Hope you're well.
This is the first follow up to my post on configuring Microsoft Teams Direct Routing. In this post I'll take it one step further and show how to configure an SBC for Direct Routing and a VoIP provider.
I said in my last post that I wanted to write posts on any SBC I got my hands on. I'm starting with an SBC I've blogged about before, Anynode from TE-Systems.
Intro
I covered all of this in my previous post, but just to summarise. Direct Routing is Microsoft's name for On-premises Call Handling (OPCH) for Microsoft Teams using an SBC. Its a way to connect Teams in Office 365 with on-premises lines and PBX systems.
Once configured, Direct Routing enables users homed in Teams to call the PSTN through existing telco lines or SIP trunks on-prem or to make or receive calls to/from users on a connected PBX. This is a much simpler version of how we configured this for Skype for Business Online with Phone System (Cloud PBX) which also needed a variant of Skype for Business Server on-prem.
On with the show!
...........................................................................................................
Configure an Anynode SBC for Direct Routing and a VoIP provider
At this point I'm going to assume that you have Direct Routing configured in Office 365 and you have a gateway, PSTN Usages, Voice Routes and Voice Roputing Policies which are assigned to your users. If you don't, go to my previous post and follow the steps. I'll wait ;-)I'll also assume that you already have your Anynode SBC installed and running. It is very simple and can be summarised as download, double click, next, next, finish. No really, that's just about it.
Once installed just browse to the Web UI. Click start and find "anynode frontend" in the list.
Or open a browser and browse the default URL http://localhost:8088.
Log in with admin and the password you configured. This will open up the dashboard. Your Anynode will be completely default with no configuration entries.
Now click Configuration Mode
Now click Wizard
And choose the template "Microsoft Teams Direct Routing and VoIP Provider" and click next
Now click configure
Create a new network controller. Choose your NIC and IP if you have multiple...
or "any" if you only have one interface.
Specify your TLS port. The default in Anynode is 5067. This is the port that the Anynode is listening on for SIP connections from Microsoft.
Be sure that you use the same port you used when you configure your PSTN Gateway in PowerShell.
e.g. New-CsOnlinePSTNGateway -Fqdn sbc.domain.com -SipSignallingPort 5067 -MaxConcurrentSessions 10 -ForwardCallHistory $true -Enabled $true -MediaBypass $true
Now configure your certificate and private key.
If you already have a certificate you want to use you can import here. You can also create a certificate signing request to give your certificate issuer when placing your order for a new certificate.
Complete your details including common name and address etc
Add additional subject alternate names or leave as the default. By default, Anynode adds the local IP address you have configured in the CSR along with the common name. Click next to continue
Configure the key length. The default (and minimum) is 2048 bit. Click next.
Here's the summary of the CSR. Click download to save a copy of the request file on your local PC.
Once you have downloaded, click finish.
If you can order and obtain a certificate in a few minutes, congratulations! Simply import it here. I went away and ordered the certificate and it took a little while to verify and get back. Of course the browser session got bored waiting and timed out to the login screen. So just repeat all the previous steps except for generating a CSR.
Just tick import and click next.
When I received my certificate I used the DigiCert certificate tool to install it, them I exported it to a file with the private key and the certificate chain to a single pfx file.
Click choose files and browse to your certificate file.
Once the certificate is imported, a summary of the certificate is displayed. Check the details and click next.
If your certificate file doesn't have the certificate chain intact you can click request chain to obtain it. Otherwise click next.
Now configure your SBC FQDN. Anynode guesses what it should be from the certificate you created. If you created or imported a wildcard cert, enter the correct name here. This is the name you will use when you configure your Online PSTN gateway.
Configure any incoming and outgoing manipulations here.
Now give your node a name. It is a good idea to make them descriptive enough so you know what your looking at later if you have multiple. In this case leave it as the default and click next.
Here is the summary of your new Direct Routing node. Check it over and click next to configure your VoIP provider.
Click configure to add a connection to your VoIP (SIP trunk) provider.
