Sonus SBC SIP Trunk Config (Registration Mode)

I have recently been tasked with the deployment of a new SIP trunk for an office in Hong Kong, working with a relatively new SIP trunking provider in this region.

The deployment topology itself is straight forward; centralised SfB 2015 pools deployed to central sites, with local gateways servicing local PSTN connections at each geographically dispersed office location, a distributed SIP trunking topology. Each of the local site gateways was provisioned with SBA functionality. The local gateway being provisioned was a Ribbon SBC1000, very familiar technology.

Our SIP circuit was a registration mode trunk, meaning that a registration process must be completed with the trunk to authenticate and then subsequently, each outbound call would also need to respond to a challenge request.

This was the first trunk I had encountered using this mode so I thought it would make a good blog entry. This post, won’t go into the depths of the initial configuration of the gateway and SIP circuit, but will focus on what is needed that is different to the typical SIP trunk configuration.

From here, I assume you have deployed the following:

  • The initial SBC configuration, networking, hostname and SBC certificate
    A signalling group has been created representing the PSTN provider (we will apply additional config here)
  • A signalling group has been created representing an SfB Pool / SBA / STD Edition server
  • Call routing tables have been created
  • Call transformation tables have been created

If you do need some advice on the above, the following blog article but my friend Mark Vale is a great multi-part walk-through:

https://blog.valeconsulting.co.uk/2016/02/29/skype-for-business-and-sonus-part-1-getting-started/

So assuming the above is all in place, the very first thing to configure are the Contact Registrant and Remote Authorisation tables which can be found under the SIP configuration node. I have seen references to configuration guides that state, that only the Contact Registrant table is required, certainly in my instance I had to configure both tables.

The Contact Registrant contains information in relation the Realm and User ID used when registering on the trunk and the Remote Authorisation table contains the credentials. This was my first hurdle and it purely came down to a language translation barrier so one word of advice would be really to clarify that you have all of the information required and in a supported format for the SBC1000.

The following settings were applied across my tables:

Contact Registrant Table:

Contact Registrant Table

 

 

 

 

Remote Authorisation:

Remote Authorisation Table

 

 

 

 

 

 

To confirm that you have successfully registered, the easiest way is to simply view the status of the contact registrant table, for further confirmation you can also monitor the registration request via LX or Wireshark, you will see a 200 OK response for a successful registration. Any failures at this point are likely to be due to the realm, user ID or password across the tables.

 

 

 

 

 

 

 

Once the trunk is registered, like me you will be tempted to make a test call (in my instance I actually believed I had the configuration ready). Now depending on your trunk, these calls may be OK, my test calls were failing and upon viewing an LX trace from the gateway, our provider was immediately responding with 404 User Not Found for a valid local HK telephone number:

404 not found

 

 

 

 

 

 

I went back to the provider and requested [politely demanded] additional configuration information. They responded this time with an internal configuration guide, that, would have been useful at the very start!
Within this guide, the provider stipulated the following:

  • From: DN@sipprovider.com (for example  21111111@sipprovider.com)
  • PAI: PilotDN@sipprovider.com (for example 21111111@sipprovider.com)

This is significant information needed on the trunk for the correct presentation of the call, to the provider before they will accept the call.

To manipulate the FROM header, I initially did a literal replacement of the entire FROM field, resulting in 21111111@sippovider.com being presented using SIP Message Manipulation.

SIP Message Manipulation

 

 

 

 

 

I also did the same for the HOST portion of the PAI field and replaced it with SIPPROVIDER.com

So now, my invites outbound, to the best of my knowledge, should be presented in a format that the provider accepts – boy was I wrong.

