;;;;;;;;; [Common] ;Domain(s) of SIP URIs used by company users. ;Domain(s) registered on O365. ;Support multiple domains separated by space. First domain is the default used. ;for phone URI. SIPDomains=sonusms01.com ;Domain DNS suffix for the Skype for Business Cloud Connector Edition itself. ;Virtual machines CMS, Mediation server join this domain. ;Can be local (e.g. does not need to be in public DNS) ;MUST be different with domain(s) registered on O365 VirtualMachineDomain=sfbhybridtest.local ;AD Server Name ServerName=AD ;AD Server IP address IP=192.168.210.115 ;O365 Online service FQDNs ;No need to change for world-wide O365 instance. For other instances, go to domain settings page in O365 portal to get the right FQDN. OnlineSipFederationFqdn=sipfed.online.lync.com ;Optional site parameters SiteName=AEPSITE1 CountryCode=MY City=KUALALUMPUR State=SG ;The IP address of the VM that prepares base VM image ;This setting is only necessary for Convert-CcIsoToVhdx BaseVMIP=192.168.210.119 ;;;;;;;;;;;;;;;;;;;; Parameters for a pool of VM network. ;;;;;;;;;;;;;;;;;;;; [Network] ; For Corpnet IPs CorpnetIPPrefixLength=24 ; For Edge external IPs InternetIPPrefixLength=24 ; The Hyper-V switch names for Corpnet and internet connectivity. CorpnetSwitchName=SfB CCE Corpnet Switch InternetSwitchName=SfB CCE Internet Switch ;Default gateway in Corpnet ;Corpnet default gateway enables automatic updating the servers from the Corpnet ;It must be configured for Convert-CcIsoToVhdx to convert windows ISO file to VHDX file ;Corpnet default gateway will allow BaseVM to connect to internet and install window update packs CorpnetDefaultGateway=192.168.210.1 ;Internet default gateway to enable Edge server to connect O365 servers ;Remove or leave it as blank if don't want to configure default gateway InternetDefaultGateway=192.168.211.1 ;DNS IP address in Corpnet ;It must be configured for Convert-CcIsoToVhdx to convert windows ISO file to VHDX file ;Corpnet DNS will allow BaseVM to connect to internet and install window update packs CorpnetDNSIPAddress=8.8.8.8
  29. 29. ;Internet DNS IP address for resolving _sipfederationtls._tcp.<domain> and _sip._tls.<domain> ;This DNS will be assigned to internet connection network adapter on Edge server ;The Edge server must be able to resolve public DNS records for the O365 Sip Domain ;If Gateway FQDN uses O365 Sip Domain in name for TLS purposes, be sure to set this IP address to allow Edge to resolve these records InternetDNSIPAddress=8.8.8.8 ; The management switch to provide network connectivity of host and VMs. ; ManagementIPPrefix in MUST be configured as different subnet from other internal IPs. ; Just as the default value shown, ManagementIPPrefix is 192.168.213.0, while AD IPAddress is 192.168.0.238 ; The ManagementIPPrefixLength should be a value in range [8, 29]. ManagementSwitchName=SfB CCE Management Switch ManagementIPPrefix=192.168.219.0 ManagementIPPrefixLength=24 ;;;;;;;;;;;;; Parameters for Primary Central Management Service. ;;;;;;;;;;;;; [PrimaryCMS] ;Server name which will be used to generate Server FQDN. It CANNOT contain .<DomainName> ;Pool name will be the same as server name. ServerName=CMSServer ;Server IP address IP=192.168.210.116 ;File share name for Primary CMS File Store Service. ;Must be created on the Primary CMS server (used for replication of CMS data ;to other servers and backup CMS) ShareName=CmsFileStore ;;;;;;;;;;;;;;;;;;;; Parameters for a pool of Mediation Servers. ;;;;;;;;;;;;;;;;;;;; [MediationServer] ;Server name which will be used to generate server FQDN. It CANNOT contain .<DomainName> ServerName=MediationServer ;Pool name which will be used to generate pool FQDN. It CANNOT contain .<DomainName> PoolName=mspool ;Server IP address IP=192.168.210.117 ;;;;;;;;;;;;;;;;;;;; Parameters for a pool of Edge Servers. ;;;;;;;;;;;;;;;;;;;; [EdgeServer] ;Server name which will be used to generate server FQDN. It CANNOT contain .<DomainName> InternalServerName=EdgeServer ;Pool name which will be used to generate pool FQDN. It CANNOT contain .<DomainName> ;FQDN of the Edge Pool internal interface must resolve to IP addresses on ;internal interfaces of all Edge servers (one A record per server) InternalPoolName=edgepool ;Internal IP addresses of servers in Edge Server Pool. InternalServerIPs=192.168.210.118 ;Pool name which will be used to generate pool FQDN. It CANNOT contain .<DomainName> ;FQDN of the Edge Pool external interface for SIP traffic must resolve to ;IP addresses on external interfaces of all Edge servers (one ;A record per server) or to the VIP of HLB (if HLB is used for SIP traffic). ;The suffix of this FQDN should be the default (first) internal domain. ;The "sip" prefix is not allowed. ExternalSIPPoolName=aepsite1 ;External IP addresses of servers in Edge Server Pool for SIP traffic. ;Public IP addresses if there is no NAT (firewall or HLB), ;NAT-ed addresses otherwise. ExternalSIPIPs=192.168.211.86 ;Pool name which will be used to generate pool FQDN. It CANNOT contain .<DomainName> ;FQDN of the Edge Pool external interface for media traffic must resolve to
  30. 30. ;IP addresses on external interfaces of all edge servers (one ;A record per server) or to the VIP of HLB (if HLB is used for media traffic). ;Can be the same FQDN as External SIP FQDN (since there is no client ;SIP traffic in this topology there is no conflict for port 443). ExternalMRFQDNPoolName=aepsite1 ;External IP addresses of servers in Edge Server Pool for Media traffic. ;Public IP addresses if there is no NAT or firewall or HLB, ;NAT-ed addresses otherwise. ;Can be the same IPs as External SIP IPs (since there is no client SIP traffic ;in this topology there is no conflict for port 443). ExternalMRIPs=192.168.211.86 ;Public External IP addresses of servers in Edge Server Pool for Media ;traffic. Should only be specified if NAT (firewall or HLB) is used. ;If NAT is not used, keep this element here and leave the value as blank. ;Single IP addresses in case of HLB, multiple addresses (one per edge) ;in case of DNS LB. ExternalMRPublicIPs=12.8.245.86 ;Public External port range for Media Relay (AV Edge role) ;MR port start from 50000, the range should be even number from 100 to 10000 ;For both TCP and UDP ;Each concurrent call need 2 ports ;So the concurrent call capability in MR should be range / 2 ;Note: concurrent call number also depends on the capability of PSTN Gateway ExternalMRPortRange=10000 ;Parameters for gateway ;If only one Gateway is needed, remove entire [GateWay2] section. Don't keep it but leave values empty. ;If Gateway FQDN uses O365 Sip Domain in name for TLS purposes, be sure to set InternetDNSIPAddress to allow Edge to resolve these records [Gateway1] ; Gateway FQDN FQDN=sbc1.sfbhybridtest.local ;Gateway IP address IP=192.168.210.113 ;Gateway Port Port=5060 ;Protocol for SIP traffic (TCP or TLS) Protocol=TCP ;List of voice routes used by this gateway. ;Routes are defined in the next section. VoiceRoutes=LocalRoute ;;;;;;;;;;;;;;;;;;;; Parameters for hybrid voice routing ;;;;;;;;;;;;;;;;;;;; [HybridVoiceRoutes] ;Named voice route to be used by one or more gateways LocalRoute=.* ;;;;;;;;;;;;;;;;;;;; Parameters for TrunkConfiguration ;;;;;;;;;;;;;;;;;;;; [TrunkConfiguration] ;Whether Gateways support Refer. It is used for Call Transfer scenario. ;The value can be "true" or "false". Default value is "true". ;EnableReferSupport set to "true" means the Gateway(s) support Refer which can handle all the call transfer stuffs. ;EnableReferSupport set to "false" means the Gateway(s) don't support Refer. Then Mediation Server will handle all the call transfer stuffs. EnableReferSupport=true
