1
头图

Hello everyone, I am Wang Yuan, a laboratory researcher in this issue. Today, through experiments and a complete operation process, I will introduce to you how to receive and dial PSTN calls in Teams through Microsoft Teams Direct Routing related technologies and lead you to quickly complete the complete configuration process of Direct Routing and SBC. Next, let us go to the laboratory to find out!

Microsoft MVP Lab Researcher

image.png

Teams Phone System

Users who use Teams may not have used the Calling Service function. The vernacular is that you can make and receive calls on Teams. For example, all employees can use Teams to call mobile phones and landlines and various service numbers, and the dialed numbers are displayed. They are all corporate landlines, and the same mobile phone dials the corporate switchboard number to directly call Teams users through the extension number or DID number; or calls in through the PSTN phone in a Teams meeting, or calls an external landline/mobile phone to join the Teams meeting by voice.

08107cdc8e956506ad5e8a484c939c94.png
The implementation of PSTN calls in Teams is done by the Phone System, just like the traditional enterprise internal phone system using the PBX system. Through the Phone System, users can use Teams to make and receive calls, transfer calls, and mute or unmute calls. Phone System users can click on a name in their address book, and Teams can call that person. To make and receive calls, Phone System users can use their mobile devices, headsets with laptops or computers, or use Teams phones. Phone System administrators can manage call options and settings from the same host used for messaging, collaboration, etc.

There are two ways to implement PSTN calls in Teams, namely:

  • Cloud-based service: Phone System with Calling Plan
  • Based on the existing PSTN: Phone System with Direct Routing

Phone System with Calling Plan

This is the easiest way. Think of Microsoft as the operator and directly purchase the calling package. It is like buying a mobile phone, and then choosing the SIM card operator is Telecom/Unicom/Mobile, and choosing the operation After the business, you can choose the package of 199, 299 or 399. After purchasing the package, you can use your mobile phone to make and receive calls. So Calling Plan is also a kind of SaaS service, the structure is as follows:
3594adb6a5b75c4bf304c9f2ee5006f2.png

Phone System with Direct Routing

Direct Routing is a more complicated method, but it is relatively more flexible and changeable. Calling Plan is a number that Microsoft gives you to make and receive calls. Then Direct Routing can use the company’s own phone number to make and receive external calls on Teams. At the same time, it also supports automatic call assistant, call queue, user extension number and other functions. More number rules and routing rules can be implemented through the SBC voice gateway. Based on this method, you need to purchase an SBC voice to make and receive calls in Teams. The gateway device is used to connect the local telephone line operator and Microsoft Teams. The architecture is as follows:
80b13af736d91fb242cf073e10925b84.png

Principle of Direct Routing

To use Teams to make and receive PSTN calls, it is not only the purchase of an SBC voice gateway, but also the configuration of a dial plan so that the number entered by the user on the Teams dial pad can be converted into E.164 format as expected and will be converted according to the user’s location and strategy. The PSTN call is routed to different destination voice gateways and finally delivered to the operator through the E1 line.

First of all, the rule E.164 followed by the Teams Phone System

E.164 is a recommendation of the International Telecommunication Union (ITU-T). It defines the international public telecommunications numbering plan for public switched telephone networks and other data networks. It also defines the telephone number format. E.164 numbers have up to 15 digits. Numbers, written with the prefix [+]. It can ensure that every device on the PSTN has a globally unique number. This number allows calls and text messages to be correctly routed to various mobile phones/landlines in different countries/regions. The standard E.164 number format is:

[+] [Country Code] [Area Code] [Destination Code]

For example: when we are traveling abroad, we want to dial a domestic number for emergency. The correct dialing number should be as follows (take a certain landline in Chengdu as an example):

0734960bbc65eeee1c77aaa3f5cc7942.png
(Interpretation of E.164 format number)
The above phone number can be accurately called from any corner of the world to a landline number called 88888888 in Chengdu. The same rules for calling mobile phones also need to add +86 in front.

The Phone System also follows this number format, so if you want to make a call on Teams, you must add a [+] sign before the phone number.
8d41d938fea42b4233e1f3a8d45207ea.png

(Teams strictly follows the E.164 format)

However, assigning numbers to users on Teams can be less strict in accordance with the standard format of E.164, because in Teams we cannot define the country and corresponding region for a user’s extension number, so the user number in Teams As long as it meets the number starting with +, for example, set a user's extension number to tel:+1234, generally we say that the user's Teams extension number is 1234.

