Configuration Note

AudioCodes Mediant™ Family of Media Gateways & Session Border Controllers

Connecting AudioCodes' SBC to

Microsoft Teams Direct Routing
with Local Media Optimization

Enterprise Model
Configuration Note Contents

Table of Contents
1 Introduction .........................................................................................................9
1.1 About Teams Direct Routing................................................................................... 9
1.2 Validated AudioCodes Version ............................................................................... 9
1.3 About AudioCodes SBC Product Series ................................................................. 9
1.4 Infrastructure Prerequisites................................................................................... 10
2 Direct Routing Local Media Optimization .......................................................11
2.1 Introduction........................................................................................................... 11
2.2 Typical Call Scenarios .......................................................................................... 12
2.2.1 Implemented Scenarios ....................................................................................... 13
2.2.1.1 Central SBC Scenario........................................................................... 13
2.2.1.2 Proxy SBC Scenario ............................................................................. 14
2.2.1.3 Local Media Optimization Modes .......................................................... 15
2.3 Online PSTN Gateway Configuration.................................................................... 15
2.3.1 Online PSTN Gateway Configuration (Office 365) - Proxy SBC Scenario ............. 15
2.3.2 Configure Online PSTN Gateway Configuration via UMP 365 (Optional) .............. 15
2.3.2.1 Create PSTN Gateway ......................................................................... 16
2.4 Call Scenario Example Topologies ....................................................................... 17
2.4.1 Always Bypass with Internal Teams User............................................................. 17
2.4.2 Always Bypass with External Teams User ........................................................... 18
2.4.3 Always Bypass with Teams User and SBC in Different Sites ................................ 19
2.4.4 Only for Local Users with Internal Teams User .................................................... 20
2.4.5 Only for Local Users with External Teams User ................................................... 21
2.4.6 Only for Local Users with Internal Teams User in Different Sites .......................... 22
2.5 Configuring SBC for Local Media Optimization (LMO) Proxy SBC ........................ 23
2.5.1 Prerequisites ....................................................................................................... 23
2.5.2 About the SBC Domain Name ............................................................................. 23
2.5.3 Validate AudioCodes' License ............................................................................. 24
2.5.4 Configure LAN and WAN IP Interfaces ................................................................ 25
2.5.4.1 Validate Configuration of Physical Ports and Ethernet Groups .............. 25
2.5.4.2 Configure LAN and WAN VLANs .......................................................... 26
2.5.4.3 Configure Network Interfaces................................................................ 27
2.5.5 Configure TLS Context ........................................................................................ 28
2.5.5.1 Configure the NTP Server Address ....................................................... 28
2.5.5.2 Create a TLS Context for Teams Direct Routing ................................... 29
2.5.5.3 Generate a CSR and Obtain the Certificate from a Supported CA ......... 31
2.5.5.4 Deploy the SBC and Root / Intermediate Certificates on the SBC.......... 33
2.5.6 Method of Generating and Installing the Wildcard Certificate ................................ 35
2.5.7 Deploy Baltimore Trusted Root Certificate ........................................................... 35
2.5.8 Configure Media Realms ..................................................................................... 36
2.5.9 Configure SIP Signaling Interfaces ...................................................................... 37
2.5.10 Configure Proxy Sets and Proxy Address ............................................................ 38
2.5.10.1 Configure Proxy Sets ............................................................................ 38
2.5.10.2 Configure Proxy Addresses .................................................................. 39
2.5.11 Configure Coder Groups...................................................................................... 40
2.5.12 Configure IP Profiles............................................................................................ 40
2.5.13 Configure IP Groups ............................................................................................ 42
2.5.14 Configure SRTP .................................................................................................. 44
2.5.15 Configure Message Condition Rules .................................................................... 44
2.5.16 Configure Classification Rules ............................................................................. 45
2.5.17 Configure Call Setup Rules.................................................................................. 46
2.5.18 Configure Message Manipulation Rules ............................................................... 47
2.5.19 Configure IP-to-IP Call Routing Rules .................................................................. 49

Teams Direct Routing with LMO 3 AudioCodes SBC

 Teams Direct Routing Local Media Optimization

2.5.20 Configure Firewall Settings (Optional) .................................................................. 50

2.6 Configuring SBC for Local Media Optimization (LMO) Remote Site SBCs ............ 51
2.6.1 Configure LAN and WAN IP Interfaces ................................................................ 51
2.6.2 Configure Media Realms ..................................................................................... 51
2.6.3 Configure SIP Interfaces...................................................................................... 51
2.6.4 Configure Proxy Sets and Proxy Address ............................................................ 52
2.6.5 Configure an IP Profiles ....................................................................................... 53
2.6.6 Configure IP Groups ............................................................................................ 54
2.6.7 Configure SRTP .................................................................................................. 55
2.6.8 Configure IP-to-IP Call Routing Rules .................................................................. 55
2.6.9 Configure SBC To Play Music On Hold (Optional) ................................................ 56
2.7 Adapt Gateway to Work with Local Media Optimization ........................................ 58
2.7.1 Configure SBC SIP Signaling Interface ................................................................ 58
2.7.2 Configure SBC Proxy Set .................................................................................... 58
2.7.3 Configure SBC Proxy Address ............................................................................. 59
2.7.4 Configure SBC IP Profile ..................................................................................... 59
2.7.5 Configure SBC IP Group ..................................................................................... 60
2.7.6 Configure SBC IP-to-IP Routing Rule................................................................... 60
2.7.7 Configure Gateway Tel-to-IP Routing Rule .......................................................... 61
3 Verify the Pairing Between the SBC and Direct Routing ...............................63
A Syntax Requirements for SIP Messages 'INVITE' and 'OPTIONS' .................65
A.1 Terminology.......................................................................................................... 65
A.2 Syntax Requirements for 'INVITE' Messages ....................................................... 65
A.3 Syntax Requirements for 'INVITE' Messages in Media Optimization..................... 66
A.4 Syntax Requirements for 'INVITE' Messages in site for Media Optimization ......... 66
A.5 Requirements for 'OPTIONS' Messages Syntax ................................................... 67
A.6 Connectivity Interface Characteristics ................................................................... 68
B SIP Proxy Direct Routing Requirements .........................................................71
B.1 Failover Mechanism ............................................................................................. 71
C Configuration Quick Guidelines.......................................................................73
C.1 Proxy SBC Scenario Topology ............................................................................. 73
C.2 SIP Interface......................................................................................................... 73
C.3 Proxy Set.............................................................................................................. 74
C.4 IP Profile............................................................................................................... 75
C.5 IP Group ............................................................................................................... 77
C.6 IP-To-IP Routing ................................................................................................... 79
C.7 Message Manipulations ........................................................................................ 80
D AudioCodes ARM and SBCs with Teams Direct Local Media Optimization.81
D.1 About AudioCodes Routing Manager (ARM) ........................................................ 81
D.2 Solution Overview................................................................................................. 81
D.3 Configuration of the SBCs .................................................................................... 82
D.3.1 Configuring Proxy SBC for Local Media Optimization (LMO) ................................ 82
D.3.2 Configuring Remote Site SBCs for Local Media Optimization (LMO) .................... 83
D.4 ARM Configuration ............................................................................................... 85
D.4.1 Defining SBC Nodes............................................................................................ 85
D.4.2 Defining Connection ............................................................................................ 86
D.4.3 Defining Routing Rules ........................................................................................ 88
D.4.3.1 Calls from Teams ................................................................................. 88
D.4.3.2 Calls to Teams ..................................................................................... 89