  31. 31. CloudConnector.ini (Germany) ; Build number 6.0.9319.255 - Keep this comment for diagnostic purpose ;;;;;;;;;;;;;; Common (topology-wide) parameters. ;;;;;;;;;;;;; [Common] ;Domain(s) of SIP URIs used by company users. ;Domain(s) registered on O365. ;Support multiple domains separated by space. First domain is the default used. ;for phone URI. SIPDomains=sonusms01.com ;Domain DNS suffix for the Skype for Business Cloud Connector Edition itself. ;Virtual machines CMS, Mediation server join this domain. ;Can be local (e.g. does not need to be in public DNS) ;MUST be different with domain(s) registered on O365 VirtualMachineDomain=sfbhybridtest.local ;AD Server Name ServerName=AD-064913 ;AD Server IP address IP=192.168.100.115 ;O365 Online service FQDNs ;No need to change for world-wide O365 instance. For other instances, go to domain settings page in O365 portal to get the right FQDNs.� OnlineSipFederationFqdn=sipfed.online.lync.com ;Optional site parameters SiteName=AEPSITE2 CountryCode=DE City=MUNICH State=BY ;The IP address of the VM that prepares base VM image ;This setting is only necessary for Convert-CcIsoToVhdx BaseVMIP=192.168.100.119 ;;;;;;;;;;;;;;;;;;;; Parameters for a pool of VM network. ;;;;;;;;;;;;;;;;;;;; [Network] InternetSwitchName=SfB CCE Internet Switch ; For Edge external IPs InternetIPPrefixLength=24 ManagementIPPrefixLength=24 ;Internet default gateway to enable edge server to connect O365 servers ;Remove or leave it as blank if don't want to configure default gateway InternetDefaultGateway=192.168.211.1 ;Default gateway in Corpnet ;Corpnet default gateway enables automatic updating the servers from the Corpnet ;It must be configured for Convert-CcIsoToVhdx to convert windows ISO file to VHDX file ;Corpnet default gateway will allow BaseVM to connect to internet and install window update packs CorpnetDefaultGateway=192.168.100.1 ;Internet DNS IP address for resolving _sipfederationtls._tcp.<domain> and _sip._tls.<domain> ;This DNS will be assigned to internet connection network adapter on Edge server ;The Edge server must be able to resolve public DNS records for the O365 Sip Domain ;If Gateway FQDN uses O365 Sip Domain in name for TLS purposes, be sure to set this IP address to allow Edge to resolve these records InternetDNSIPAddress=8.8.8.8 ;DNS IP address in Corpnet ;It must be configured for Convert-CcIsoToVhdx to convert windows ISO file to VHDX file ;Corpnet DNS will allow BaseVM to connect to internet and install window update packs CorpnetDNSIPAddress=8.8.8.8
  32. 32. ; The Hyper-V switch names for Corpnet and internet connectivity. CorpnetSwitchName=SfB CCE Corpnet Switch ; For Corpnet IPs CorpnetIPPrefixLength=24 ManagementIPPrefix=192.168.219.0 ; The management switch to provide network connectivity of host and VMs. ; ManagementIPPrefix in MUST be configured as different subnet from other internal IPs. ; Just as the default value shown, ManagementIPPrefix is 192.168.213.0, while AD IPAddress is 192.168.0.238 ; The ManagementIPPrefixLength should be a value in range [8, 29]. ManagementSwitchName=SfB CCE Management Switch ;;;;;;;;;;;;; Parameters for Primary Central Management Service. ;;;;;;;;;;;;; [PrimaryCMS] ;Server name which will be used to generate Server FQDN. It CANNOT contain .<DomainName> ;Pool name will be the same as server name. ServerName=CMS-064913 ;Server IP address IP=192.168.100.116 ;File share name for Primary CMS File Store Service. ;Must be created on the Primary CMS server (used for replication of CMS data ;to other servers and backup CMS) ShareName=CmsFileStore ;;;;;;;;;;;;;;;;;;;; Parameters for a pool of Mediation Servers. ;;;;;;;;;;;;;;;;;;;; [MediationServer] ;Server name which will be used to generate server FQDN. It CANNOT contain .<DomainName> ServerName=Med-064913 ;Pool name which will be used to generate pool FQDN. It CANNOT contain .<DomainName> PoolName=mspool ;Server IP address IP=192.168.100.117 ;;;;;;;;;;;;;;;;;;;; Parameters for a pool of Edge Servers. ;;;;;;;;;;;;;;;;;;;; [EdgeServer] ;Public External IP addresses of servers in Edge Server Pool for Media ;traffic. Should only be specified if NAT (firewall or HLB) is used. ;If NAT is not used, keep this element here and leave the value as blank. ;Single IP addresses in case of HLB, multiple addresses (one per edge) ;in case of DNS LB. ExternalMRPublicIPs=12.8.245.84 ;External IP addresses of servers in Edge Server Pool for SIP traffic. ;Public IP addresses if there is no NAT (firewall or HLB), ;NAT-ed addresses otherwise. ExternalSIPIPs=192.168.211.84 ;Pool name which will be used to generate pool FQDN. It CANNOT contain .<DomainName> ;FQDN of the Edge Pool internal interface must resolve to IP addresses on ;internal interfaces of all Edge servers (one A record per server) InternalPoolName=edgepool ;Internal IP addresses of servers in Edge Server Pool. InternalServerIPs=192.168.100.118 ;External IP addresses of servers in Edge Server Pool for Media traffic. ;Public IP addresses if there is no NAT or firewall or HLB, ;NAT-ed addresses otherwise. ;Can be the same IPs as External SIP IPs (since there is no client SIP traffic