Second, the rules for domestic landline calls

According to the requirements of the Communications Administration and the Ministry of Industry and Information Technology, the mobile phone number is 1:1 and real-name certified, so we can only use the landline number to connect to the Phone System. The PSTN line of the landline number includes SIP trunk and E1 line (that is, what we call 30B+D line), and there are also T1 lines (23B+D) under different foreign standards.

Then we need to understand the following rules for dialing and answering landline numbers:

Dial local landline: directly enter the local landline number to start calling;

Dial a local mobile phone: directly enter the local mobile phone number to start calling;

Dial a foreign landline: Enter the destination area code + the destination landline number to start calling;

Dial a foreign mobile phone: add 0 before the foreign mobile phone number to start calling;

Dial the local service number: directly enter the 3-digit or 5-digit service number to start calling;

Dial a foreign service number: Enter the destination area code + 3 or 5 digits service number to start calling;

Dial the 800 hotline number: directly enter the hotline number starting with 800 to start the call and start the call;

Make an overseas call: After opening the international long-distance function, enter the 00 country code [destination number] to start the call. The 00 at the beginning is the international prefix of our country, which is mainly used to activate the international long-distance number;

specially reminds that when dialing domestic long-distance numbers from landlines, the area codes are 1617810f352193 such as .

Careful students have discovered that the E.164 format is completely different from the dialing method of our domestic landline. Yes, domestic landlines always enter numbers directly to start calling. And the domestic area codes are all numbers such as 010, 021, 028, which start with 0. To be precise, the area code does not have 0 in the standard E.164 format. For example, 010 becomes the standard format and becomes +8610. The area code of Beijing, 021 becomes +8621 in the standard format, corresponding to Shanghai area code, and 028 becomes +8628 in the standard format, corresponding to Chengdu area code.

Finally, Teams Direct Routing

Based on the review of E.164 and our domestic landline dialing rules, we need to understand how to convert a number expected to be called on Teams for number conversion, and whether the user who dials the number has the authority to dial long-distance numbers, and this From which voice gateway the call should be made, it is necessary to understand these issues to plan the SBC and Teams voice routing strategies.

Dial plan:

The establishment of the dialing rules on Teams can make users do not need to consider E.164 rules too much when dialing. Users just enter the number they need to dial according to the regular calling habits, and Teams will help users automatically complete the rest. Various E.164 formats are sent to SBC equipment.

For example, I enter a mobile phone number on the Teams dial pad (no 0 before the mobile phone number means it is a local mobile phone number) for number rule detection, the result will automatically add +86 in front of the number, and the matching rule is the local mobile phone number.

83962b94a62312cfb3b3010b941a9b64.png
(Test the phone number conversion in the Teams Management Center)

b7f1148b21a5898e059299495464e1fc.png
(Enter the phone number to call in the Teams client)

9ef3e0dc0737d2d7f1517c0d232f8a31.png
(Teams dialing interface automatically adds +86 to the phone number and starts calling)
For another example, if a Beijing user is assigned a dialing strategy in Chengdu, then a Beijing user who wants to dial a number in a local unit in Beijing will become the area code of +628 Chengdu and sent to the SBC voice gateway, and finally to the Chengdu telecom operator. At this time, either this is an empty number, or the number belongs to a certain unit or individual in Chengdu. In short, the expected number of the local unit in Beijing cannot be reached.

548762414d8e23b0b72972bc30188c21.png
(Manage user dial plan)
To make it easier for everyone to understand, please look at the dialing chart below. The dial record marked in red is the global default dial plan I used, and the dial record marked in green is assigned the dial plan of CN-Chengdu to the current account.

Since my current Microsoft 365 tenant is registered in Hong Kong, even if there is no dialing rule created in my global dialing policy, by default, the area code of Hong Kong +85 will be added to the dialed number, praise Microsoft!

After the CN-Chengdu dial plan strategy is assigned, entering 66668888 in the Teams dial pad will automatically fill in the country code +86 of China and the area code 28 of Chengdu. With the dial plan, Teams knows whether the user's ultimate intention of dialing is a local call or a long-distance call or another call.
36268a8ce91d0198111d73848479d824.png
(Different dial plans have different final number conversion effects)

Voice routing strategy:

Voice routing is more like Teams Phone System gets a number that the user ultimately wants to dial, and then it needs to match which voice gateway device the number should be routed to, so it involves the content in the following picture.