Configuration Note 4 Document #: LTRT-33454

Configuration Note Contents

List of Figures
Figure 2-1: Central SBC Traffic Flow - User at “Home” (Internal) ....................................................... 13
Figure 2-2: Central SBC Traffic Flow - User is External ..................................................................... 13
Figure 2-3: Proxy SBC Traffic Flow - user at “home” (Internal) ........................................................... 14
Figure 2-4: Proxy SBC Traffic Flow - user is external ......................................................................... 14
Figure 2-5: Add New PSTN Gateway ................................................................................................ 16
Figure 2-6: Always Bypass with Internal Teams User ........................................................................ 17
Figure 2-7: Always Bypass with External Teams User ....................................................................... 18
Figure 2-8: Always Bypass with Teams User and SBC in Different Sites............................................ 19
Figure 2-9: Always Bypass with Internal Teams User ........................................................................ 20
Figure 2-10: Only for Local Users with External Teams User ............................................................. 21
Figure 2-11: Only for Local Users with Internal Teams User in Different Sites .................................... 22
Figure 2-12: Example of Registered DNS Names .............................................................................. 24
Figure 2-13: Network Interfaces in the Topology of the Proxy SBC .................................................... 25
Figure 2-14: Physical Ports Configuration Interface ........................................................................... 26
Figure 2-15: Ethernet Groups Configuration Interface........................................................................ 26
Figure 2-16: Configured VLAN IDs in Ethernet Device ....................................................................... 27
Figure 2-17: Configuration Example of the Network Interface Table ................................................... 28
Figure 2-18: Configuring NTP Server Address ................................................................................... 28
Figure 2-19: Configuration of TLS Context for Direct Routing............................................................. 30
Figure 2-20: Configured TLS Context for Direct Routing and Interface to Manage the Certificates .... 30
Figure 2-21: Example of Certificate Signing Request – Creating CSR................................................ 32
Figure 2-22: Uploading the Certificate Obtained from the Certification Authority................................. 33
Figure 2-23: Message Indicating Successful Upload of the Certificate ............................................... 33
Figure 2-24: Certificate Information Example ..................................................................................... 34
Figure 2-25: Example of Configured Trusted Root Certificates ........................................................... 34
Figure 2-26: Configuration Example Media Realms in Media Realm Table ........................................ 36
Figure 2-27: Configuration Example of SIP Signaling Interfaces ........................................................ 38
Figure 2-28: Configuration Example Proxy Sets in Proxy Sets Table ................................................. 39
Figure 2-29: Configuring Coder Group for Teams Direct Routing ....................................................... 40
Figure 2-30: Configuring Media Security Parameter .......................................................................... 44
Figure 2-31: Configuring Condition Table .......................................................................................... 45
Figure 2-32: Configuring Classification Rule ...................................................................................... 46
Figure 3-1: Proxy Set Status ............................................................................................................. 63
Figure A-1: Example of an 'INVITE' Message .................................................................................... 65
Figure A-2: Example of an 'INVITE' Message (External user) ............................................................ 66
Figure A-3: Example of an 'INVITE' Message (Internal User) ............................................................. 66
Figure A-4: Example of an 'INVITE' Message From Site to Teams ..................................................... 66
Figure A-5: Example of 'OPTIONS' message .................................................................................... 67
Figure C-1: IP Profile for Remote Sites and Proxy SBC ..................................................................... 73
Figure D-1: IP Profile for Remote Sites and Proxy SBC ..................................................................... 81
Figure D-2: AC Node for Proxy SBC.................................................................................................. 85
Figure D-3: AC Node for Remote SBC .............................................................................................. 85
Figure D-4: Enable Nodes ................................................................................................................. 86
Figure D-5: Add Connection .............................................................................................................. 86
Figure D-6: Established Connection .................................................................................................. 87
Figure D-7: Teams Voip-Peer............................................................................................................ 87
Figure D-8: SIPTrunk VoIP-Peer ....................................................................................................... 87
Figure D-9: Established Connection .................................................................................................. 87
Figure D-10: Add a Routing Rule for Incoming Call from Teams ........................................................ 88
Figure D-11: Add a Routing Rule for Incoming Call from SIP Trunk ................................................... 89

Teams Direct Routing with LMO 5 AudioCodes SBC

 Teams Direct Routing Local Media Optimization

List of Tables
Table 1-1: Infrastructure Prerequisites ............................................................................................... 10
Table 2-1: DNS Names Registered by an Administrator for an Enterprise Office 365 Tenant ............. 23
Table 2-2: Configuration Example of the Network Interface Table ...................................................... 27
Table 2-3: New TLS Context ............................................................................................................. 29
Table 2-4: Configuration Example Media Realms in Media Realms Table .......................................... 36
Table 2-5: Configuration Example of SIP Signaling Interfaces ........................................................... 37
Table 2-6: Configuration Example Proxy Sets in Proxy Sets Table .................................................... 38
Table 2-7: Configuration Proxy Address for Teams Direct Routing..................................................... 39
Table 2-8: Configuration Proxy Address Towards Remote SiteA SBC ............................................... 39
Table 2-9: Configuration Example: Teams IP Profile.......................................................................... 40
Table 2-10: Configuration Example: SIP Trunk IP Profile (toward remote Site A SBC) ....................... 41
Table 2-11: Configuration Example: IP Group for Microsoft Teams Direct Routing ............................. 42
Table 2-12: Configuration Example: IP Group for Site A SBC ............................................................ 43
Table 2-13: Call Setup Rules Table ................................................................................................... 46
Table 2-14: IP-to-IP Call Routing Rules ............................................................................................. 49
Table 2-15: Firewall Table Rules ....................................................................................................... 50
Table 2-16: Configuration Example: Site SBC SIP Interfaces............................................................. 51
Table 2-17: Configuration Example: Site Proxy Sets.......................................................................... 52
Table 2-18: Configuration Proxy Address for SIP Trunk ..................................................................... 52
Table 2-19: Configuration Example: Proxy SBC Address ................................................................... 52
Table 2-20: Configuration Example: Teams IP Profile (through the Proxy SBC) ................................. 53
Table 2-21: Configuration Example: SIP Trunk IP Profile (toward SIP Provider/ Media Gateway) ....... 53
Table 2-22: Configuration Example: Site SBC IP Group towards SIP Trunk ....................................... 54
Table 2-23: Configuration Example: Site SBC IP Group towards Teams (through Proxy SBC) ........... 54
Table 2-24: Site IP-to-IP Call Routing Rule ........................................................................................ 55
Table 2-25: Update Configuration of the SIP Trunk IP Profile............................................................. 56
Table 2-26: Configuration Example: Site SIP Interface ...................................................................... 58
Table 2-27: Configuration Example: Site Proxy Set ........................................................................... 58
Table 2-28: Configuration Example: Site Proxy Address .................................................................... 59
Table 2-29: Configuration Example: Teams IP Profile (through the Proxy SBC) ................................. 59
Table 2-30: Configuration Example: Site IP Group............................................................................. 60
Table 2-31: SBC IP-to-IP Routing Rules ............................................................................................ 60
Table 2-32: Gateway Tel-to-IP Routing Rule ..................................................................................... 61
Table A-1: Syntax Requirements for an 'OPTIONS' Message ............................................................ 67
Table A-2: Teams Direct Routing Interface - Technical Characteristics .............................................. 68
Table C-1: SIP Interface Proxy SBC Configuration Summary ............................................................ 73
Table C-2: SIP Interface Remote SBC Configuration Summary ......................................................... 74
Table C-3: Proxy Set Proxy SBC Configuration Summary ................................................................. 74
Table C-4: Proxy SET Remote SBC Configuration Summary............................................................. 74
Table C-5: IP Profile Configuration Summary .................................................................................... 75
Table C-6: IP Group Proxy SBC toward Teams Configuration Summary............................................ 77
Table C-7: IP Group Proxy SBC toward Remote SBC’s Configuration Summary ............................... 78
Table C-8: IP Group Remote SBC toward Proxy SBC Configuration Summary .................................. 78
Table C-9: IP Group Remote SBC toward SIP Trunk (PSTN) Configuration Summary ....................... 78
Table C-10: IP-To-IP Routing in the Proxy SBC................................................................................. 79
Table C-11: IP-To-IP Routing in the Remote Site SBC ...................................................................... 79
Table C-12: Proxy SBC Message Manipulation Index 0 ..................................................................... 80
Table C-13: Proxy SBC Message Manipulation Index 1 ..................................................................... 80

Configuration Note 6 Document #: LTRT-33454

Configuration Note Notices

Notice

Notice
Information contained in this document is believed to be accurate and reliable at the time of
printing. However, due to ongoing product improvements and revisions, AudioCodes cannot
guarantee accuracy of printed material after the Date Published nor can it accept responsibility
for errors or omissions. Updates to this document can be downloaded from
https://www.audiocodes.com/library/technical-documents.
This document is subject to change without notice.
Date Published: August-23-2021

WEEE EU Directive
Pursuant to the WEEE EU Directive, electronic and electrical waste must not be disposed of
with unsorted waste. Please contact your local recycling authority for disposal of this product.

Customer Support
Customer technical support and services are provided by AudioCodes or by an authorized
AudioCodes Service Partner. For more information on how to buy technical support for
AudioCodes products and for contact information, please visit our website at
https://www.audiocodes.com/services-support/maintenance-and-support.

Stay in the Loop with AudioCodes

Abbreviations and Terminology

Each abbreviation, unless widely used, is spelled out in full when first used.

Teams Direct Routing with LMO 7 AudioCodes SBC

 Teams Direct Routing Local Media Optimization

Related Documentation

Document Name

Mediant 500 Gateway & E-SBC User's Manual

Mediant 500L Gateway & E-SBC User's Manual
Mediant 800 Gateway & E-SBC User's Manual
Mediant 1000B Gateway & E-SBC User's Manual
Mediant 2600 SBC User's Manual
Mediant 4000 SBC User's Manual
Mediant 9000 SBC User's Manual
Mediant Software SBC User's Manual
Gateway and SBC CLI Reference Guide
SIP Message Manipulation Reference Guide
AudioCodes Configuration Notes

Document Revision Record

LTRT
47B Description

All information related to Local Media Optimization was removed from document
‘Connecting AudioCodes' SBC to Microsoft Teams Direct Routing Enterprise Model’
33450
and included in this document. Added Appendix “AudioCodes ARM and SBCs with
Teams Direct Local Media Optimization”
33451 Update for Message Manipulation rule towards Microsoft Teams.
33452 Updated parameter name.
Update to SIP Trunk IP Profile and validated firmware version. Update to the Firewall
33453
Table Rules table with additional IP addresses for the new infrastructure DCs.
Added section for overcoming problem of not playing music on hold during
33454
conversational transfer.