Upon sending an invite now, the provider was sending a 401 Challenge Request which was expected, now the issue was that our SBC was simply not responding to the challenge request and re-inviting without any authentication

Invite:
INVITE sip:21111111@sipprovider.com:5060;user=phone SIP/2.O
Allow: INVITE, ACK, CANCEL, BYE, NOTIFY, OPTIONS, REFER, REGISTER, INFO, UPDATE, PRACK
call-ID: call-6A941SOO-OOOO-0010-1911-A@10.239.42.81
Contact: <sip:21111111@local-sbc.com:5060;transport=UDP;maddr=1.1.1.1>
Content-Length: 308
Content-Type: application/sdp
cseq: 2 INVITE
From: <sip:22222222@sipprovider.com:5060>
Max-Forwards: 69
Min-SE: 600
P-Asserted-ldentity: <sip:22222222@psipprovider.com:5060>
Session-Expires: 3600
Supported: replaces,update,timer,100rel
To: <sip:21818888@pccwone.com:5060;user=phone>
Via: SIP/2.O/UDP

This one had me stumbled for a couple of hours, I started looking at the logs, line by line and then noticed that the FROM: field, did not contain a ;tag=xxxx;sgid=x, this tag  information is what a UAS uses to determine that a call is not a duplication session (if you want to dig a little deeper https://www.ietf.org/rfc/rfc3261.txt), and which signalling group should manage the connection and without this our SBC was not responding as we would expect it to. It can be found correctly formatted in the image below:

 

 

Confirmation of this theory became apparent when I found the following errors in the SBC log:

LX Error Log

No tag value in FROM header, it then goes on to fail to find a suitable signalling group.

Taking a step back reviewing my options I decided to revert the FROM manipulation and not implement it using SIP Message Manipulation, and use the more simplified SIP profile options to set a static FQDN for both TO and FROM fields:

 

 

 

 

 

 

 

 

 

 

 

 

 

 

This did the trick, my call was correctly presenting ALL required ITSP information, calls were not permitted inbound and outbound!! SIp Message Manipulation could have achieved what we needed in this point, but the SIP profile is easier configuration for anyone to pickup and read so we opted for this method.

Additional notes:
We were using EXT prefix in a user Line URI and this was affecting the presentation of the P-Asserted Identity field. To overcome this, within the ITSP SIP Profile, we set the following:

  • Calling Info Source: FROM header
Advertisements

Persistent Chat – All Channel Servers are down

I was recently rebuilding my home lab, purely as a refresher when I ran into a (new for me) hurdle when deploying Persistent Chat.

I had deployed;

  • Single standard Edition Server
  • SQL Server with Reporting Services, hosting Monitoring and Archiving

I had then decided to update my deployment by adding Persistent Chat to my Standard Edition Server (Collocated)

  • My lab was running the most current windows updates and SfB Updates
  • I updated my topology to include pChat
    • FQDN – SE01.uccorey.local
    • SQL Store – SE01.uccorey.local\rtc
    • File Share – SE01.uccorey.local\UCShare (File Share)
    • Remaining options left at default
  • Successfully published my topology with no issues
  • Started the Skype for Business Persistent Chat Service

Issue:

When I then went to manage the service, via the Skype for Business Server Control Panel, I was presented with the following error;

CSCPError

Solution:

The first area I checked was the event viewer logs, initially the “Lync Server” logs were not showing any issues and were only capturing my starting and stopping of the service.

After reviewing the application log, the following error was being presented;

EventViewerError

After seeing this, I updated the permissions, on the MGC databases, under the RTC SQL instance located on my Standard Edition Server and then for good measure, restarted the server – which corrected the issue and allowed me to continue on with my pChat configuration.

Hope this helps you!

Skype for Business SEFA Util

For those wondering, Secondary Extension Feature Activation – SEFA 🙂

I am slow off the mark with this one, but for those Administrators that have been using Lync Server 2013 SEFA Util, you will be pleased to know what a Skype for Business iteration has now been released!

Download here

Continue reading

Office 365 E5 – Cloud PBX

So as Day 1 Keynote has now taken place, several additional anouncements have been made; with respect to UC, the most significant being the announcement of Office 365 E5 Licensing SKU…

From a recent summary email;

New Office 365 E5 offering: In October, we will introduce a new premium Office 365 enterprise suite. The new E5 plan will include Cloud PBX, analytics, Power BI, and advanced security capabilities, providing partners with a complete productivity and communications offering for their enterprise customers.

Stay tuned for more updates as they come through!