For example:

In the figure below, there is a strategy called CN-Chengdu-AllCalls. The matching dial mode is that as long as the number dialed on Teams is preceded by a "+" sign, it will be directly routed to [cdsbc.and-sc.com] , a voice gateway Finally, a call is initiated from a telecom operator in Chengdu to the destination number, which is the most rude mode.

So, what if I only want a certain colleague in Chengdu to use Teams to make calls to only local landlines, not long-distance and international calls? Very simple, we only need to create a voice route (CN-Chengdu-Local is already in the figure below). In this route, we write the matching dial pattern as ^+8628\d+. This dial pattern means that as long as it is in Teams The final number in the dial is any number starting with +8628. We route this number to [cdsbc.and-sc.com] which is a voice gateway and finally initiate a call from a telecom operator in Chengdu to the destination number , On the other hand, calls starting with +86XX other numbers will not be routed. Similarly, we also need to create a corresponding strategy in the voice routing strategy, use PSTN usage to associate it with the voice routing, and finally assign this strategy to users who are restricted from dialing long distances.
9679bfe687e956ad9318e3cab5e71b53.png
(Voice routing)

d61c4aa03e74266d3e6c0d6afa875438.png
(Voice routing strategy)
One of the above requirements is that a local user in Chengdu can only make local calls, but in fact, local calls have local mobile phones in addition to local landlines. The strategy we give is to route numbers starting with +8628, and the local mobile phone becomes E The .164 format is followed by a number like [+86189XXXX1042]. According to the policy, such a number cannot be routed to the voice gateway. Therefore, it is unreasonable if only matching a dial pattern is . The scenario where long-distance dialing is prohibited should also include the ability to dial the local mobile phone number. At this time, we need to complete two actions:

①Add CN-Chengdu-Mobile in the voice routing, and write the matched dialed pattern as ^+86(1[345789]\d{9})$, this dialing pattern means starting with +86 and the second digit It is 1, the third digit is 3/4/5/7/8/9 and there are 9 digits in the back. This is actually the standard E.164 format of our mobile phone number, such as +86147xxxx9999, this mobile phone The 1 in the number corresponds to the second digit in the rule, 4 corresponds to the third digit, and 7xxxx9999 corresponds to the d{9} in the rule, which is 9 arbitrary digits, and create a new CN-Chengdu- in PSTN usage. Mobile associates to this voice route.

ae1855a10d0f5ba6bd8cbee3ade3fabb.png
(Add CN-Chengdu-Mobile voice routing and create PSTN usage)
②Edit the PSTN usage in the existing CN-Chengdu-Local voice routing strategy, add CN-Chengdu-Mobile to associate the route for dialing local mobile phones in Chengdu.

2311c79ffbc2396f15bc5b0b2c14821a.png
(Add CN-Chengdu-Mobile PSTN usage to existing CN-Chengdu-Local strategy)
After completing the above two steps, users who apply the CN-Chengdu-Local voice routing strategy can route the dialed number to whether they dial a local landline or a mobile phone. [cdsbc.and-sc.com] This voice gateway, And eventually to telecom operators.

So voice routing and strategies include:

  • Matched numbered pattern
  • PSTN usage
  • Associated SBC Voice Gateway

The PSTN usage is just an identification, and the voice routing strategy and voice routing are associated at the same time. When the number entered on the dial pad on Teams is converted into a number in E.164 format and matches the number pattern defined in the voice routing, we will put this The E.164 format telephone number is routed to the SBC voice gateway for further processing. From the above configuration, it may be a bit convoluted at first glance, but I think it is relatively easy to understand as long as the naming of various routes, strategies, and PSTN usage is standardized.

Planning Direct Routing

There are three major parts involved in the entire Phone System with Direct Routing technology, namely:

  • Microsoft365 tenant: Provide Phone System and Direct Routing technology and voice routing configuration
  • SBC Voice Gateway: Provides a session border controller to connect the local PSTN network to the Microsoft Phone System
  • PSTN operators: commonly known as telephone line operators, such as China Telecom, China Mobile, and China Unicom, provide relay or E1 lines for PSTN access and dial-out.

b093c653336598c0d9b6db4679422305.png

Microsoft 365 tenant

First of all, you must ensure that you currently have a Microsoft 365 Global Edition independent tenant (Phone System currently supports GCC DoD environment)

In the current Microsoft 365, the corporate domain name is bound. The default domain name of Microsoft 365 is .onmicrosoft.com. The FQDN of SBC equipment does not support such generic domain names, and only supports .contoso.com domain names.

cdddebf3372e45267af3b4d63bf13afa.png
(Domain name bound in Microsoft 365)

Have the authority to control the Micrsofot 365 environment, and the operating account requires at least the Teams administrator authority for operations such as adding SBC devices, configuring voice routing strategies, and assigning strategies.