  33. 33. ;in this topology there is no conflict for port 443). ExternalMRIPs=192.168.211.84 ;Pool name which will be used to generate pool FQDN. It CANNOT contain .<DomainName> ;FQDN of the Edge Pool external interface for SIP traffic must resolve to ;IP addresses on external interfaces of all Edge servers (one ;A record per server) or to the VIP of HLB (if HLB is used for SIP traffic). ;The suffix of this FQDN should be the default (first) internal domain. ;The "sip" prefix is not allowed. ExternalSIPPoolName=AEPSITE2 ;Server name which will be used to generate server FQDN. It CANNOT contain .<DomainName> InternalServerName=Edge-064913 ;Public External port range for Media Relay (AV Edge role) ;MR port start from 50000, the range should be even number from 100 to 10000 ;For both TCP and UDP ;Each concurrent call need 2 ports ;So the concurrent call capability in MR should be range / 2 ;Note: concurrent call number also depends on the capability of PSTN Gateway ExternalMRPortRange=10000 ;Pool name which will be used to generate pool FQDN. It CANNOT contain .<DomainName> ;FQDN of the Edge Pool external interface for media traffic must resolve to ;IP addresses on external interfaces of all Edge servers (one ;A record per server) or to the VIP of HLB (if HLB is used for media traffic). ;Can be the same FQDN as External SIP FQDN (since there is no client ;SIP traffic in this topology there is no conflict for port 443). ExternalMRFQDNPoolName=AEPSITE2 ;Parameters for gateway ;If only one Gateway is needed, remove entire [GateWay2] section. Don't keep it but leave values empty. ;If Gateway FQDN uses O365 Sip Domain in name for TLS purposes, be sure to set InternetDNSIPAddress to allow Edge to resolve these records [Gateway1] ; Gateway FQDN FQDN=sbc2.sfbhybridtest.local ;Gateway IP address IP=192.168.100.113 ;Gateway Port Port=5060 ;Protocol for SIP traffic (TCP or TLS) Protocol=TCP ;List of voice routes used by this gateway. ;Routes are defined in the next section. VoiceRoutes=LocalRoute ;;;;;;;;;;;;;;;;;;;; Parameters for hybrid voice routing ;;;;;;;;;;;;;;;;;;;; [HybridVoiceRoutes] ;Named voice route to be used by one or more gateways LocalRoute=.* ;;;;;;;;;;;;;;;;;;;; Parameters for TrunkConfiguration ;;;;;;;;;;;;;;;;;;;; [TrunkConfiguration] ;Whether Gateways support Refer. It is used for Call Transfer scenario. ;The value can be "true" or "false". Default value is "true". ;EnableReferSupport set to "true" means the Gateway(s) support Refer which can handle all the call transfer stuffs. ;EnableReferSupport set to "false" means the Gateway(s) don't support Refer. Then Mediation Server will handle all the call transfer stuffs. EnableReferSupport=true
  34. 34. [SonusNetworks] NetworkType=intranet DeploymentType=standalone
  35. 35. Configuring the Sonus Appliance The CCE Appliance configuration and setup is isolated from an Office 365 deployment; it simply integrates with Office 365 as component. The focus will be on the setup, configuration, testing and integration with the Office 365 E5 tenant shared at Sonus. Within the live configuration example– which includes a Microsoft Office 365 E5 Plan-based tenant– the multi-site CCE deployment worked using real data from a Sonus Lab. Sonus Appliance Setup – Germany Site In earlier sections, the planning stages for a CCE deployment was described; the illustration below summarizes this. On Premise (SITE GERMANY) Cloud Connector Edition VMs Edge DC and CA CMS Mediation EDGEMY01.SONUSMS01.COM SIP PBX or Provider Gateway CCE HOST SONUS CCE Appliance 192.168.100.117 192.168.100.115 192.168.100.116 192.168.219.0 SfB CCE Management Switch 192.168.100.113 also gateway configuration IP address for browser 192.168.211.84/24 SfB CCE Corpnet Switch 192.168.100.119 BaseVMIP (temp)for ISO2VHDX conversion internal external SfB CCE Internet Switch 192.168.100.118 192.168.100.114 192.168.211.85 NIC1(physical) NIC2(physical) The Sonus appliance will start out-of-the-box. To access the default website, change the gateway IP address to the 192.168.100.113. From this point forward, navigate to each section highlighted below. Note: NIC 1 has two IP addresses assigned because the NIC is used for both the vSwitch and the gateway
  36. 36. Network and CloudConnector.ini on CCE Site Set the Network Interfaces on CCE The first step is navigating to the Settings tab –> ASM Configuration in the Node Interfaces section. Here a real IP address is assigned to the physical SBC network interface. Two Class C networks are defined: NIC 1 LAN (and CCE VMs): IP: 192.168.100.0/24, IP: 192.168.100.114 NIC 2 Internet (and CCE Edge VMs): IP: 192.168.211.0/24, IP: 192.168.211.85
  37. 37. Set VM and Hyper-V Networks on CCE Next click the Tasks tab –> Configure CCE, where the CCE deployment information is provided, such as CCE VM IP addresses, internal/external DNS server, and so on. The Deployment Type also needs to be chosen, either Standalone or Corporate Intranet. This defines a single CCE (non-HA) and LAN deployment. Note: The internal DNS will be set in the next section.
  38. 38. Adjust or Administer the DNS Server Setting Under System –> Node-Level Settings, change the Primary Server IP/DNS within Domain Name Service window to the Controller IP address, 192.168.100.115.
  39. 39. Start CCE Deployment on Appliance Configuration (Wizard) After verifying the settings and parameters, CCE deployment is ready. This can take one to two hours. Navigate to System and click “Deploy CCE VM” where there is a summary of all the important parameters from the CloudConnector.ini file. Deploy the CCE Appliance by clicking “Prepare CCE” at the bottom of the page.
  40. 40. You will be asked providing the certificate password, either your password for the imported certificate file or the certificate requires answer file writing the certificate into the CCE appliance, storing the file locally. Next step will be a reminder proceeding with the CCE installation process.
  41. 41. Finalizing CCE Deployment on Appliance using the Hyper-V host powershell The process for installing the CCE VMs and automatically letting them be configured is identically with the process described in the Technet. Register-CcAppliance Install-CcAppliance Next you need to provide the required user accounts and password: Local VmAdmin, DomainAdmin, SafeModeAdmin, ExternalCert’s and user name and password of your Office 365 admin account
  42. 42. Next start the deployment for Cloud Connector Appliance with the cmdlet Install-CcAppliance The VM deployment will start immediately. Connect to the HOST with the defined IP address and open the Virtual Machine Manager to find:  The VM being cloned  SysPrep  VM started  Updated (Windows Update)  Finalized Note: If you started a redeployment, you must unregister the existing CCE Appliance configuration with your Office 365 tenant, by using: Get-CsHybridPSTNAppliance (NOTE: mark the IDENTITY) Unregister-CsHybridPSTNAppliance -identity <MarkedName> -Force
  43. 43. Set Up CCE Skype for Business to Mediation Server After a successful deployment, the correct Mediation Server to Gateway Transmission Control Protocol (TCP) ports must be validated. • Navigate to the main page, select “SBC Easy Setup,” and the Configuration Wizard will automatically open. • In Step 1, choose SIP  Skype for Business/Lync. Using a SIP Trunk to ensure the PSTN is available for ISDN usage as determined earlier. • Type a scenario description, such as “Cloud Connector Edition,” and then choose the telephony country. It is not important which country is chosen at this step because normalization will be configured manually. • Select the SIP Trunk provider and the Skype for Business/Lync Version. Note: Cloud Connector is only available for Skype for Business. Click Next.