Documentation Feedback
AudioCodes continually strives to produce high quality documentation. If you have any
comments (suggestions or errors) regarding this document, please fill out the Documentation
Feedback form on our website at https://online.audiocodes.com/documentation-feedback.

Configuration Note 8 Document #: LTRT-33454

Configuration Note 1. Introduction

1 Introduction
This document describes how to connect AudioCodes' SBC to Teams Direct Routing with
Local Media Optimization and refers to the AudioCodes SBC configuration only. For
configuring the Office 365 side, please refer to https://docs.microsoft.com/en-
us/microsoftteams/direct-routing-configure.
This document is intended for IT or telephony professionals.

Note: To zoom in on screenshots of example Web interface configurations,

press Ctrl and +.

1.1 About Teams Direct Routing

Teams Direct Routing allows connecting a customer-provided SBC to Microsoft Phone
System. The customer-provided SBC can be connected to almost any telephony trunk or
connect with third-party PSTN equipment. The connection allows:
◼ Using virtually any PSTN trunk with Microsoft Phone System
◼ Configuring interoperability between customer-owned telephony equipment, such as
third-party PBXs, analog devices, and Microsoft Phone System

1.2 Validated AudioCodes Version

Microsoft has successfully conducted validation tests with AudioCodes' Mediant SBC
Ver. 7.40A.100. Previous certified firmware version is 7.20A.258. For an updated list, refer to
List of Session Border Controllers certified for Direct Routing. Note the following:
◼ Validate that you have the correct License key. Refer to AudioCodes' device's User's
Manual for more information on how to view the device's License Key including
licensed features and capacity. If you don’t have the correct License key, contact your
AudioCodes representative to obtain one.
◼ The main AudioCodes licenses required by the SBC are as follows:
• SW/TEAMS
• Number of SBC sessions [Based on requirements]
• Transcoding sessions [If media transcoding is needed]

1.3 About AudioCodes SBC Product Series

AudioCodes' family of SBC devices enables reliable connectivity and security between the
enterprise's VoIP network and the service provider's VoIP network.
The SBC provides perimeter defense as a way of protecting enterprises from malicious VoIP
attacks; mediation for allowing the connection of any PBX and/or IP-PBX to any service
provider; and Service Assurance for service quality and manageability.
Designed as a cost-effective appliance, the SBC is based on field-proven VoIP and network
services with a native host processor, allowing the creation of purpose-built multiservice
appliances, providing smooth connectivity to cloud services, with integrated quality of service,
SLA monitoring, security and manageability. The native implementation of SBC provides a
host of additional capabilities that are not possible with standalone SBC appliances such as
VoIP mediation, PSTN access survivability, and third-party value-added services
applications. This enables enterprises to utilize the advantages of converged networks and
eliminate the need for standalone appliances.

Teams Direct Routing with LMO 9 AudioCodes SBC

 Teams Direct Routing Local Media Optimization

AudioCodes' SBC is available as an integrated solution running on top of its field-proven

Mediant Media Gateway and Multi-Service Business Router platforms, or as a software-only
solution for deployment with third-party hardware. The SBC can be offered as a Virtualized
SBC, supporting the following platforms: Hyper-V, AWS, AZURE, AWP, KVM and VMWare.

1.4 Infrastructure Prerequisites

The table below shows the list of infrastructure prerequisites for deploying Direct Routing.
Table 1-1: Infrastructure Prerequisites

Infrastructure Prerequisite Details

Certified Session Border Controller (SBC)
SIP Trunks connected to the SBC
Office 365 Enterprise tenant
Domains
Public IP address for the SBC
Fully Qualified Domain Name (FQDN) for the SBC
See Microsoft's Plan Direct Routing
Public DNS entry for the SBC document.
Public trusted certificate for the SBC
Firewall ports for Direct Routing signaling
Firewall IP addresses and ports for Direct Routing
media
Media Transport Profile
Firewall ports for client media

Configuration Note 10 Document #: LTRT-33454

Configuration Note 2. Direct Routing Local Media Optimization

2 Direct Routing Local Media Optimization

This chapter describes the Direct Routing Local Media Optimization Routing between
Microsoft Phone System (Cloud PBX) and SBC devices.

Notes:
• The implementation of this feature is only relevant for customers with site topology
requiring Local Media Optimization solution
• SIP Signaling is always routed via the Microsoft Phone System Cloud PBX
• For Quick guidelines, see Appendix C “Configuration Quick Guidelines”.

2.1 Introduction
The SBC supports the capability to optimize media flow between the Microsoft Phone System
(Cloud PBX) and Direct Route SBC devices. It implements network policies for media traffic
control flows paths between the Teams clients and the SBC devices for PSTN termination.
Enterprises consider PSTN voice as a business-critical application with high emphasis on
voice quality. Media Path Optimization in Media Bypass mode for Direct Routing helps to
better manage voice quality by enabling enterprises to do the following:
◼ Control how the media traffic flows between the Teams clients and customer SBCs;
◼ Allowing media streams between the Teams clients and SBCs even if SBCs are
behind the corporate firewalls with private IPs and not directly visible to Microsoft.
By default, media bypass (referred to as Direct Media by the AudioCodes SBC application)
is configured per SIP interface or per SBC device by the parameter Microsoft Teams
PowerShell configured parameter MediaBypass (True or False). When enabled, media is
routed directly between the Teams user and the SBC, bypassing the Microsoft Phone System
Cloud PBX Media Relay or Media Proxy, on the condition that the client and the SBC media
interface can establish a routed connection (verified during ICE negotiation).
Affectively this means that traffic does not need to route through an unnecessary loop. For
example, the Teams user is in the same building and/or network as the SBC (the Teams
client is inside the corporate network and has access to the Internal IP address of the SBC).
Alternatively, if the Teams user is outside the corporate network and cannot reach the internal
IP address of the SBC, then RTP media needs to pass via the Microsoft Phone System Cloud
PBX.
The new functionality of Local Media Optimization uses an additional capability for the
location of the Teams user device (for the inbound or the outgoing call). In other words, the
SBC offers the correct interface for the media based on the user device location.
The handling is based on supplementary SIP headers supplied by Microsoft Teams HUB:
◼ X-MS-UserLocation: Indicates whether the Teams user is inside or outside the
corporate network.
◼ X-MS-MediaPath: Indicates the FQDN of the SBC devices in the network that the call
must traverse.
◼ X-MS-UserSite: Indicates the name of the network site

Teams Direct Routing with LMO 11 AudioCodes SBC

 Teams Direct Routing Local Media Optimization

This case applies for the following topologies:

◼ A distributed mode (central SBC with remote branches with local breakouts)
◼ A single SBC in a corporate DMZ with two media interfaces (external and internal)
See detailed descriptions of these call scenarios below in Section 2.2.

2.2 Typical Call Scenarios

The following describes call scenarios that are implemented using this feature:
◼ When the destination SBC is the paired SBC (the call breaks out to the SIP Trunk
which is connected to this SBC), determines whether the Teams user is calling from
inside (internal) or outside the corporate network (external). If the Teams user is calling
from inside the corporate network, RTP media flows via the SBC’s internal media
interface (internal media realm). If the Teams user is calling from outside the corporate
network, media flows via the SBC’s external media interface (regular media realm).
◼ When the destination SBC is not the paired SBC (in a distributed topology),
determines whether RTP media should traverse it or directly terminate to the remote
SBC. For example, when the Teams user is calling from inside the corporate network,
located in the same branch as the remote SBC.
The paired SBC serves as a proxy SBC for the downstream (remote) SBCs in the
network, which are not directly connected to the Microsoft Phone System; however,
are declared in Teams via a new PowerShell command (see below) to the Direct
Routing interface. The downstream SBCs are configured on Microsoft Teams with
Voice Routes.

Configuration Note 12 Document #: LTRT-33454

Configuration Note 2. Direct Routing Local Media Optimization

2.2.1 Implemented Scenarios

This section describes the implemented scenarios.

2.2.1.1 Central SBC Scenario

In this scenario, all trunks are centralized with media flowing between the central SBC (Site
HQ) and the users, based on the user’s location. If user is internal, media flows between the
internal IP of the central SBC (Site HQ) and the Teams client. If user is external, media flows
between the external IP of the SBC and Teams client.
In this example, the administrator is paired to a single SBC (sbc4.contoso.com) to the service,
the SBC has a centralized trunk connected to it. When the user is in the internal network, the
SBC provides the internal IP of the SBC for media, when the user is outside the corporate
network, the SBC provides the external (public) IP of the SBC.