On Microsoft 365, a separate Phone System license is also required to be allocated to users. If the E5/A5 license has its own Phone System license, if it is not for this version, you need to purchase an additional Phone System license and assign it to the users who need to make and receive calls. User.

Direct Routing can be configured in Teams Admin Center or in Powershell. If you need to configure through Powershell, you need to install the Teams module in advance for remote connection. The command is as follows:

Install-Module -Name PowerShellGet -Force -AllowClobber

Install-Module -Name MicrosoftTeams -Force -AllowClobber

Since the SBC and Phone System are directly connected using Direct Routing technology and all adopt the https TLS protocol, they need to trust each other. At this time, the Direct Routing node is:

  • sip-all.pstnhub.microsoft.com
  • sip.pstnhub.microsoft.com
  • sip2.pstnhub.microsoft.com
  • sip3.pstnhub.microsoft.com

Through the query, we know that Microsoft Direct Routing uses the certificate issued by Baltimore CyberTrust Root. Therefore, you need to obtain this CA certificate before configuration and import the SBC device to trust Teams Direct Routing.

SBC Voice Gateway

In this part of SBC, a Microsoft-certified device is required for configuration. The certified SBC devices include the following brands:

AudioCodes、Ribbon Communications、Thinktel、Oracle、TE-SYSTEMS、Metaswitch、Cisco、Avaya、Nokia、Italtel、Ericsson、Cataleya、ULTATEL、Atos、Sansay Inc.、Enghouse Networks、Patton Electronics Co.、M5 Technologies(previously known as Media5 Corporation)、Ekinops、46 Labs LLC

The specific model version can be inquired through this link:

Secondly, the SBC device needs an FQDN name that can be resolved in the public network DNS for the Teams Phone System to discover the SBC device on the Internet, so at this time, the enterprise IT administrator is also required to have the public network DNS management authority.

In addition, the SBC device needs a fixed public network IP address to externally map the port, which is used to establish a SIP connection with the Phone System, so the IP resolved by the DNS should also be the public network fixed IP address.

The externally mapped ports of the SBC device are as follows:

image.png

(Note: The media port 16384-16884 varies according to the port range of different devices)

Finally, the SBC device also needs an SSL certificate (wildcard certificate *.contoso.com can be used), which is used when establishing a SIP Trunk connection with the Phone System. Currently, when connecting to the SBC gateway through Direct Routing technology, the SSL certificate on the SBC is only The following certificate authorities are supported (the GCC environment only supports certificates issued by DigiCert authorities):

ea9926c738a55855f8df8563cebfdc8c.png
(Supported Certificate Authority)

PSTN operator

The last is the line that the PSTN operator needs to provide, which can be a SIP line or an E1 line that can be connected to the SBC equipment.

In fact, a set of Teams Direct Routing is not simple to implement. In addition to the content listed above, it also includes: how the customer's dialing habits and dialing rules are defined, the planning of multi-site SBC, the configuration strategy according to the dialing authority of different users, etc. It is not just a single article that can be detailed, but also requires multi-party communication. The next article will share the operation of the configuration phase for everyone.

, we have learned about the related principles of Teams Phone System with Direct Routing and the planning before implementation. Next, I will continue to lead you to quickly complete the complete configuration process of Direct Routing and SBC.

Microsoft Teams configuration

Before configuration, it is recommended to order various rules and strategies in a certain standard format for later operation and maintenance. For example, they can be named according to the description of country-region-rules, for example:

US-CA-Local represents the local phone number in California, USA

CN-CD-Local represents the local phone number in Chengdu, China

This article uses PowerShell configuration to share (Teams module needs to be installed in advance, the previous article has related requirements and installation commands).

Connect to Teams remote management through the Connect-MicrosoftTeams command.

4e61435a0ed938b92b92c6e06a6b0909.png
(PS connects to the Teams Management Center)

Step-1, create a dial plan

Before creating a dial plan, you can use Get-CsTenantDialPlan to view the current dial plan and detailed rules. For example, I already have dial plans for CN-Beijing and CN-Chengdu. You can see the detailed rules. It has been defined that the area code for Beijing is 10 and the area code for Chengdu is 28. When making a local call, Teams' dialing rules will automatically complete the phone number area code according to the dialing strategy assigned by the current user.