  44. 44. IMPORTANT: Make sure the appropriate Mediation Server vs. Gateway Ports are selected. TCP TLS Mediation Server 5068 5067 Gateway/SBC 5060 5061 In the scenarios discussed up to this point, the work has been based on TCP, not Transport Layer Security (TLS).  To define the Border Server Element and the SIP Trunk Provider’s SBC, use provider1.domain.com  For the live setup, our own internal SIP Test Simulator (provider)–with the given FQDN–has been defined  Choose TCP or UDP for the protocol submission, with the Port Number: 5060 (depending on the provider)  The Skype for Business connection is the Mediation Server, listening on TCP Port: 5068 with the FQDN mspool.sfbhybridtest.local (the chosen internal CCE Active Directory Domain) Click Next.
  45. 45. In Step 3, the SBC Setup Configuration Summary provides an overview of the configured parameters. If the parameters are correct, proceed. Click Finish. The Installation Wizard will now apply the appropriate configurations to the SBC/Gateway and Skype for Business (CCE). At this point the CCE Appliance setup is complete. Testing connectivity must now take place before users can begin using the system.
  46. 46. Test CCE Network and SIP Connectivity Testing the setup for connectivity is crucial. If testing is done completely and correctly, time required for troubleshooting can be minimized. Start with a simple ping from the gateway/SBC to the Mediation Server Pool FQDN. At the same time, test the opposite as well, just to be sure all the systems are working properly; ping the SBC from within the Mediation Server virtual machine.
  47. 47. For the final step, check the SIP connectivity.  Go to Signaling Groups and click the Settings tab  Below Display is the Counter  Click Counter and a new window opens, providing SIP message information  Make sure Incoming and Outgoing Requests are visible The Service Status column is the first indicator that the interfaces see each other. If a package flow is active it will be green.
  48. 48. Sonus Appliance Setup – Malaysia Site In earlier sections, the planning stages for a CCE deployment was described; the illustration below summarizes this. On Premise (SITE MAYASIA) EDGEDE01.SONUSMS01.COM Cloud Connector Edition VMs Edge DC and CA CMS Mediation SIP PBX or Provider Gateway CCE HOST SONUS CCE Appliance internal external 192.168.210.117 192.168.210.115 192.168.210.116 192.168.219.0 SfB CCE Management Switch 192.168.210.113 also gateway configuration IP address for browser 192.168.211.86/24 SfB CCE Corpnet Switch 192.168.210.119 BaseVMIP (temp)for ISO2VDHX conversion 192.168.210.114 SfB CCE Internet Switch 192.168.210.118 192.168.211.87 NIC1(physical) NIC2(physical) The Sonus appliance will start out-of-the-box. To access the default website, change the gateway IP address to the 192.168.100.113. From this point forward, navigate to each section highlighted below. Note: NIC 1 has two IP addresses assigned because the NIC is used for both the vSwitch and the gateway.
  49. 49. Network and CloudConnector.ini on CCE SITE Set the Network Interfaces on CCE The first step is navigating to the Settings tab –> ASM Configuration in the Node Interfaces section. Here a real IP address to the physical SBC network interface will be assigned. Two Class C networks are defined: NIC 1 LAN (and CCE VMs): IP: 192.168.210.0/24, IP: 192.168.210.114 NIC 2 Internet (and CCE Edge VMs): IP: 192.168.211.0/24, IP: 192.168.211.87
  50. 50. Set VM and Hyper-V Networks on CCE Next click the Tasks tab –> Configure CCE, where the CCE deployment information–such CCE VM IP addresses, internal/external DNS server, and so on–will be provided. The Deployment Type–either Standalone or Corporate Intranet–will also be chosen. This defines a single CCE (non-HA) and LAN deployment. Note: The internal DNS will be set in the next section.
  51. 51. Adjust or Administer the DNS Server Setting Under System –> Node-Level Settings, change the Primary Server IP/DNS within Domain Name Service window to the Controller IP address, 192.168.210.115.
  52. 52. Start CCE Deployment on Appliance Configuration (Wizard) After verifying the settings and parameters, CCE deployment is ready. This can take one to two hours. Navigate to System and click “Deploy CCE VM.” A summary of all the important parameters from the CloudConnector.ini file will be there. Deploy the CCE Appliance by clicking “Prepare CCE” at the bottom of the page. Follow the identical step provided in the section: Finalizing CCE Deployment on Appliance using the Hyper-V host powershell
  53. 53. The VM deployment will start immediately. Connect to the HOST with the defined IP address and open the Virtual Machine Manager to find:  The VM being cloned  SysPrep  VM started  Updated (Windows Update)  Finalized
  54. 54. Set Up CCE Skype for Business to Mediation Server After a successful deployment, you must validate the correct Mediation Server to Gateway Transmission Control Protocol (TCP) ports. • Navigate to the main page, select “SBC Easy Setup,” and the Configuration Wizard will automatically open. • In Step 1, choose SIP  Skype for Business/Lync. Using an SIP Trunk to ensure the PSTN is available for ISDN usage as determined earlier. • Type a scenario description, such as “Cloud Connector Edition,” and then choose the telephony country. It is not important which country is chosen at this step because we will configure the normalization manually. • Select the SIP Trunk provider and the Skype for Business/Lync Version. Note: Cloud Connector is only available for Skype for Business. Click Next.
  55. 55. IMPORTANT: Make sure the appropriate Mediation Server vs. Gateway Ports have been selected. TCP TLS Mediation Server 5068 5067 Gateway/SBC 5060 5061 In the scenarios discussed up to this point, the work has been based on TCP, not Transport Layer Security (TLS).  To define the Border Server Element and the SIP Trunk Provider’s SBC, use provider1.domain.com  For the live setup, the internal SIP Test Simulator (provider)–with the given FQDN–has been defined  Choose TCP or UDP for the protocol submission, with the Port Number: 5060 (depending on your provider)  The Skype for Business connection is the Mediation Server, listening on TCP Port: 5068 with the FQDN mspool.sfbhybridtest.local (the chosen internal CCE Active Directory Domain) Notes: In this scenario–in a Sonus lab–the SIP Simulator and Contact Center are located on the same system, provider1.domain.com. It uses an SIP trunk-based PSTN for connectivity. In a live production environment this might be a different FQDN or IP address. Both CCEs are using the same CCE-based Active Directory Domain, but the CCE sites are not related to each other in terms of AD security principals and UIDs. This is a typical configuration, and is supported. Click Next.
  56. 56. In Step 3, the SBC Setup Configuration Summary provides an overview of the configured parameters. If the parameters are correct, proceed. Click Finish. The Installation Wizard will now apply the appropriate configurations to the SBC/Gateway and Skype for Business (CCE). At this point the CCE Appliance setup is complete. Testing connectivity must now take place before users can begin using the system.