Figure 2-1: Central SBC Traffic Flow - User at “Home” (Internal)

Site HQ
Site A 192.168.5.0/24

192.168.6.0/24

192.168.5.5 52.114.76.71

Session Border Controller + DR

Phone System
(Cloud PBX)
Central SBC

sbc4.contoso.com

Site B HTTP REST

SIP
Media
SIP via
centralized SBC

192.168.7.0/24 PSTN

Figure 2-2: Central SBC Traffic Flow - User is External

Site HQ
Site A 192.168.5.0/24

192.168.6.0/24

192.168.5.5 52.114.76.71

Session Border Controller + DR

Phone System
(Cloud PBX)
Central SBC

sbc4.contoso.com

Site B HTTP REST

SIP
Media
SIP via
centralized SBC

192.168.7.0/24 PSTN

Teams Direct Routing with LMO 13 AudioCodes SBC

 Teams Direct Routing Local Media Optimization

2.2.1.2 Proxy SBC Scenario

For this scenario, the administrator is paired only to a single SBC (sbc1.contoso.com) also
referred to as the Proxy SBC to the Direct Routing service.
The administrator adds the downstream SBCs using PowerShell command New-
CsOnlinePSTNGateway (or Via the UMP365 Online Voice Routing), indicating that they can
be reached via the proxy SBC. The downstream SBC does not have a WAN interface (it is
not configured with a public IP address), however can be assigned to voice routes.
When a user is in an office where the downstream SBC is, the media traffic flows between
the user and the SBC directly.
Figure 2-3: Proxy SBC Traffic Flow - user at “home” (Internal)
Site HQ
Site A

192.168.3.5 96.66..240.133
192.168.1.5
Session Border Controller + DR
PSTN Phone System
(Cloud PBX)
sbc2.contoso.com Proxy SBC

sbc1.contoso.com

Site B HTTP REST

SIP
Media
TDM

192.168.2.5

sbc3.contoso.com

When a user is outside of the office (on a public internet or in a different office) the
media flows from the user to the public IP of the Proxy SBC, which proxies it to the
downstream SBC(s).

Figure 2-4: Proxy SBC Traffic Flow - user is external

Site HQ
Site A 192.168.3.0/24

192.168.1.0/24

Session Border Controller + DR

PSTN Phone System
(Cloud PBX)
sbc2.contoso.com Proxy SBC

sbc1.contoso.com

Site B HTTP REST

SIP
192.168.2.5 LAN
Media
TDM

sbc3.contoso.com

Configuration Note 14 Document #: LTRT-33454

Configuration Note 2. Direct Routing Local Media Optimization

2.2.1.3 Local Media Optimization Modes

Media Path Optimization technology in the Microsoft Teams network consists of two modes:
◼ Always Bypass: In the case where the Teams client is internal, the local media
candidates of the target SBC will always be offered to the clients.
◼ OnlyForLocalUsers: The local media candidates of the target SBC is offered only if a
user is in the same location as the SBC. For all other cases, either the local or external
IP of the proxy SBC is offered.

2.3 Online PSTN Gateway Configuration

This section describes the Online PSTN Gateway configuration.

2.3.1 Online PSTN Gateway Configuration (Office 365) - Proxy SBC

Scenario
◼ Run the following PowerShell commands on the Office 365, in order to configure the
Proxy SBC PSTN Gateway on Teams Direct Routing:
New-CsOnlinePSTNGateway -Identity sbc1.contoso.com -SipSignalingPort 5068 -
ForwardCallHistory $True -ForwardPai $True -MediaBypass $True -Enabled $True
Set-CsOnlinePSTNGateway -BypassMode alwaysbypass (or OnlyForLocalUsers) -
ProxySbc $null
New-CsTenantTrustedIPAddress -IPAddress {Public IP (After NAT)} -MaskBits {Subnet
Mask Prefix} -Description "Description Text"
◼ Run the following PowerShell commands (O365) for each remote SBC device:
New-CsOnlinePSTNGateway -Identity sbc2.contoso.com -SipSignalingPort 5068 -
ForwardCallHistory $True -ForwardPai $True -MediaBypass $True -Enabled $True
Set-CsOnlinePSTNGateway -BypassMode alwaysbypass (or OnlyForLocalUsers) -
ProxySbc {ProxySBCFQDN} -GatewaySiteId {Location-based routing site-"site address"}
New-CsTenantTrustedIPAddress -IPAddress {Public IP (After NAT)} -MaskBits {Subnet
Mask Prefix} -Description " Description Text "

Note: Enabling Location-based routing policies is not Mandatory for LMO, instead only
the assigning of the SBC devices to the sites is required, as shown in the above
PowerShell command sets. If you would like to enable Location-based routing, refer to
the configuration reference:
https://docs.microsoft.com/en-us/microsoftteams/location-based-routing-enable

Based on the information above the Direct Routing will include three proprietary SIP Headers
to SIP Invites and Re-invites.

2.3.2 Configure Online PSTN Gateway Configuration via UMP 365

(Optional)
User Management Pack 365 (UMP) is a powerful software application that simplifies user
lifecycle and identity management across Skype for Business Server, hosted, cloud, hybrid
and Microsoft Teams deployments.
UMP offer Simple to use web-portal user interface, Under System Configuration, the following
voice routing components can be configured for use with Microsoft Teams in a direct routing
environment:
◼ Online Dial Plans
◼ Normalization rule templates for use within Dial Plans

Teams Direct Routing with LMO 15 AudioCodes SBC

 Teams Direct Routing Local Media Optimization

◼ PSTN Gateways
◼ PSTN Usage records for use within Voice Routes and Voice Routing Policies
◼ Voice Routes
◼ Voice Routing Policies

Note: This Chapter is optional, UMP offer simple and easy to use WEB portal user
interface that Alleviates need for PowerShell expertise (Chapter 4.3.1)

2.3.2.1 Create PSTN Gateway

This section provides an example of how to create a new PSTN Gateway using the
AudioCodes User Management Pack 365 install wizard:

➢ To create a PSTN Gateway:

Click Add new PSTN Gateway.
Figure 2-5: Add New PSTN Gateway

Note: For detailed description on Adding a PSTN Gateway, refer to LTRT-26685

AudioCodes User Management Pack 365 Release Notes Ver. 7.8.100.382.

Configuration Note 16 Document #: LTRT-33454

Configuration Note 2. Direct Routing Local Media Optimization

2.4 Call Scenario Example Topologies

The following call scenario example topologies are shown in this section:
◼ Always Bypass with Internal Teams User (see Section 2.4.1)
◼ Always Bypass with External Teams User (see Section 2.4.2)
◼ Always Bypass with Teams User and SBC in Different Sites (see Section 2.4.3)
◼ Only for Local Users with Internal Teams User (see Section 2.4.4)
◼ Only for Local Users with External Teams User (see Section 2.4.5)
◼ Only for Local Users with Internal Teams User in Different Sites (see Section 2.4.6)

2.4.1 Always Bypass with Internal Teams User

This topology reflects when the Teams user is in the same location as the SBC inside the
corporate network and BypassMode is configured to alwaysbypass:
◼ The Teams user is located inside the corporate network “Internal” and places an
Outbound call from the same location as the SBC – BypassMode is set to
alwaysbypass.
◼ The Teams user is located inside the corporate network “Internal” and places an
Inbound call from the same location as the SBC.
Figure 2-6: Always Bypass with Internal Teams User

Site HQ
Site A 192.168.9.0/24

192.168.10.0/24

Session Border Controller + DR

PSTN Phone System
(Cloud PBX)
sbc6.contoso.com Proxy SBC

sbc5.contoso.com

Site B HTTP REST

SIP
192.168.11.0/24
Media
TDM

Teams Direct Routing with LMO 17 AudioCodes SBC

 Teams Direct Routing Local Media Optimization

2.4.2 Always Bypass with External Teams User

This topology reflects when the Teams user is located outside the corporate network and
BypassMode is configured to alwaysbypass:
◼ The Teams user is located outside the corporate network ”External” and places an
Outbound call – BypassMode is set to alwaysbypass.
◼ The Teams user is located outside the corporate network ”External” and places an
Inbound call – BypassMode is set to alwaysbypass.
Figure 2-7: Always Bypass with External Teams User

Site HQ
Site A 192.168.5.0/24

192.168.6.0/24

192.168.5.5 52.114.76.71

Session Border Controller + DR

Phone System
(Cloud PBX)
Central SBC

sbc4.contoso.com

Site B HTTP REST

SIP
Media
TDM

192.168.7.0/24 PSTN

Configuration Note 18 Document #: LTRT-33454

Configuration Note 2. Direct Routing Local Media Optimization

2.4.3 Always Bypass with Teams User and SBC in Different Sites
This topology reflects when the Teams user is in a different location to the branch SBC;
however located inside the corporate network and BypassMode is configured to
alwaysbypass:
◼ The Teams user device is inside the corporate network “Internal” and is in a different
location to the branch SBC and places an Outbound call – BypassMode is set to
alwaysbypass.
◼ TheTeams user device is inside the corporate network “Internal” and is in a different
location to the branch SBC, receiving an Inbound call – BypassMode is set to
alwaysbypass.