363af56431898ad4e01b800758627e4a.png
(Check the currently existing dial plan)

Next, I simulate a new dial plan in Shanghai.
The dial plan of the Shanghai area will be used in the subsequent configuration. In order to facilitate the configuration, the dial plan of the Shanghai area will be assigned a variable. The following configuration can directly call this variable.

Define a variable DPParent with a value of CN-Shanghai.

Then use the New-CsTenantDialPlan command to create a dial plan collection. The description can be customized as shanghai dial plan.

Next, create a new number specification rule, that is, a detailed dialing rule. For example, the customer defines the internal extension number, and Teams dial each other's extension number without entering the UPN address to make a call. The defined internal extension number is 4 Digits, add a "+" in front of the extension number to become an E.164 format number.

The created number specification rule is then put into the dial plan CN-Shanghai created before.

691eda6b27d47aba08588b2a0730e776.png
(Create a dial plan and standardize number rules)
Next, define some number specification rules for dialing various external calls, and name these rules.

Take the CN-Shanghai-Local number specification rule as an example:

The 7-digit or 9-digit phone number starting with 1 to 9 for the number dialed in the Teams dial pad needs to be converted to +8621 [the number entered in the Teams dial pad], which means that this rule corresponds to dialing The Shanghai local number will automatically add "+8621" in front of the dialed number to convert it into E.164 format and then send the phone call to the SBC gateway through Direct Routing.

ec02ffc0cdff2dbeb5780c3da6c29c46.png
(Create number specification rules)
Apply the created Normalization to the dial plan of CN-Shanghai through Set-CsTenantDialPlan.
b77e07e32676f452dfee68f145fa99a4.png
(Apply number specification rules to dial plan)

Such a dial plan in Shanghai, China has been created, and you can return to the Teams Admin Center to test whether the created dial plan takes effect through the graphical interface.

At this time, there are 3 custom dial plans in my tenant: CN-Beijing, CN-Chengdu, and CN-Shanghai.

afbde7e365baa1c9c1870ce953e3616c.png
(Dial plan collection)
After entering the CN-Shanghai dial plan, all the number normalization rules we created have appeared.

At this time, enter the number 66666666 in the test. The default is a local phone number in Shanghai. At this time, it is expected to be +862166666666, and the result is also in line with expectations, and I am informed that the normalized rule CN-Shanghai-Local is matched.

9896fdc40d036c152357d16a0e67e91b.png
(Shanghai local number specification test)
What if users using this dial plan need to dial a long-distance landline in Chengdu? Let's see the result

Note: The long-distance number I entered here is a number starting with 028 in strict accordance with our National Telecommunications Bureau’s dialing rules for domestic long-distance, but in the E.164 format, the 0 before 28 will be eaten and become +862866666666. This is in line with our expectations.

Special attention: Domestic operators may not accept destination area codes like +8628 depending on the region. In the project, you need to communicate with the operator to confirm. If you don’t support accepting +8628 and similar area codes, only +86028 will be accepted. There are two ways to solve this problem:

  • Method 1: Rewrite the converted number rule into +860$1 in the number specification rule of the dial plan, and make up the 0 that was eaten.
  • Method 2: Add 0 to the number sent by Teams in the number conversion rule of the SBC voice gateway.

fa0aa8789cd110330b23fccdd70097bf.png
(Long distance number specification test)

Step-2, create PSTN usage

Go back to PowerSherll and add a PSTN usage logo, which is defined as CN-Shanghai-AllCalls.

d828f78305ed56fc026dc42d3403e7a8.png
(Create PSTN usage)

Step-3, create a PSTN gateway

Next, you need to create a PSTN gateway, because in addition to matching dial plan patterns and defined PSTN usage, you also need to know which PSTN gateway this route will eventually go to.

So first define the following information:

  • The FQDN name of the PSTN gateway is shsbc.and-sc.com;
  • SIP signaling monitoring port is 5061;
  • The maximum concurrency is 30 (the maximum concurrency of E1 line is 30);

Then use the New-CsOnlinePSTNGateway command to create a PSTN gateway.

9e39a4b1eaeb34111d21257c94fab115.png
(Create PSTN usage)

Step-4, create a voice route

After creating the voice gateway, you can start to create the voice route. First, we still define the value of the PSTNGW variable as shsbc.and-sc.com.

Then use the New-CsOnlineVoiceRoute command to create a voice route, named CN-Shanghai-AllCalls, the associated PSTN usage is also the CN-Shanghai-AllCalls created just now, and define the matching to all numbers starting with + and apply to This strategy is finally routed to the PSTN gateway of shsbc.and-sc.com.