 

Skype for Business Mobility App Released

We were teased with the inclusion of an introduction screen in a recent update to Lync 2013 Mobile for Windows Phone, but as of Monday 6th July, version 6.0.1430.0 has been released – Skype for Business for Windows Phone.

Skype4B Intro Skype4B Version

 

 

 

 

 

 

 

 

 

At the moment, it seems to only be available for Windows Phone, with pretty much the same features, with an updated UI as it seems, but I will update if and when I find any differences, also as and when the iOS and Android apps are released – Happy Monday!

 

Centralised Logging Agent – Key does not exist

I hope everyone is well and enjoying their Skype for Business experiences, today’s post is more of a quick tip as opposed to in depth troubleshooting.

The fix will help you with you when troubleshooting at the component level though!

So a colleague of mine was having issues with Unified Messaging integration (which turned out to be a quick fix with OCSUMUTIL.exe), during the troubleshooting process I suggest he used the CLS logging tool.

Continue reading

Skype for Business CU1 Released

Good morning, good afternoon and finally good evening!

On June 19th, Microsoft released the first Cumulative Update for Skype for Business Server 2015.

More information can be found here whilst the actual download is here.

In summary, CU1 addresses the following issues;

  • KB3069206 Exchange UM Auto Attendant can’t transfer call to phone/extension number in Skype for Business Server 2015 environment
  • KB3068921 RTCHost.exe process persistently consumes many CPU resources on a Skype for Business Server 2015 Front End server
  • KB3068926 Default presence configuration parameter is incorrect on a Skype for Business Server 2015 server
  • KB3068920 Skype for Business Web App connected to a wireless network crashes during audio/video or application sharing session
  • KB3068196 Call to a RGS number cannot be transferred to an available RGS agent in Skype for Business Server 2015-based client
  • KB3068197 Skype for Business Server 2015 RGS agent receives a toast for a second call after agent accepts the first waiting call
  • KB3068931 You cannot join a Skype for Business 2015 meeting when the server is deployed in Turkey system locale
  • KB3068932 “Device is not allowed to join” when you click a Skype for Business meeting URL on a Windows Phone 8.1 phone

Keep an eye out for updates to my previous post, for details on how to apply this update!

Happy Monday!

Lync Phone Edition Devices – Not updating

During a recent engagement, I had ran into an issue updating the firmware version on Lync Phone Edition Devices.

I initially kicked off with checks around DNS, Certificates, Ports and everything checked out but phones would still not update.

Test Devices had been configured correctly (using serial number and one using MAC) – still no joy.

The IIS logs are extremely useful; Jeff Schertz has excellent blog posts on Configuring LPE for Lync and Updating LPE devices which go into reviewing the IIS logs. In summary, it enables you to confirm whether devices are communicating with the device update site running on within the front-end pool, or in our case – NOT.

Continue reading

Updating Skype for Business Front End Servers

Following on from my previous post, performing an In Place upgrade, I thought I would put together an overview of the simplified pool update process.

The Skype for Business Server management experience has introduced some very useful commands and processes. Firstly, the In-Place upgrade process itself, which introduced you to the Smart Setup and the Start-CsPool command, all which on their own reduce the operational loads significantly!

In this post, I will walk you through the simplified process of performing maintenance on your Skype for Business Enterprise Edition Front End Servers.

Now to summarise the overall process, I will let these two images do all the talking, on the left is the Lync Server 2013 Patching Process, on the right the same for Skype for Business Server 2015

Continue reading

Skype for Business Server 2015 In-Place Upgrade

Good News – Skype for Business Server 2015 RTM components have been released!!

Bad News for some – VLSC\MSDN Subscription required at the moment 😦

As I haven’t created a walkthrough post yet, I thought there would be no better time to get one on the board and kick off with my experience whilst migrating Lync Server 2013 to Skype for Business Server 2015.

Now an unfortunately a lab demon haunted me (in the form of a Windows Update to Server Technical Preview) on release day (1st May) that completely killed my lab, I did have mirrored databases along with persistent chat and an OWA farm deployed and it would have been interesting to see the Persistent Chat process.

For the purposes of this walkthrough this is what I will be starting off with:

Continue reading