Figure 2-8: Always Bypass with Teams User and SBC in Different Sites

Site HQ
Site A 192.168.9.0/24

192.168.10.0/24

Session Border Controller + DR

PSTN Phone System
(Cloud PBX)
sbc6.contoso.com Proxy SBC

sbc5.contoso.com

Site B HTTP REST

SIP
Media
TDM

192.168.11.0/24

Teams Direct Routing with LMO 19 AudioCodes SBC

 Teams Direct Routing Local Media Optimization

2.4.4 Only for Local Users with Internal Teams User

This topology reflects when the Teams user is in the same location as the SBC inside the
corporate network and BypassMode is configured to OnlyForLocalUsers:
◼ The Teams user is “Internal” and in the same location as the target SBC, placing an
Outbound call (handled the same as above as in Section 2.4.1) - BypassMode is set to
OnlyForLocalUsers.
◼ The Teams user is “Internal” and in the same location as the SBC (as above) making
an Inbound call (handled the same as above as in Section 2.4.1) - BypassMode is set
to OnlyForLocalUsers.

Figure 2-9: Always Bypass with Internal Teams User

Site HQ
Site A

192.168.3.5 96.66..240.133
192.168.1.5
Session Border Controller + DR
PSTN Phone System
(Cloud PBX)
sbc2.contoso.com Proxy SBC

sbc1.contoso.com

Site B HTTP REST

SIP
Media
TDM

192.168.2.5

sbc3.contoso.com

Configuration Note 20 Document #: LTRT-33454

Configuration Note 2. Direct Routing Local Media Optimization

2.4.5 Only for Local Users with External Teams User

This topology reflects when the Teams user is located outside the corporate network and
BypassMode is configured to OnlyForLocalUsers:
◼ (Outbound call) The Teams user is located outside the corporate network ”External”
and places an Outbound call – BypassMode is set to OnlyForLocalUsers.
In this case, the central SBC ( Proxy SBC) always offers an external interface since
the use is outside of the corporate network.
◼ The Teams user is located outside the corporate network ”External” and receives an
Inbound call – BypassMode is set to OnlyForLocalUsers.

Figure 2-10: Only for Local Users with External Teams User

Site HQ
Site A 192.168.3.0/24

192.168.1.0/24

Session Border Controller + DR

PSTN Phone System
(Cloud PBX)
sbc2.contoso.com Proxy SBC

sbc1.contoso.com

Site B HTTP REST

SIP
192.168.2.5 LAN
Media
TDM

sbc3.contoso.com

Teams Direct Routing with LMO 21 AudioCodes SBC

 Teams Direct Routing Local Media Optimization

2.4.6 Only for Local Users with Internal Teams User in Different Sites
This topology reflects when the Teams User is in a different location to the branch SBC;
however located inside the corporate network and BypassMode is configured to
OnlyForLocalUsers:
◼ The Teams user is inside the corporate network “Internal” and is in a different location
to the branch SBC and places an Outbound call – BypassMode is set to
OnlyForLocalUsers.
◼ TheTeams user is inside the corporate network “Internal” and is in a different location
to the branch SBC, receiving an Inbound call – BypassMode is set to
OnlyForLocalUsers.

Figure 2-11: Only for Local Users with Internal Teams User in Different Sites

Site HQ
Site A 192.168.3.0/24

192.168.1.0/24

Session Border Controller + DR

PSTN Phone System
(Cloud PBX)
sbc2.contoso.com Proxy SBC

sbc1.contoso.com

Site B HTTP REST

SIP
192.168.2.0/24
Media
TDM

sbc3.contoso.com

Configuration Note 22 Document #: LTRT-33454

Configuration Note 2. Direct Routing Local Media Optimization

2.5 Configuring SBC for Local Media Optimization (LMO)

Proxy SBC
This section describes the configuration required for supporting Local Media Optimization
handling on the Proxy SBC.

Note: This document shows how to configure the connection between AudioCodes'
SBC and the Teams Direct Routing with a generic SIP Trunk. For detailed
configuration of other entities in the deployment such as the SIP Trunk Provider and
the local IP-PBX, refer to AudioCodes' SIP Trunk Configuration Notes (in the
interoperability suite of documents).

2.5.1 Prerequisites
Before you begin the configuration, make sure you have the following for every SBC you want
to pair:
◼ Public IP address
◼ FQDN name matching SIP addresses of the Office 365 tenants
◼ Public certificate, issued by one of the supported CAs

2.5.2 About the SBC Domain Name

The SBC domain name must be from one of the names registered in 'Domains' of the tenant.
You cannot use the *.onmicrosoft.com tenant for the domain name. For example, in Figure
2-2, the administrator registered the following DNS names for the tenant:
Table 2-1: DNS Names Registered by an Administrator for an Enterprise Office 365 Tenant

DNS name Can be used Examples of FQDN names

for SBC
FQDN

Valid names:
▪ sbc.ACeducation.info
▪ ussbcs15.ACeducation.info
▪ europe.ACeducation.info
ACeducation.info Yes
Invalid name:
sbc1.europe.ACeducation.info (requires
registering domain name europe.atatum.biz
in 'Domains' first)
Using *.onmicrosoft.com domains is not
adatumbiz.onmicrosoft.com No
supported for SBC names
Valid names:
▪ sbc1.hybridvoice.org
hybridvoice.org Yes ▪ ussbcs15.hybridvoice.org
▪ europe.hybridvoice.org
Invalid name:

Teams Direct Routing with LMO 23 AudioCodes SBC

 Teams Direct Routing Local Media Optimization

sbc1.europe.hybridvoice.org (requires
registering domain name
europe.hybridvoice.org in 'Domains' first
Users can be from any SIP domain registered for the tenant. For example, you can provide
users [email protected] with the SBC FQDN sbc1.hybridvoice.org so long as both
names are registered for this tenant.
Figure 2-12: Example of Registered DNS Names

The following IP address and FQDN are used as examples in this guide:

Public IP FQDN Name

195.189.192.157 sbc.ACeducation.info

The certificate in the example is from DigiCert.

2.5.3 Validate AudioCodes' License

The following licenses are required on AudioCodes' device:
◼ Enable Microsoft (licensing MSFT) [All AudioCodes media gateways and SBCs are
by default shipped with this license. Exceptions: MSBR products and Mediant 500
SBC or Media Gateways]
◼ Enable TEAMS (licensing SW/TEAMS)
◼ Number of SBC sessions [based on requirements]
◼ Transcoding sessions [if media transcoding is needed]
◼ Coders [based on requirements]

Configuration Note 24 Document #: LTRT-33454

Configuration Note 2. Direct Routing Local Media Optimization

2.5.4 Configure LAN and WAN IP Interfaces

This section describes how to configure the SBC's IP network interfaces. There are several
ways to deploy the SBC:
◼ SBC interfaces with the following IP entities:
• Teams Direct Routing, located on the WAN
• SIP Trunk (through Site SBC) - located on the LAN
◼ SBC connects to the WAN through a DMZ network
◼ Physical connection: The type of physical connection depends on the method used to
connect to the Enterprise's network. In the interoperability test topology, SBC connects
to the LAN and DMZ using dedicated Ethernet ports (i.e., two ports and two network
cables are used).
◼ SBC also uses two logical network interfaces:
• LAN (VLAN ID 1)
• DMZ (VLAN ID 2)

Figure 2-13: Network Interfaces in the Topology of the Proxy SBC

Session Border Controller

LAN Port LAN DMZ LAN Port

VLAN ID 1 VLAN ID 2

WAN Phone System

(Cloud PBX)
LAN

Remote Site
Session Border Controller

2.5.4.1 Validate Configuration of Physical Ports and Ethernet Groups

The physical ports are automatically detected by the SBC. The Ethernet groups are also auto-
assigned to the ports. In this step, only parameter validation is necessary.

➢ To validate physical ports:

1. Open the Physical Ports table (Setup menu > IP Network tab > Core Entities folder >
Physical Ports).
2. Validate that you have at least two physical ports detected by the SBC, one for LAN and
the other for WAN. Make sure both ports are in Enabled mode.

Note: Based on your hardware configuration, you might have more than two ports.

Teams Direct Routing with LMO 25 AudioCodes SBC

 Teams Direct Routing Local Media Optimization

Figure 2-14: Physical Ports Configuration Interface

➢ To validate Ethernet Groups:

1. Open the Ethernet Groups table (Setup menu > IP Network tab > Core Entities folder
> Ethernet Groups).
2. Validate that you have at least two Ethernet Groups detected by the SBC, one for LAN
and the other for WAN.
Figure 2-15: Ethernet Groups Configuration Interface

2.5.4.2 Configure LAN and WAN VLANs

This section describes how to define VLANs for each of the following interfaces:
◼ LAN (assigned the name "LAN_IF")
◼ WAN (assigned the name "WAN_IF")

➢ To configure the VLANs:

1. Open the Ethernet Device table (Setup menu > IP Network tab > Core Entities folder
> Ethernet Devices).
2. There will be one existing row for VLAN ID 1 and underlying interface GROUP_1.
3. Add another VLAN ID 2 for the WAN side

Configuration Note 26 Document #: LTRT-33454

 Configuration Note 2. Direct Routing Local Media Optimization

Figure 2-16: Configured VLAN IDs in Ethernet Device

2.5.4.3 Configure Network Interfaces

This section describes how to configure the IP network interfaces for each of the following
interfaces:
◼ LAN Interface (assigned the name "LAN_IF")
◼ WAN Interface (assigned the name "WAN_IF")

➢ To configure network parameters for both LAN and WAN interfaces:

1. Open the IP Interfaces table (Setup menu > IP Network tab > Core Entities folder > IP
Interfaces).
2. Configure the IP interfaces as follows (your network parameters might be different):
Table 2-2: Configuration Example of the Network Interface Table

Application Interface Prefix Ethernet

Index Name IP Address Gateway DNS
Types Mode Length Device

OAMP+ Media IPv4

0 LAN_IF 10.15.77.77 16 10.15.0.1 10.15.27.1 vlan 1
+ Control Manual

Media +
Control (as this
interface According to
195.189.192.157 195.189.192.129
points to the IPv4 your Internet
1 WAN_IF (DMZ IP address 25 (router's IP vlan 2
internet, Manual provider's
of SBC) address)
enabling instructions
OAMP is not
recommended)

Teams Direct Routing with LMO 27 AudioCodes SBC

 Teams Direct Routing Local Media Optimization

The configured IP network interfaces are shown below:

Figure 2-17: Configuration Example of the Network Interface Table

2.5.5 Configure TLS Context

The Microsoft Phone System Direct Routing Interface only allows TLS connections from
SBCs for SIP traffic with a certificate signed by one of the trusted Certification Authorities.
Currently, supported Certification Authorities can be found in the following link:
https://docs.microsoft.com/en-us/microsoftteams/direct-routing-plan#public-trusted-
certificate-for-the-sbc

2.5.5.1 Configure the NTP Server Address

This section describes how to configure the NTP server's IP address. It is recommended to
implement an NTP server (Microsoft NTP server or another global server) to ensure that the
SBC receives the current date and time. This is necessary for validating certificates of remote
parties. It is important, that NTP Server will locate on the OAMP IP Interface (LAN_IF in our
case) or will be accessible through it.

➢ To configure the NTP server address:

1. Open the Time & Date page (Setup menu > Administration tab > Time & Date).
2. In the 'Primary NTP Server Address' field, enter the IP address of the NTP server
(e.g., 10.15.28.1).
Figure 2-18: Configuring NTP Server Address

3. Click Apply.

Configuration Note 28 Document #: LTRT-33454

Configuration Note 2. Direct Routing Local Media Optimization

2.5.5.2 Create a TLS Context for Teams Direct Routing

The section below shows how to request a certificate for the SBC WAN interface and to
configure it based on the example of DigiCert Global Root CA. The certificate is used by the
SBC to authenticate the connection with Teams Direct Routing.
The procedure involves the following main steps:
a. Create a TLS Context for Teams Direct Routing
b. Generate a Certificate Signing Request (CSR) and obtain the certificate from a
supported Certification Authority
c. Deploy the SBC and Root/ Intermediate certificates on the SBC

➢ To create a TLS Context for Teams Direct Routing:

1. Open the TLS Contexts page (Setup menu > IP Network tab > Security folder > TLS
Contexts).
2. Create a new TLS Context by clicking +New at the top of the interface, and then
configure the parameters using the table below as reference.
Table 2-3: New TLS Context

Index Name TLS Version

1 Teams (arbitrary descriptive name) TLSv1.2

All other parameters can be left unchanged with their default values.

Note: The table above exemplifies configuration focusing on interconnecting SIP and
media. You might want to configure additional parameters according to your
company's policies. For example, you might want to configure Online Certificate Status
Protocol (OCSP) to check if SBC certificates presented in the online server are still
valid or revoked. For more information on the SBC's configuration, see the User's
Manual, available for download from https://www.audiocodes.com/library/technical-
documents.

Teams Direct Routing with LMO 29 AudioCodes SBC

 Teams Direct Routing Local Media Optimization

Figure 2-19: Configuration of TLS Context for Direct Routing

3. Click Apply; you should see the new TLS Context and option to manage the certificates
at the bottom of 'TLS Context' table.
Figure 2-20: Configured TLS Context for Direct Routing and Interface to
Manage the Certificates

Configuration Note 30 Document #: LTRT-33454

Configuration Note 2. Direct Routing Local Media Optimization

2.5.5.3 Generate a CSR and Obtain the Certificate from a Supported CA

This section shows how to generate a Certificate Signing Request (CSR) and obtain the
certificate from a supported Certification Authority.

➢ To generate a Certificate Signing Request (CSR) and obtain the certificate from a
supported Certification Authority:
1. Open the TLS Contexts page (Setup menu > IP Network tab > Security folder > TLS
Contexts).
2. In the TLS Contexts page, select the Teams TLS Context index row, and then click the
Change Certificate link located below the table; the Context Certificates page appears.
3. Under the Certificate Signing Request group, do the following:
a. In the 'Common Name [CN]' field, enter the SBC FQDN name (based on example
above, ACeducation.info).
b. In the '1st Subject Alternative Name [SAN]' field, change the type to ‘DNS’, and
then enter the SBC FQDN name (based on the example above,
ACeducation.info).

Note: The domain portion of the Common Name [CN] and 1st Subject Alternative
Name [SAN] must match the SIP suffix configured for Office 365 users.

c. Change the 'Private Key Size' based on the requirements of your Certification
Authority. Many CAs do not support private key of size 1024. In this case, you
must change the key size to 2048.
d. To change the key size on TLS Context, go to: Generate New Private Key and
Self-Signed Certificate, change the 'Private Key Size' to 2048 and then click
Generate Private-Key. To use 1024 as a Private Key Size value, you can click
Generate Private-Key without changing the default key size value.
e. Enter the rest of the request fields according to your security provider's
instructions.
f. Click the Create CSR button; a textual certificate signing request is displayed in
the area below the button:

Teams Direct Routing with LMO 31 AudioCodes SBC

 Teams Direct Routing Local Media Optimization

Figure 2-21: Example of Certificate Signing Request – Creating CSR

4. Copy the CSR from the line "----BEGIN CERTIFICATE" to "END CERTIFICATE
REQUEST----" to a text file (such as Notepad), and then save it to a folder on your
computer with the file name, for example certreq.txt.
5. Send certreq.txt file to the Certified Authority Administrator for signing.

Configuration Note 32 Document #: LTRT-33454

Configuration Note 2. Direct Routing Local Media Optimization

2.5.5.4 Deploy the SBC and Root / Intermediate Certificates on the SBC
After obtaining the SBC signed and Trusted Root/Intermediate Certificate from the CA, install
the following:
◼ SBC certificate
◼ Root / Intermediate certificates

➢ To install the SBC certificate:

1. In the SBC's Web interface, return to the TLS Contexts page and do the following:
a. In the TLS Contexts page, select the required TLS Context index row, and then
click the Change Certificate link located below the table; the Context Certificates
page appears.
b. Scroll down to the Upload certificates files from your computer group, click the
Choose File button corresponding to the 'Send Device Certificate...' field,
navigate to the certificate file obtained from the CA, and then click Load File to
upload the certificate to the SBC.
Figure 2-22: Uploading the Certificate Obtained from the Certification Authority

2. Validate that the certificate was uploaded correctly: A message indicating that the
certificate was uploaded successfully is displayed in blue on the lower part of the page:
Figure 2-23: Message Indicating Successful Upload of the Certificate

3. In the SBC's Web interface, return to the TLS Contexts page, select the required TLS
Context index row, and then click the Certificate Information link, located at the bottom
of the TLS. Then validate the Key size, certificate status and Subject Name:

Teams Direct Routing with LMO 33 AudioCodes SBC

 Teams Direct Routing Local Media Optimization

Figure 2-24: Certificate Information Example

4. In the SBC's Web interface, return to the TLS Contexts page.

c. In the TLS Contexts page, select the required TLS Context index row, and then
click the Trusted Root Certificates link, located at the bottom of the TLS
Contexts page; the Trusted Certificates page appears.
d. Click the Import button, and then select all Root/Intermediate Certificates
obtained from your Certification Authority to load.
5. Click OK; the certificate is loaded to the device and listed in the Trusted Certificates
store:
Figure 2-25: Example of Configured Trusted Root Certificates

Configuration Note 34 Document #: LTRT-33454

Configuration Note 2. Direct Routing Local Media Optimization

2.5.6 Method of Generating and Installing the Wildcard Certificate

To use the same certificate on multiple devices, you may prefer using 3rd party application
(e.g. DigiCert Certificate Utility for Windows) to process the certificate request from your
Certificate Authority on another machine, with this utility installed.
After you've processed the certificate request and response using the DigiCert utility, test the
certificate private key and chain and then export the certificate with private key and assign a
password.

➢ To install the certificate:

1. Open the TLS Contexts page (Setup menu > IP Network tab > Security folder >
TLS Contexts).
2. In the TLS Contexts page, select the required TLS Context index row, and then click the
Change Certificate link located below the table; the Context Certificates page appears.
3. Scroll down to the Upload certificates files from your computer group and do the
following:
a. Enter the password assigned during export with the DigiCert utility in the 'Private
key pass-phrase' field.
b. Click the Choose File button corresponding to the 'Send Private Key...' field and
then select the SBC certificate file exported from the DigiCert utility.