  57. 57. Test CCE Network and SIP Connectivity Testing the setup for connectivity is crucial. If testing is done completely and correctly, time required for troubleshooting can be minimized. Start with a simple ping from the gateway/SBC to the Mediation Server Pool FQDN. At the same time, test the opposite as well, just to be sure all the systems are working properly; ping the SBC from within the Mediation Server virtual machine.
  58. 58. For the final step, check the SIP connectivity.  Go to Signaling Groups and click the Settings tab  Below Display is the Counter  Click Counter and a new window opens, providing the SIP message information  Make sure Incoming and Outgoing Requests are visible The Service Status column is the first indicator that the interfaces see each other. If a package flow is active it will be green.
  59. 59. Sonus Session Border Control Configuration Numbering (Normalization) Normalization ensures the SIP Trunk, and PSTN connectivity, are working correctly. SIP Trunks have their own requirements, depending on which format is supported, and at times might require different normalizations. Generally, Skype for Business works with E.164 format internally, so incoming calls must follow this format as well, especially with Cloud PBX. In the future this may change. Outgoing calls from Skype for Business to the connected SIP Trunk will mostly require service provider and area-based normalization. If the E.164 format is unfamiliar, there is plenty of available documentation explaining it, including the blog, Demystify Lync Enterprise Voice Phone Numbers and Extension, written by Thomas Poett, author of this Configuration Guide. As an example, suppose the German SIP Trunk is accepting E.164 format calls end-to-end. In Malaysia, however, it depends on the registered location, which is Kuala Lumpur in this example. The SIP Trunk will not accept a “+” sign in front of the phone number, and in-country calls must also exclude the country and area code. So, calls to and from Kuala Lumpur cannot use E.164 format (+6031234567) calls, but instead must follow the 1234567 format. To become familiar with normalizations, testing and configuring can be accomplished using the http://regex101.com website, shown below. Normalization – CCE Deployment Overview As described in the previous section, the following number behavior is common with CCE deployments. Skype for Business uses non-customizable DialPlans. Internally, it uses the E.164 format exclusively, so SIP Trunks must send calls using a different format that have matching normalization for calls into the SIP Trunk. Skype for Business Incoming (to SfB) Outgoing (to PSTN) Munich, Germany Canada with US +14161234567 14161234567 14161234567 Any Location E.164 E.164 E.164
  60. 60. Kuala Lumpur, Malaysia KL (03) +60312345678 12345678 1234567 Malaysia (+60) +604412345678 0412345678 0412345678 Singapore (+65) +6512345678 006512345678 0212345678 Singapore (02) +6512345678 0212345678 0212345678 +60212345678 0212345678 0212345678 International +498912345678 00498912345678 00498912345678 Normalization – Configuration Normalization – Configuration for Skype To configure normalization rules go to Transformation, and choose Cloud Connector Edition: From Skype/Lync: Passthrough. Click the green “+” sign to add a new normalization rule. Normalization – Configuration for SIP Trunk To configure normalization rules go to Transformation, and choose Cloud Connector Edition: From SIP Trunk: Passthrough. Click the green “+” sign to add a new normalization rule.
  61. 61. Normalization – Germany Site (Munich and Toronto) The SIP Trunk in Germany is responsible for incoming calls in the following number ranges: Munich, Germany: Number Block - Users: +49 89 561234100 -> +49 89 561234999 Number Block - Contact Center: +49 89 561235-0 -> +49 89 56123509 Toronto, Canada: Number Block - Users: +1 416 406-1000 -> +1 416 406 1099 There is a unique condition with calls to and from Toronto; the SIP Trunk does not provide–nor accept–a “+” sign for this location. This means that incoming calls to a Toronto user might look like this: “14164061000.” The same is required for outgoing calls to “+1 numbers,” such as for the US and Canada. However, calls to Germany will be received in the E.164 format. Note: This scenario might differ from one provider to the next; this should help in understanding special scenarios where multiple locations run through a single SIP Trunk. Incoming Call to a User in Canada when the +1 is Missing Canadian users have an E.164 format number assigned, and for calls to go through successfully it is necessary to complete the number. Therefore, there is a mandatory rule of adding a +1 in front of the caller’s number. • The Regex is +1/1 • Description: Passthrough • Match Type: Mandatory (Must Match) • Input Field • Type: Called Address/Number • Value: (.*) • Output Field: • Type: Called Address/Number • Value: +1/1
  62. 62. Calls to Canada Must Have +1 Removed Conversely, if a user assigned to the German CCE is making a call to the US or Canada, the +1 must be removed. • Description: Passthrough • Match Type: Mandatory (Must Match) • Input Field: • Type: Called Address/Number • Value: +1(.*) • Output Field: • Type: Called Address/Number • Value: 1
  63. 63. Normalization – Malaysia Site (Kuala Lumpur) In the past, a complication in RegEx requirements for Malaysia and Singapore was seen. This is just something to keep in mind in case it might be necessary to use Singapore as a Malaysian calling territory. Years ago, Singapore was part of Malaysia, so the Singapore Country Code +65 is equal to Malaysia's Country Code which is 60, as far as telephony is concerned. This is just a reminder to raise awareness should upcoming work with SIP Trunk and PSTN configurations cause issues. In summary, a Kuala Lumpur phone number in E.164 format might be “+60312345678,” but the system in Malaysia would require the number “0060312345678.” • 0060 is the country code for Malaysia, • 03 is the area code for Kuala Lumpur • 12345678 is the caller’s phone number In this configuration, it has been determined that the local billing and SIP Trunk installation address would be based in Kuala Lumpur.