It’s not difficult to see that I’m relatively simple and rude here. All users can actually make any call, whether it’s long-distance or local calls. If the permissions are divided more carefully, you can create more for which users can call long-distance landlines and which users can call long-distance mobile phones. Voice routing and PSTN usage, and assigned to the corresponding personnel (detailed configuration can refer to the previous article).

330b47192c8b7a991b5ad66e572b09cf.png
(Create voice route)

Step-5, create a voice routing policy

Having defined the voice routing above, we then use New-CsOnlineVoiceRoutingPolicy to create a voice routing policy, named CN-Shanghai-AllCalls and associated with PSTN, using CN-Shanghai-AllCalls.

c8fed47493428ecbd62ae5b1bdd68103.png
(Create voice routing policy)

Step-6, apply the policy to the user and test

Finally, we take a test user and set the URI to tel:+0000 as his number on Teams, and enable his enterprise voice function (provided that the user must have Phone System permission).

The command is Set-CsUser, as shown below:

1918eb299fae3ae9366fa0487011eb6f.png
(Set subscriber line number)
You can use PowerShell to assign the strategy, or you can set the user's dial plan and voice routing strategy through the graphical interface in the Teams Management Center (the green part has shown that the user's phone number on Teams is +0000).

34ff0677933ee96df507e4bee8c86564.png
(You can edit the user policy in the UI interface)
At this point, our configuration on Teams has been completed. In Direct Routing, we can also see that the shsbc voice gateway we created has appeared, but it is in an inactive state, because the SBC voice gateway has not been configured with the Phone System. Establish a SIP Trunk connection.

70cfb9182d9cf4ad89be2f6f2d02390a.png
(SBC device list and status)
In the voice routing, you can also see that the dialing mode for all voice routing that allows outbound calls in the Shanghai area is as long as the number starts with +, and after the PSTN usage is associated, it will be directly sent to the voice of shsbc.and-sc.com. Gateway.

c9882349aa30dbf6b84d7d9132450a43.png
(CN-Shanghai-AllCalls voice routing rules)

SBC voice gateway configuration

At present, Microsoft-certified voice gateway brands are basically foreign brands. For example, Audiocodes and Ribbon both provide virtual machine-based voice gateways in the Azure application market. E.g:

517ecf2d5b8c4c87f9538b81296cbd92.png
(Aoke VE series SBC)

c9bbaaf2de38beca9b5961f888dd4599.png
(ribbon SWeLite SBC)
So, I will share with you how to create an SBC virtual machine and configure SBC based on SBC on Azure. Taking Ribbon SBC SWe Lite as an example, the whole configuration process is as follows:

  • Create SBC virtual machine;
  • Create a public DNS record to point to the fixed public IP of the Azure virtual machine;
  • Apply for a certificate containing SBC FQDN DNS (wildcard certificates can be used);
  • Prepare the MS Phone System CA certificate (you can get the download link by replying to the "certificate" in the official account);
  • SBC virtual machine port mapping;
  • SBC ACL configuration;
  • SBC SIP Server configuration;
  • SBC SIP Profiles configuration;
  • SBC TLS Profiles configuration;
  • SBC Media Profiles configuration;
  • SBC Media List configuration;
  • Signaling Group configuration;
  • SBC Call Routing configuration;
  • SBC Transformation configuration;

Looks like a lot...Don’t be afraid to follow me and continue to look down

Azure-based SBC can only be connected with operators through SIP. If you buy a device such as ribbon SBC1000/2000, you can support E1 line to connect directly to the device, so you can only choose IP-based when creating a SIP Signaling Group. Signaling and cannot create ISDN signaling.

Part-1, Create SBC SWe Lite virtual machine

First of all, you need an available Azure tenant, and then you can directly search for Ribbon, choose SBC SWe Lite & Quick Launch, if you directly choose SBC SWe Lite, you can also create a virtual machine based on the system image provided by Ribbon, but you should be careful not to choose the D series Virtual machines, except for the DS3_v2 virtual machine, can only support 2 network cards at most. You can choose the B series virtual machine, because 3 network cards are required in SWE, one network card is used for management, and the other two network cards are used to transmit signaling And media, in addition, complex IP routing configuration is required, so it is recommended to use Quick Launch.