In my case I use Sipgate. Select your provider from the list or other if your provider isn't in the list and click next.
TE-Systems periodically add new provider templates to the list. If you don't see yours and think you need to use it a lot, ask your account manager and they may add it in a future version.
Now create a new network controller for your SIP connection and configure it as before. If you have a dedicated link to your provider make sure you choose the correct NIC. Once configured, click next.
Configure the ports your provider uses for the connection. Sipgate uses 5060 and 5063 as standard. Once configured, click next.
If you connect to your provider through a NAT tunnel, configure it here. Otherwise click next to continue.
Configure the remote SIP domain and click next
If your VoIp provider doesn't use credentials to connect, tick no credentials needed.
Sipgate issues credentials to use for connecting to VoIP phones and SBCs. Enter your details and click next.
Now configure the SIP registration. Click edit...
...and enter the following and click Ok
The SIP registration settings you just entered should be present. Sipgate uses the address of record which includes your account number/name to form part of the connection. Verify and click next.
Configure a SIP proxy if you have one and click next.
This next screen configures your network peer white list. Add more if you have any or just click next.
Give your SIP node a name. If you selected a provider from a template the default name will the the name of the template. Again make it meaningful if you have multiple. Don't just call it "SIP Trunk". This will help you when you need to edit later on. Now click finish
Now you will see the summary screen for your VoIP provider. Click next to configure routing.
Anynode calls their source and destination routing Routing Domains. You can choose to use Direct Routing to route calls with or without a prefix.
Configure what you want and click finish.
And that's just about it. You now have a connection to/from Microsoft Teams for Direct Routing and to/from your VoIP or SIP Provider.
You should see your Nodes and Routing Domains listed in the configuration screen. Now click commit to commit the config to memory.
Then click monitor mode to go to the dashboard. You will see a node and network controller for your Direct Routing and SIP connections. OK means they are connected outbound.
To make sure Microsoft Teams can connect to your SBC click on the node to open it up. You should see SIP Options and packets being sent and received. As you can see, the SBC connects outbound to your primary, secondary and tertiary hubs.
If you haven't received any options or you have failed packets there is a problem. Most likely the network or firewall or possibly a misconfigured SIP Signalling Port in your Online PSTN Gateway.
There are a couple of things to configure still to make sure it all works. In particular, for your SIP provider. Sipgate uses the address of record as standard in the SIP header for security. You also want to make sure your SBC forwards the called number to Teams or any other connected node.
Click on Configuration Mode
Now expand Configuration and Nodes and click on Sipgate (or the name of your provider) and click SIP User Agent.
Scroll down and tick "To Header" under Derive Destination-URI from.
Sipgate sends "sip:accountname@sipgate.co.uk" as standard for all incoming SIP messages. When your routing group forwards that on to Teams, Teams won't know what to do with that because your telephone number isn't your SIP provider account number. It is probably some E.164 number.
Sipgate also sends an automated area code which adds a 00 before your area code. In my case 0044 and the number. You need to create an incoming manipulation to change that and convert the called number to E.164.
Click on SIP Node and where it says dial string manipulations, click add.
Choose Prefix and Suffix Manipulation and click next
Enter 00 in Prefix
Delete the first 2 leading characters
Add prefix + to convert to E.164
And click finish
You'll see your manipulation in the list
Now just click Commit to save and write the changes to memory.
Time to test
Go back to monitor mode to open the dashboard and click Active Sessions.
Place a test call from Teams. You should see your call on the SBC and with any luck, the person you called will receive a call and will answer.
One last thing. Save your config to a local file just in case. Go back to Configuration mode and click configuration and export.
And that's it! I know it seems like a lot of steps, but this represents about 5 minutes' work. Maybe 10. It will be 5 if you've done it a few times.
That's all for now folks!
Additional Info
If you want information about this or any of the other products from TE-Systems visit their website.
For detailed information about the Anynode SBC click here.
TE-Systems produced a great YouTube video on how to do it.
https://www.youtube.com/watch?v=_NAPru5q2c4