  64. 64. Incoming Call to Malaysian User Incoming calls are based on the From SIP Trunk section under Transformation. For Incoming Calls to a Malaysian User (Replace 00 -> +) In this example, incoming call numbers starting with “00” were defined. However, the E.164 format used in Skype for Business requires a “+” instead of “00,” so the following transformation rules to properly accomplish this change have been defined: • Description: Replace 00 -> + • Match Type: Mandatory (Must Match) • Input Field: • Type: Called Address/Number • Value: 00(.*) • Output Field: • Type: Called Address/Number • Value: +1
  65. 65. Incoming Calls to a Malaysian User (Replace 01–09 -> +60x) Incoming caller numbers from domestic locations do not include the local country code “+60” so all Malaysian numbers starting with “01” to “09” will be transformed into “+601” to “+609.” • Description: Replace 01-09 -> +60x • Match Type: Mandatory (Must Match) • Input Field: • Type: Called Address/Number • Value: ^0(.[1-9]*) • Output Field: • Type: Called Address/Number • Value: +601
  66. 66. Incoming Calls to a Malaysian User (Replace area code 03) As discussed earlier, local calls coming into–or originating from–the Kuala Lumpur location will not include country or area codes. All numbers starting with 1 to 9 must be transformed into “+603” calls, where “+60” is Malaysia and “3” is the Kuala Lumpur area. • Description: Local Kuala Lumpur Number • Match Type: Mandatory (Must Match) • Input Field: • Type: Called Address/Number • Value: (.[1-9]*) • Output Field: • Type: Called Address/Number • Value: +603
  67. 67. Outgoing Calls From Malaysian SIP Trunk Calls originating from the SIP Trunk configuration in Malaysia must be normalized as well in order to match format requirements. • Description: Replace + -> 60 • Match Type: Mandatory (Must Match) • Input Field: • Type: Called Address/Number • Value: +(.*) • Output Field: • Type: Called Address/Number • Value: 001
  68. 68. • Description: Kuala Lumpur area • Match Type: Optional (Match One) • Input Field: • Type: Called Address/Number • Value: +603(.*) • Output Field: • Type: Called Address/Number • Value: 1 For the rest of Malaysia: • Description: +60x into area code 01-09 • Match Type: Optional (Match One) • Input Field: • Type: Called Address/Number • Value: +60(.*) • Output Field: • Type: Called Address/Number • Value: 01
  69. 69. Normalization – Incoming from SIP Trunk (Summary) The normalization rules–as they would apply to scenarios like the ones in our examples–have now finalized. Proper naming is important because later those rules will be assigned to SBC ports and general directions. Choose descriptions for normalization rules that will make them easy to identify later. All configurations described in the above steps are arranged according to their direction of SIP Trunk and Skype for Business. This simplifies the organization of normalization rules for later use in multiple connections. The following two sections show condensed summaries of the normalization rules that had been defined for the Malaysian SIP Trunk site. Remember, normalization takes place in both directions: from the SIP Trunk –> SfB, and from the SfB -> SIP Trunk. From SIP Trunk to Contact Center and SfB This subset of normalization rules represents the transformation into a full E.164 format dialed number string which can be used within Skype for Business Enterprise voice calls. From Skype for Business/Lync to Contact Center and SIP Trunk Remember that due to the special situation with Singapore (country code 02), 02 codes must be included in the rules because of the area code range of 01 to 09. This is a requirement based on the Malaysian number plan requirements which must use a modified number string for submission into the SIP Trunk.
  70. 70. Setting Up the Contact Center Connections The Contact Center is connected to the Germany CCE, utilizing the gateway component via SIP. For implementation of the routing group–named the SIP Signaling Group–it must be ensured that outgoing and incoming calls from all three directions are routed through the appropriated exiting interfaces. The Signaling Group itself acts as an interface. The logical overview illustration below should be helpful in understanding how the configuration works. Generally speaking, the Call Routing Group sends and receives calls on behalf the designated target (Signaling Group) provided in the Transformation Table, assuming this was the table chosen according to the Transformation Rules. Configure the SIP Signaling Group In the Signaling Groups section click the Create Signaling Group drop-down box and select SIP Signaling Group.  The Contact Center is addressed via: o The FQDN: ContactCenter.domain.com o Protocol: UDP o Port: 5060  Optionally, a dedicated IP address can be chosen.
  71. 71. Call routing behavior All calls coming from the trusted IP/FQDN on the defined Listening Port are accepted and will be sent to the Call Routing Table. The already-configured SIP Signaling Group should look like the following:
  72. 72. Configure the Call Routing Table The Call Routing Table is the instance sitting in-between the Signaling Groups, routing and modifying calls to and from their designated destinations. Call priority order is important here, because calls will be identified for routing purposes in their sequence order. The rules are: In the Routing Table the following tasks will be handled: - If matching number, then … - If matching name for, then … - A transformation will occur if present - It will be routed into the Signaling Group (The Input Field is used and forwarded) Create a new Call Routing Table Go to Call Routing Table and click new (“+”) o Two destination-based routings will be needed o The Routing Table chooses the Sonus gateway component which is associated with the external SIP Trunk connection, and Office 365 (CCE) The two Call Routing Tables needed are: 1. From Contact Center to SIP Trunk 2. From Contact Center to Office 365 (CCE: Mediations Server) While setting up Skype for Business Online (Cloud Connector), the SIP Trunk and the Cloud Connector: Mediation Server were configured as Call Routing Tables. Now, the third group gets set up and its target defined. With the transformation (input filed), it was earlier decided: o Which numbers would go to the mediation server (all ranges configured in Office 365) o Which ones would go to the external SIP Trunk/PSTN o And for all other calls anything that is intended for the internal defined number range
  73. 73. Call Routing Table: From Contact Center-> Office 365 For destination information, define the CCE Mediation Server as the target. Note: Validation for overlapping number matching needs to be taken into consideration to ensure appropriate routing occurs. Call Routing Table: From Contact Center -> SIP Trunk
  74. 74. Configure Transformation Rules After configuring Signaling Group and Call Routing, the final step is to ensure the proper transformation of numbers between those groups and tables. The Contact Center can make calls toward the SIP Trunk as well as the Mediation Server, so this requires two transformation entities: • Navigate to Transformation and click New. From there choose New and provide a description of the new transformation. In this case: “No change on number to O365.” • Leave the Transformation Rules configured and activated on Sonus Appliance for Contact Center. The Contact Center to Office 365 (Mediation Server) should look like this: The SIP Trunk (using the Session Border Controller) should look like this:
  75. 75. Configuring Office 365 This configuration guide is for Cloud Connector Edition, and focusses on tasks aimed at telephony. NOT covered in this guide are: o Setting up Office 365 Cloud PBX o Office 365 Azure Active Directory is installed o Tenant activation o Buying and activating user license E-Plans For everything to work correctly as described in this guide, setting up Office 365 Cloud PBX is a requirement, and the assumption is made that the reader already has knowledge of the initial Office 365 task. If that is not the case, it is important to come up to speed on setting up Office 365 Cloud PBX. There is a wealth of information available on this, and one source in particular is the extensive Microsoft TechNet website. Another requirement is that Office 365 Azure Active Directory is: o Installed o Selected in properties o Appropriate licenses are activated o The Cloud PBX feature is activated In the following screenshot the tenant has an activated E5 license, but without PSTN conferencing. Note: License types can vary, and can be started with Cloud PBX. It is important to ensure the Cloud PBX feature can be provided to users. To activate simply move the slider to “On.” In this example, users have been named according to their designated countries, but there are no strict rules for naming users. Two more users are required to complete the scenario, with at least one user per location. We had defined Germany, Canada and Malaysia, where Germany and Canada will run based on the same CCE Site (physical) utilizing a single SIP Trunk.
  76. 76. User 2 User 3 Important Note: The assignment of a user’s location is critical. Later in this guide, in the section Assigning Voice to Users (Cloud PBX), UsageLocation–which is important for identifying the CCE location and associated physical positioning–will be discussed.