894b9db2fbcd46ae32792c757bde3403.png
(SBC SWe Lite & Quick Launch)
Then click Create.

bb353e0f3f8334883346325440477f15.png
(Create SBC SWe Lite virtual machine)
Next, select the resource group. Here I use the direct creation method. You can also create the resource group and subnet in Azure Portal before creating the virtual machine, and define the location of the virtual machine as East Asia (the region can be in Teams Admin Use the global map in the Center to quickly check which regional voice gateways are faulty), fill in the virtual machine name (the name of the virtual machine cannot be modified once it is created, it is recommended to use geography-function-role) and the range of concurrent calls.

6cbef3e91dbdbb24445ce0ca09340895.png
(Create resource group and virtual machine naming)
Next, select the size of the virtual machine. The default for the demo is that 2 cores and 4GB of memory are sufficient, and a storage diagnostic account is automatically created.

037e36d401474f1da7ffaf765fe4235d.png
(Select virtual machine size)
Next enter the network configuration, it will automatically create a virtual network based on the name of the virtual machine, such as CN-SH-SBC-SWeLite-VirtualNetwork, and also create three different subnet network cards for management, signaling, and media transmission.

9d16601b21c47de23d8e5434f43767fe.png
(Confirm subnet information)

Next, enter the pre-settings of SWeLite, including the administrator user name and password (the login account when managing the SBC through the Web later), the definition of the SBC system including the host name and domain name (here to be the new PSTN on Teams in the previous article) The gateway FQDN remains the same).
44e2c5de53179aa2f6636a8293450875.png
(Define the management account and initial password, FQDN)
Next, check the configuration before creating the virtual machine. If it is correct, about 5 minutes after clicking Create, the SBC SWeLite virtual machine will be created according to the expected settings.
8f8dd25b90a9910c265f629e04541443.png
(Check that the machine virtual machine can be created)
After the creation is complete, click on the output bar on the left. At this time, copy the management FQDN and public IP address of SBC SWeLite. You can use the management FQDN when you enter the SBC management web page for the first time. You can also use the IP address for direct access. In addition, the public DNS of the SBC device is also available. This public IP needs to be resolved to communicate with TeamsDirect Routing.
e601a1a86056a97f2a72732594015196.png
(Manage FQDN and public IP address)

3d585f221114803ddee139e29ace72a0.png
(Use IP address to log in directly)

1d4598f0d03b57dd3714f19a50e43ef7.png
(Use FQDN address to log in directly)

Part-2, preparations before configuring SBC

1. Create a public network DNS resolution record and point the shsbc host to 52.175.60.156

7856f63f8527e5670f17cbddeeaccec2.png
(Teams dialing interface automatically adds +86 to the phone number and starts calling)
2. You need to change the password to log in to the SBC SWeLite configuration interface for the first time

12ea9afb709ea11bb8b4be6ae2c060b7.png
(Modify the initial password)
3. Upload the certificate

In the SBC certificate configuration, the function of generating CSR files is provided, but in general projects, we will ask customers to prepare a wildcard certificate in advance, and finally export the certificate to us in the PFX file, and we can get this from the PFX file The root certificate (CA certificate) of the certificate authority and the intermediate certificate. I won’t go into too much detail here on how to obtain CA certificates and intermediate certificates. Directly import CA certificates and intermediate certificates and equipment certificates.

Enter SBC Seeting, and then expand Security-SBC Certificate-Trusted Root Certificate. Then click the upload button and select the file upload method to upload the root certificate of the certificate authority of the SBC device.

ed4bd4e4b3d93f57dbe074225e1c0473.png
(Import the CA certificate of the SSL certificate authority)
Use the same method to import the intermediate certificate, and the most important Phone System CA certificate, which is issued by Baltimore CyberTrust Root.

f75f4aee49efe4da5442e4c6122ec4d9.png
(Import the CA certificate of the Phone System certification authority)
Next, select the SBC main certificate. The default is a ribbon self-signed certificate. At this time, we need to replace it with a wildcard certificate or a single/multi-domain certificate that has already been applied for, or import the certificate by importing the pfx file.

0208ca8a0cf306e7f1585e78a4c31006.png
(Import SSL public network certificate)
After completing the action of importing the certificate, the certificate originally issued by ribbon disappeared and became the SSL certificate we applied for.

6ce4d4e7911456bec8fc7002d51ef606.png
(Check SSL public network certificate)
4. Modify the system time

Since the DNS resolution records have been prepared before, at this time, https://shsbc.and-sc.com, and then enter System——Node-LevelSettings in Setting, and set the default Change the UTC time zone to +8 and apply it so that the system time will be displayed correctly.