2.5.7 Deploy Baltimore Trusted Root Certificate

Note: Loading Baltimore Trusted Root Certificates to AudioCodes' SBC is mandatory

for implementing an MTLS connection with the Microsoft Teams network.

The DNS name of the Teams Direct Routing interface is sip.pstnhub.microsoft.com. In this
interface, a certificate is presented which is signed by Baltimore Cyber Baltimore CyberTrust
Root with Serial Number: 02 00 00 b9 and SHA fingerprint: d4:de:20:d0:5e:66:fc:
53:fe:1a:50:88:2c:78:db:28:52:ca:e4:74.
To trust this certificate, your SBC must have the certificate in Trusted Certificates storage.
Download the certificate from https://www.digicert.com/kb/digicert-root-
certificates.htm and follow the steps above to import the certificate to the Trusted Root
storage.

Note: Before importing the Baltimore root certificate into AudioCodes' SBC, make sure
it's in .PEM or .PFX format. If it isn't, you need to convert it to .PEM or .PFX format,
otherwise the 'Failed to load new certificate' error message is displayed. To convert to
PEM format, use Windows local store on any Windows OS and then export it as 'Base-
64 encoded X.509 (.CER) certificate'.

Teams Direct Routing with LMO 35 AudioCodes SBC

 Teams Direct Routing Local Media Optimization

2.5.8 Configure Media Realms

Media Realms allow dividing the UDP port ranges for use on different interfaces. In the
example below, two Media Realms are configured:
◼ One for the LAN interface, with the UDP port starting at 6000 and the number of media
session legs 100 (you need to calculate number of media session legs based on your
usage)
◼ One for the WAN interface, with the UDP port range starting at 7000 and the number
of media session legs 100

➢ To configure Media Realms:

1. Open the Media Realms table (Setup menu > Signaling & Media tab > Core Entities
folder > Media Realms).
2. Configure Media Realms as follows (you can use the default Media Realm (Index 0), but
modify it):
Table 2-4: Configuration Example Media Realms in Media Realms Table

Topology IPv4 Interface Port Range Number of Media

Index Name
Location Name Start Session Legs
MRLan
100 (media sessions
0 (arbitrary LAN_IF 6000
assigned with port range)
name)
MRWan
100 (media sessions
1 (arbitrary Up WAN_IF 7000
assigned with port range)
name)

The configured Media Realms are shown in the figure below:

Figure 2-26: Configuration Example Media Realms in Media Realm Table

Configuration Note 36 Document #: LTRT-33454

 Configuration Note 2. Direct Routing Local Media Optimization

2.5.9 Configure SIP Signaling Interfaces

This section shows how to configure a SIP Signaling Interfaces. A SIP Interface defines a
listening port and type (UDP, TCP, or TLS) for SIP signaling traffic on a specific logical IP
network interface (configured in the Interface Table above) and Media Realm.
Note that the configuration of a SIP interface for the SIP Trunk shows as an example and
your configuration might be different. For specific configuration of interfaces pointing to SIP
trunks and/or a third-party PSTN environment connected to the SBC, see the trunk /
environment vendor documentation.
AudioCodes also offers a comprehensive suite of documents covering the interconnection
between different trunks and equipment.

➢ To configure SIP Interfaces:

1. Open the SIP Interfaces table (Setup menu > Signaling & Media tab > Core Entities
folder > SIP Interfaces).
2. Configure SIP Interfaces. You can use the default SIP Interface (Index 0), but modify it
as shown in the table below. The table below shows an example of the configuration.
You can change some parameters according to your requirements.

Note: The Direct Routing interface can only use TLS for a SIP port. It does not support
using TCP due to security reasons. The SIP port might be any port of your choice.
When pairing the SBC with Office 365, the chosen port is specified in the pairing
command.

Table 2-5: Configuration Example of SIP Signaling Interfaces

Enable Classification TLS

Network Application TCP Media
Index Name UDP Port TLS Port TCP Failure Context
Interface Type Port Realm
Keepalive Response Type Name

5061 Disable
SitesSIPInterface (according (leave 500 (leave
0 LAN_IF SBC 0 0 MRLan -
(arbitrary name) to site default default value)
requirement) value)

0
(Phone
System 5061 (as 0
Teams (arbitrary does not configured (Recommended
1 WAN_IF SBC 0 Enable MRWan Teams
name) use UDP in the Office to prevent DoS
or TCP 365) attacks)
for SIP
signaling)

Note: For implementing an MTLS connection with the Microsoft Teams network,
configure ‘TLS Mutual Authentication’ to “Enable” for the Teams SIP Interface.

Note: Loading Baltimore Trusted Root Certificates to AudioCodes' SBC is mandatory

for implementing an MTLS connection with the Microsoft Teams network. Refer to
Section 2.5.7 on page 35.

Teams Direct Routing with LMO 37 AudioCodes SBC

 Teams Direct Routing Local Media Optimization

The configured SIP Interfaces are shown in the figure below:

Figure 2-27: Configuration Example of SIP Signaling Interfaces

2.5.10 Configure Proxy Sets and Proxy Address

The Proxy Set and Proxy Address defines TLS parameters, IP interfaces, FQDN and the
remote entity's port. Proxy Sets can also be used to configure load balancing between
multiple servers. The example below covers configuration of a Proxy Sets for Teams Direct
Routing and SIP Trunk. Note that the configuration of a Proxy Set for the SIP Trunk (through
Site A SBC) shows as an example and your configuration might be different. For specific
configuration of interfaces pointing to SIP trunks and/or the third-party PSTN environment
connected to the SBC, see the trunk/environment vendor's documentation. AudioCodes also
offers a comprehensive suite of documents covering the interconnection between different
trunks and the equipment.
The Proxy Sets will later be applied to the VoIP network by assigning them to IP Groups.

2.5.10.1 Configure Proxy Sets

To support the Local Media Optimization handling, the Proxy Set that is paired as the
Microsoft Teams Direct Routing interface is configured with an FQDN Host Name and each
deployed remote (site) SBC is configured with an IP address.

➢ To configure a Proxy Sets:

1. Open the Proxy Sets table (Setup menu > Signaling & Media tab > Core Entities folder
> Proxy Sets).
2. Configure Proxy Sets as shown in the table below:
Table 2-6: Configuration Example Proxy Sets in Proxy Sets Table

Proxy
Proxy Proxy
SBC IPv4 SIP TLS Context Load
Index Name Keep- Hot
Interface Name Balancing
Alive Swap
Method
Teams
Using Random
1 (arbitrary Teams Teams Enable
Options Weights
name)
Using
2 SiteA SitesSIPInterface Default - -
Options

Configuration Note 38 Document #: LTRT-33454

Configuration Note 2. Direct Routing Local Media Optimization

The configured Proxy Sets are shown in the figure below:

Figure 2-28: Configuration Example Proxy Sets in Proxy Sets Table

2.5.10.2 Configure Proxy Addresses

This section shows how to configure the Proxy Addresses for the Proxy Sets in the Proxy
SBC site towards the remote (site) SBC.

➢ To configure a Proxy Address for Teams:

1. Open the Proxy Sets table (Setup menu > Signaling & Media tab > Core Entities folder
> Proxy Sets) and then click the Proxy Set Teams, and then click the Proxy Address
link located below the table; the Proxy Address table opens.
2. Click +New;
3. Configure the address of the Proxy Set according to the parameters described in the
table below:
Table 2-7: Configuration Proxy Address for Teams Direct Routing

Transport Proxy Proxy Random

Index Proxy Address
Type Priority Weight

0 sip.pstnhub.microsoft.com:5061 TLS 1 1
1 sip2.pstnhub.microsoft.com:5061 TLS 2 1
2 sip3.pstnhub.microsoft.com:5061 TLS 3 1
4. Click Apply and then save your settings to flash memory.

➢ To configure a Proxy Address for remote (site) SBCs:

1. Open the Proxy Sets table (Setup menu > Signaling & Media tab > Core Entities folder
> Proxy Sets) and then click the Proxy Set SIPTrunk, and then click the Proxy Address
link located below the table; the Proxy Address table opens.
2. Click +New;
3. Configure the IP address of the Proxy Set towards Remote SBC in Site A according to
the parameters described in the table below:
Table 2-8: Configuration Proxy Address Towards Remote SiteA SBC

Index Proxy Address Transport Type

0 192.168.1.5:5061 TLS
4. Click Apply and then save your settings to flash memory.

Teams Direct Routing with LMO 39 AudioCodes SBC

 Teams Direct Routing Local Media Optimization

2.5.11 Configure Coder Groups

This section describes how to configure coders (known as Coder Groups). Teams Direct
Routing supports the SILK and other coders while the network connection to the SIP Trunk
may restrict operation with a dedicated coders list. You need to add a Coder Group with the
supported coders for each of the following leg, the Teams Direct Routing and the SIP Trunk.
Note that the Coder Group ID for this entity will be assigned to its corresponding IP Profile in
the next section.