  77. 77. Establishing a Skype for Business Online Session All configuration work will be implemented from within PowerShell using the Skype for Business Online Connector. This is a requirement. PowerShell should be running in Administrator Mode, and Office 365 Administrator credentials must be provided. The Administrator runs on Office 365 Online Administrator, not the local computer or Active Directory. Import-Module SkypeOnlineConnector $cred = Get-Credential $session = New-CsOnlineSession -Credential $cred -verbose Import-PSSession $session
  78. 78. Creating a Hybrid PSTN Site In this section, two physical sites for Cloud Connector placement will be defined. Hybrid PSTN site physical locations are defined by how they are represented in their logical Office 365 structure. For naming conventions, it is safe to just stay with the standard limitations for identity naming in Office 365. Create Germany site: New-CsHybridPSTNSite -Identity GermanyCanada -Edge FQDN aesite1.sinusms01.com In this example the name GermanyCanada simply implies that Canada is included with Germany via the SIP Trunk at this location. Create Malaysia site: New-CsHybridPSTNSite -Identity Malaysia -Edge FQDN aesite2.sinusms01.com PowerShell commands AESITE1 AESITE2 Validate the Hybrid PSTN Site. Check to make sure there are no spelling errors. Get-CsHybridPSTNSite
  79. 79. Managing Hybrid PSTN Users Managing users in Office 365 requires several commandlets. They are differentiated, and are associated with the service provided within Office 365. Skype for Business has a common Active Directory, whereas Office 365 uses an Azure Active Directory. We also need commandlets for Skype for Business Online, and also for Microsoft Exchange. Exchange is not addressed in this guide, but later there will be reference to Unified Messaging, which is what Exchange uses. Assigning a Hybrid PSTN Site to Users Office 365 users need to be assigned to a dedicated Hybrid PSTN Site. o The Office 365 Online command Set-CsUserPstnSettings is enabled for this task o The command HybridPSNSite addresses the configured CCE Site o The AllowInternationalCalls command allows calls not associated with a country code Set-CsUserPstnSettings -Identity usercanada -HybridPSTNSite GermanyCanada - AllowInternationalCalls $true Set-CsUserPstnSettings -Identity usergermany -HybridPSTNSite GermanyCanada - AllowInternationalCalls $true Set-CsUserPstnSettings -Identity usermalaysi -HybridPSTNSite GermanyCanada - AllowInternationalCalls $true Assigning Voice to Users (Cloud PBX) Each user must have parameters set for their Cloud PBX identification. The Get-CsOnlineVoiceUser commandlet shows the user, enabled for PSTN Calling Service. In this guide, Cloud Connector is used. Cloud Connector is an on-premises part from Skype for Business Online. If the provided command is run alone with no further format-list, it will not show any users.
  80. 80. The next command (unrelated to Azure AD, but part of Skype for Business Online) is the Get- CsOnlineUser. The command -Get-CsUser is the Azure AD query for this. For the CCE configuration, the following will directly query the parameters for Skype for Business. Get-CsOnlineUser -identity usermalaysia| fl *host*,*dial*,*reg*, *voice*, *sip*,*usage*,*phone*,*id*,*onprem* The above example only queries the usermalaysia setting, while the pipe (|) forces the format list table to limit the parameters only to what needs to be shown. Using the asterisk (*) means that any other character (that is, in front of or behind the word defined) will also be queried, so *reg* refers to TargetRegistrarPool, but also to CountryOrRegionDisplayName as well. Some of the parameters that are important for this scenario include DialPlan, VoicePolicy and UsageLocation.
  81. 81. When checking for user assignments in Malaysia and Germany, the DialPlan is already assigned. This was done automatically. At this point, where users are enabled for the Cloud PBX feature geographically, the chosen location is reflected in UsageLocation. Note: This command display shows that phone numbers are not yet assigned to Skype for Business Online users. This will be addressed in the next section.
  82. 82. Assigning On-premises Phone Numbers to Cloud PBX Users Users must have a phone number assigned. The Reverse Number Lookup Service in Skype for Business needs an incoming E.164 format number string to search for an associated user. Remember: Since the user’s PSTN access is on-premises, there must be an OnPremLineURI. The user’s on- premises parameter is associated with Azure AD, so the Set-CsUser command is used to set this parameter. Enable the user for Enterprise Voice with EnterpriseVoiceEnabled $true, and set the phone number in E.164 format starting with tel:, as in tel:+14164061000. If the user needs to use Exchange Unified Messaging Voice Mail in Office 365, enable it with HostedVoiceMail. Set-CsUser -Identity UserCanada -HostedVoiceMail $true -OnPremLineURI tel:+14164061000 -EnterpriseVoiceEnabled $true Now, verify that the phone number is assigned, and Enterprise Voice is enabled. Get-CsOnlineUser -identity usercanada| fl *host*,*dial*,*reg*, *voice*, *sip*,*usage*,*phone*,*id*,*onprem*
  83. 83. Enable the Germany user: Set-CsUser -Identity UserGermay -HostedVoiceMail $true -OnPremLineURI tel:+4989561234100 -EnterpriseVoiceEnabled $true Get-CsOnlineUser -identity UserGermay | fl *host*,*dial*,*reg*, *voice*, *sip*,*usage*,*phone*,*id*,*onprem*
  84. 84. Enable the Malaysia user: Set-CsUser -Identity UserMalaysia -HostedVoiceMail $true -OnPremLineURI tel:+6033090110 -EnterpriseVoiceEnabled $true Get-CsOnlineUser -identity UserMalaysia | fl *host*,*dial*,*reg*, *voice*, *sip*,*usage*,*phone*,*id*,*onprem* The user setup and enablement is now complete. The deployment has been finalized and is ready to operate once all configurations and connections are tested.
  85. 85. Testing All Configurations and Connections Testing is an essential task during a deployment. Accounts with names like User Country were selected because they can be easily tested and validated. The User Acceptance Test is conducted with the customer and is an essential component of the sign- off phase. The following sections focus on the basic tests to initiate and run. Testing Federation and Presence It can be safely assumed that the internal Office 365 features are working correctly because Microsoft monitors this environment closely. However, in order to be sure, status can be checked in the Office 365 Admin Portal which is where issue or outages are displayed. The test examples that follow were conducted by Sonus and Westcon, both of which host on Office 365, and have many different tenants and different regions with the Microsoft Datacenter structure. Therefore, these represent valid tests that approximate real-world scenarios. The CCE user in Canada is a good representative test because the Canada location is remote, but is assigned to the German CCE Appliance and represents a good user object. The screenshot shows that presence is active, and (although there is no picture available) IM correspondence was functional.
  86. 86. Another important test is validating the DialPlan assignment. This was discussed during the setup of the Office 365 Admin Portal where the user was assigned a location. The DialPlan represents a set of RegEx, and, depending on the input string, a number should be modified and completed into E.164 format. Skype for Business requires the E.164 format for internal call handling. As for the DialPlan, the example shown here explains how numbers are modified for Munich, which is represented by +49 (Germany), 89 (Area/City), 1234567 (phone number). Assume for this example that the office is in Munich while the home is in Frankfurt (69) Location Mobile Phone Office Phone Dialing from your office 089 1234567 1234567 Dialing from your home 089 1234567 089 1234567 Dialing from Malaysia Office +49 89 1234567 +49 89 1234567 Carrier internal backbone number submission +49 89 1234567 +49 89 1234567 Interestingly, if the caller is abroad, the number is dialed in the E.164 format which the carrier is using in its backbone already. However, compared to the other locations, the number is dialed differently. The carrier at its SBC will usually convert the dial string into E.164. The same is true for Skype for Business. When the pattern is dialed, the Skype for Business Online DialPlan will handle this string and start the E.164 conversion. Note: It may be confusing that dialed patterns get converted. When this guide was written, individual Online DialPlans could not be created or modified. This is subject to a feature change by Microsoft in the future, but no date has been published for this yet.