581a20abd09ba14494f5acfd460c95f2.png
(Modify the system time zone of the device)

Part-3, SBC configuration

The next configuration is the more important content, including ACL, TLS Media Profiles, SIP Server and SG, Call Routing. If the logic of a single configuration is too strong, it will take at least 1 to 3 working days. If there is a problem, it will take longer to troubleshoot. Fortunately, ribbon provides us with a Wizard to configure SBC and Teams Direct Routing. The whole process is very simple. The configuration can be completed in about 3 minutes. At the top, click Tasks and then select SBC Quick Configuration, and click Quick Configuration Wizard.

5270c1c006dacce4dfe8556815d4b595.png
(Select Quick Configuration Wizard)
Step1: Select the mode of configuration

Choose SIP Trunk --- Microsoft Teams, name this configuration Shanghai, choose China as the country to call, and SIP 30 concurrently.

1a73d431f2c51299f2d7469a66d062c3.png
(Select the configured mode)
If you have a SIP line operator including ATT, NTT, etc., you can directly select the corresponding SIP Trunk.

b91e14ce32eb30259928f8ec42b9e7ad.png
(Configuration of SIP Trunk)
Step2: Configure Other SIP Trunk

Here I temporarily use SWeLite as a SIP line provider, and directly fill in the FQDN of the current device. In the Teams Direct Routing configuration, use Ethernet 1 IP as the source IP for signaling and media. The NAT address to be mapped is the Public IP mentioned above, and the listening port is filled in with 5061.

a292c2099f3f24d9c7ae341b0e3049a0.png
(NAT mapping and listening port configuration)
Step3: Check

Check the SIP Trunk configuration and Teams Direct Routing configuration. If you click Finish, all configurations will be completed within 30 seconds.

858cd2fc4509c0174a7f2d2f693b19e2.png
(Check the preset configuration)
After the above steps are completed, add a network port on Azure Portal to let it go.

3c9454c8f07a871a75a262054c5f30cc.png
(Inbound port rules)
Why do I say that SWeLite's Easy Configuration Wizard is great? Let’s take a look at how much the configuration wizard has done for us. The areas marked in green are all configured by the wizard, but Transformation will not help us with configuration. This happens to be the most important point. It controls the number rules for entering and exiting Teams. And the number rules sent to the operator. There is just a default (.*) converted to \1, which means that I will give the number that comes in. Let’s take a look at the other configurations first to check whether the Teams Direct Routing configuration is successful. We only need to see whether the Teams signaling in the signaling group is in the UP state. Click Counters to see the data in and out, SBC and The SIP Options return value between Teams is 200, indicating that the channel has been established.

85bd01868e9e3e6c3bf5431ff6a93443.png
(Judging DR configuration through SIP Options)
There are also such as ACL, TLS Profiles, Media Profiles, Media Lists, SRTP Profiles, etc.

5ee37083536e1a6a350e02d0ac823149.png
(SBC configuration item)
I can see that the status of Teams Direct Routing is OK from the SBC device, but what about the status of the SBC device from the Teams Admin Center? Through the SBC list, you can see that the TLS connection status and SIP status of the shsbc gateway are normal.

f8fb2e4e18c6116b81c33efb0cc8c363.png
(SBC status in Teams Admin Center)
Next, let's try to initiate a call from SBC, or test with the account wangy@and-sc.com, the number of this account is +0000 to test whether the Teams client can receive the call. Enter SBC, click Diagnostics, then select Test a Call in Tools, fill in +0000 for the target number, fill in a mobile phone number for the Calling Number, and then click OK to start the test.

f3a78ba33c5afc66667979093f7256cb.png
(Test a Call)
The call from the SBC device was successfully received on the Teams client.

611de33c5dc63eefed0445ba2f881aaf.png
(Teams client receives a call from SBC)
Well, based on the above content, you can basically use the Teams client to make and receive calls.

Summarize

This article first introduces the principles and preliminary planning of Teams Direct Routing, which is conducive to the in-depth planning and design of Teams voice calls for Microsoft 365 administrators. Then it focuses on the Teams Direct Routing and SBC configuration, which helps Microsoft 365 administrators understand the Teams voice call, which can be dynamically adjusted according to actual needs.

*Source Link:


Here are more Microsoft official learning materials and technical documents, scan the code to get the free version!
The content will be updated from time to time!
208f6785e4bc3f899ded709a80dff426.jpg


微软技术栈
418 声望994 粉丝

微软技术生态官方平台。予力众生,成就不凡!微软致力于用技术改变世界,助力企业实现数字化转型。