  87. 87. Testing DialPlans During the test scenario setup, some non-technical issues were experienced. A positive user experience is always key, so here are a few highlights of issues experienced with dialing behavior. Note: Subject to future changes to Office 365 by Microsoft, these user experience might be eliminated. For a Canadian user dialing to France, 00 is typically chosen instead of “+” simply because of tradition, it is a faster method, and works on all mobile devices worldwide. Traditional Phone Dialing Modern Dialing 00301699100803 +301699100803 Office 365 DialPlan does not match Works but requires modern dialing Notes: When using the “+” format, make sure all Active Directory phone numbers are in the same E.164 format. Area code-based DialPlans do not exist. Callers are required to dial the area code even within the same city.
  88. 88. Testing Calling Making test calls is key to User Acceptance Testing. All possible paths in the deployment must be tested. For the following test, a caller in Malaysia is dialing to Canada. Testing RNL This test will also show if the RNL is working correctly, and the AV connection is tested in the same way via this path. The PSTN Site on the gateways will not be used. RNL is working and it is set as a Skype for Business call Presence is updated on both sites, and the Malaysian user is able to see the correct name of the Canadian user.
  89. 89. Testing SIP Trunk (PSTN) Calling Testing an outgoing call from an Office 365 Hybrid Voice user to a PSTN user. The user makes the call. The external user receives the call.
  90. 90. Testing an incoming call A PSTN call was initiated and can be seen on the right side as connected. Monitoring PSTN Connections on the Sonus CCE Appliance The Sonus CCE Appliance includes a PSTN/SIP Gateway. By connecting to the gateway as described, and navigating to Monitor, SIP channel consumption can be monitored, including detailed information based on Caller and Callee.
  91. 91. DialPlans With CCE in Office 365 DialPlans are central to providing a positive user experience. It is important to remember that CCE deployment is not the same as hybrid on-premises Skype for Business deployment. The use of an on- premises DialPlan cannot be realized because CCE does not store configuration information of required objects. In the future, once a customizable Online DialPlan is available, this section will be removed from an updated version of this guide. The following text is from Plan for Skype for Business Cloud Connector Edition, a Microsoft TechNet article. (October 18, 2016). Generally, clients in hybrid voice mode can use two types of dial plans: an on-premises dial plan (if you deploy Cloud PBX with on-premises PSTN connectivity via an existing Skype for Business or Lync Server 2013 pool), or an online dial plan (which can be used with either Cloud PBX with on-premises PSTN connectivity via an existing a Skype for Business or Lync Server 2013 pool or Cloud PBX with on-premises PSTN connectivity via Cloud Connector Edition). Cloud Connector Edition does not have an on-premises dial plan because there is no registrar component deployed on premises. Therefore, when deploying Cloud PBX with on-premises PSTN Connectivity via Cloud Connector Edition, you must force the use of an online dial plan as follows: Connect to your Skype for Business Online Remote PowerShell and run the following cmdlet: Set-cstenanthybridconfiguration -tenant < TENANT ID > -useonpremdialplan $false
  92. 92. Commandlets for Online Configuration Skype for Business Online uses several commandlets that the online module will import. It is important to understand that there are different commands for PSTN Calling and PSTN Hybrid configurations. Note that the command Get-CsOnlineUser is not listed in TechNet. This commandlet is for Skype for Business-enabled online users, but has no equivalent for Set or Delete. This guide focuses on the Cloud Connector Edition, and is relevant to the hybrid configuration, but not to PSTN Calling. Dial-in Conferencing Commandlets -------------------------------------------------------------------------------- Disable-CsOnlineDialInConferencingUser Enable-CsOnlineDialInConferencingUser Get-CsOnlineDialInConferencingBridge Get-CsOnlineDialInConferencingLanguagesSupported Get-CsOnlineDialInConferencingUser Get-CsOnlineDialInConferencingServiceNumber Set-CsOnlineDialInConferencingBridge Set-CsOnlineDialInConferencingServiceNumber Set-CsOnlineDialInConferencingUser Get-CsOnlineDialinConferencingTenantConfiguration Get-CsOnlineDialInConferencingTenantSettings Set-CsOnlineDialInConferencingTenantSettings Remove-CsOnlineDialInConferencingTenantSettings E911 and Location Information Service (LIS) Commandlets -------------------------------------------------------------------------------- New-CsOnlineLisCivicAddress Get-CsOnlineLisCivicAddress Set-CsOnlineLisCivicAddress Remove-CsOnlineLisCivicAddress Test-CsOnlineLisCivicAddress New-CsOnlineLisLocation Set-CsOnlineLisLocation Get-CsOnlineLisLocation Remove-CsOnlineLisLocation Get-CsOnlineEnhancedEmergencyServiceDisclaimer Set-CsOnlineEnhancedEmergencyServiceDisclaimer Skype Meeting Broadcast Commandlets -------------------------------------------------------------------------------- Get-CsBroadcastMeetingConfiguration Set-CsBroadcastMeetingConfiguration Get-CsBroadcastMeetingPolicy Grant-CsBroadcastMeetingPolicy PSTN Calling Commandlets -------------------------------------------------------------------------------- Get-CsOnlineTelephoneNumber Remove-CsOnlineTelephoneNumber Get-CsOnlineTelephoneNumberInventoryAreas Get-CsOnlineTelephoneNumberInventoryCities
  93. 93. Get-CsOnlineTelephoneNumberInventoryCountries Get-CsOnlineTelephoneNumberInventoryTypes Get-CsOnlineTelephoneNumberInventoryRegions Search-CsOnlineTelephoneNumberInventory Clear-CsOnlineTelephoneNumberReservation Select-CsOnlineTelephoneNumberInventory Set-CsOnlineVoiceUser Get-CsOnlineVoiceUser Get-CsOnlineDirectoryTenantNumberCities Get-CsOnlineTelephoneNumberAvailableCount Get-CsOnlineTelephoneNumberReservationsInformation Get-CsVoiceRoutingPolicy Grant-CsVoiceRoutingPolicy Set-CsUser Hybrid PSTN Site and User Commandlets -------------------------------------------------------------------------------- Get-CsHybridPstnSite Set-CsHybridPstnSite New-CsHybridPstnSite Remove-CsHybridPstnSite Get-CsUserPstnSettings Set-CsUserPstnSettings Get-CsTenantHybridConfiguration Set-CsTenantHybridConfiguration Internet Protocol (IP) Phone Commandlets -------------------------------------------------------------------------------- Get-CsIPPhonePolicy Set-CsIPPhonePolicy Grant-CsIPPhonePolicy Reporting Commandlets -------------------------------------------------------------------------------- Get-CsUserSession Get-CsActiveUserReport Get-CsP2PSessionReport Get-CsConferenceReport Get-CsP2PAVTimeReport Get-CsAVConferenceTimeReport Get-CsClientDeviceReport Get-CsClientDeviceDetailReport Get-CsUserActivitiesReport Online User Commandlets -------------------------------------------------------------------------------- Get-CsOnlineUser

×