➢ To configure a Coder Group:

1. Open the Coder Groups table (Setup menu > Signaling & Media tab > Coders &
Profiles folder > Coder Groups).
2. From the 'Coder Group Name' dropdown, select 1:Does Not Exist and add the required
codecs as shown in the figure below.
Figure 2-29: Configuring Coder Group for Teams Direct Routing

3. Click Apply, and then confirm the configuration change in the prompt that pops up.

2.5.12 Configure IP Profiles

This section describes how to re-configure an IP Profiles in the Proxy SBC site. An IP Profile
is a set of parameters with user-defined settings related to signaling (e.g., SIP message
terminations such as REFER) and media (e.g., coder type). An IP Profile needs to be
assigned to the specific IP Group. See Appendix C for a summary of all IP Profile
configurations.

➢ To configure IP Profiles Proxy SBC site:

1. Open the Proxy Sets table (Setup menu > Signaling & Media tab > Coders & Profiles
folder > IP Profiles).
2. Click +New to add the IP Profile for the Teams Direct Routing interface. Configure the
parameters using the table below as reference.
Table 2-9: Configuration Example: Teams IP Profile

Parameter Value

General
Name Teams (arbitrary descriptive name)
Media Security
SBC Media Security Mode Secured

Configuration Note 40 Document #: LTRT-33454

Configuration Note 2. Direct Routing Local Media Optimization

Parameter Value

SBC Early Media

Remote Early Media RTP Detection By Media (required, as Teams Direct Routing does not send
Mode RTP immediately to remote side when it sends a SIP 18x
response)
SBC Media
Extension Coders Group AudioCodersGroups_1
RTCP Mode Generate Always (required, as some ITSPs do not send
RTCP packets during Hold, but Microsoft expects them)
ICE Mode Lite (required only when Media Bypass enabled on Teams)
SBC Signaling
SIP UPDATE Support Not Supported
Remote re-INVITE Support Supported Only With SDP
Remote Delayed Offer Support Not Supported
Remote Representation Mode Add Routing Headers
SBC Forward and Transfer
Remote REFER Mode Regular
Remote 3xx Mode Transparent
SBC Hold
Inactive (some SIP Trunk may answer with a=inactive and
IP=0.0.0.0 in response to the Re-Invite with Hold request from
Remote Hold Format
Teams. Microsoft Media Stack doesn’t support this format. So,
SBC will replace 0.0.0.0 with its IP address)
All other parameters can be left unchanged at their default values.
3. Click Apply, and then save your settings to flash memory.
4. Click +New to add the IP Profile for the SIP Trunk (through Site A SBC). Configure the
parameters using the table below as a reference.
Table 2-10: Configuration Example: SIP Trunk IP Profile (toward remote Site A SBC)

Parameter Value

General
Name SiteA (arbitrary name)
SBC Forward and Transfer
Remote REFER Mode Regular
Remote Replaces Mode Standard
Remote 3xx Mode Transparent
All other parameters can be left unchanged with their default values.
5. Click Apply, and then save your settings to flash memory.

Teams Direct Routing with LMO 41 AudioCodes SBC

 Teams Direct Routing Local Media Optimization

2.5.13 Configure IP Groups

This section describes how to configure IP Groups. The IP Group represents an IP entity on
the network with which the SBC communicates. This can be a server (e.g., IP-PBX or SIP
Trunk) or it can be a group of users (e.g., LAN IP phones). For servers, the IP Group is
typically used to define the server's IP address by associating it with a Proxy Set. Once IP
Groups are configured, they are used to configure IP-to-IP routing rules for denoting source
and destination of the call.

➢ To configure IP Group for Microsoft Teams Direct Routing for Media optimization:
1. Open the IP Groups table (Setup menu > Signaling & Media tab > Core Entities folder
> IP Groups).
2. Click Edit to re-configure the IP Group for the Microsoft Teams Direct Routing paired
SBC (Proxy SBC):
Table 2-11: Configuration Example: IP Group for Microsoft Teams Direct Routing

Parameter Value

Name Teams (arbitrary name)

Topology Location
Type
Proxy Set
IP Profile
Media Realm
Internal Media Realm
Classify by Proxy Set
Local Host Name
Always Use Src Address
Teams Local Media
Optimization Handling
Up
Server
Teams
Teams
MRWan
MRLan
This parameter is relevant when the 'Teams Local Media
Optimization Handling' parameter (see below) is configured
to any value other than “None” and the X-MS-UserLocation
header in the incoming SIP message is set to ‘Internal’. In
this case, the Internal Media Realm determines the UDP port
range and maximum sessions for Media traffic on this IP
interface.
If X-MS-UserLocation=Internal response is received from
Teams, a new IP address/port is allocated using the Internal
Media Realm only if the call is non-direct media i.e. media
traverses the paired SBC to the remote SBCs.
Disable
<FQDN name of the SBC in the enterprise tenant>
(For example, sbc.ACeducation.info defines the host name
(string) that the device uses in the SIP message's Via and
Contact headers. This defines the FQDN as the host name
that is recognized by Microsoft Teams. The device uses this
string for Via and Contact headers in outgoing INVITE
messages sent to a specific IP Group, and the Contact
header in SIP 18x and 200 OK responses for incoming
INVITE messages received from the other configured IP
Groups (SiteA and SiteB).
Yes
Teams Decides (The routing decision is made according to
the Microsoft Teams headers for the primary route)

Configuration Note 42 Document #: LTRT-33454

Configuration Note 2. Direct Routing Local Media Optimization

Parameter Value

This parameter is relevant for inbound calls to Teams when

Teams Local Media
Optimization Initial Behavior
Proxy Keep-Alive using IP
Group settings
Inbound Message
Manipulation Set
Outbound Message
Manipulation Set
Call Setup Rules Set ID
All other parameters can be left unchanged with their default values.
“Teams Local Media Optimization Handling” is set to “Teams
Decides” or “SBC Decides”:
▪ Direct Media (default) – Perform direct media call
towards Teams.
▪ Internal - Perform non-direct media call (media traverses
the paired SBC from the remote SBC) towards Teams
using Internal Media Realm.
▪ External – Perform non-direct media call (media
traverses the paired SBC from the remote SBC) towards
Teams using external (regular) Media Realm.
Note: The value of this parameter can be variable depending
on particular setup
Enable
0
1
0

3. Click +New to add the IP Group for the SBC located at Site A and connected to the SIP
Trunk. Configure the parameters using the table below as reference:
Table 2-12: Configuration Example: IP Group for Site A SBC

Parameter Value

Name SiteA (arbitrary name)

Topology Location Down
Type Server
Proxy Set SiteA
IP Profile SiteA
Media Realm MRLan
Tags Site={RemotePSTNGateWayFQDN}
All other parameters can be left unchanged with their default values.
The Site Tag should be defined as the remote site SBC’s FQDN and should be
discoverable by DNS from the Proxy SBC.

Teams Direct Routing with LMO 43 AudioCodes SBC

 Teams Direct Routing Local Media Optimization

2.5.14 Configure SRTP

This section describes how to configure media security. The Direct Routing Interface requires
the use of SRTP only, so you need to configure the SBC to operate in the same manner.

➢ To configure media security:

1. Open the Media Security page (Setup menu > Signaling & Media tab > Media folder
> Media Security).
2. From the 'Media Security' drop-down list, select Enable to enable SRTP.
Figure 2-30: Configuring Media Security Parameter

3. Click Apply.

2.5.15 Configure Message Condition Rules

This section describes how to configure the Message Condition Rules. A Message Condition
defines special conditions (requisites) for incoming SIP messages. These rules can be used
as additional matching criteria for the IP-to-IP routing rules in the IP-to-IP Routing table.
The following condition verifies that the Contact header contains Teams FQDN.

➢ To configure a Message Condition rule:

1. Open the Message Conditions table (Setup menu > Signaling & Media tab > Message
Manipulation folder > Message Conditions).
2. Click New, and then configure the parameters as follows:

Parameter Value

Index 0
Name Teams-Contact (arbitrary descriptive name)
Condition header.contact.url.host contains 'pstnhub.microsoft.com'

Configuration Note 44 Document #: LTRT-33454

Configuration Note 2. Direct Routing Local Media Optimization

Figure 2-31: Configuring Condition Table

3. Click Apply.

2.5.16 Configure Classification Rules

This section describes how to configure Classification rules. A Classification rule classifies
incoming SIP dialog-initiating requests (e.g., INVITE messages) to a "source" IP Group. The
source IP Group is the SIP entity that sends the SIP dialog request. Once classified, the
device uses the IP Group to process the call (manipulation and routing).
You can also use the Classification table for employing SIP-level access control for
successfully classified calls, by configuring Classification rules with whitelist and blacklist
settings. If a Classification rule is configured as a whitelist ("Allow"), the device accepts the
SIP dialog and processes the call. If the Classification rule is configured as a blacklist
("Deny"), the device rejects the SIP dialog.

➢ To configure a Classification rule:

1. Open the Classification table (Setup menu > Signaling & Media tab > SBC folder >
Classification Table).
2. Click New, and then configure the parameters as follows:

Parameter Value

Index 0
Name Teams
Source SIP Interface Teams
Source IP Address 52.114.*.*
Destination Host sbc.ACeducation.info (example)
Message Condition Teams-Contact
Action Type Allow
Source IP Group Teams

Teams Direct Routing with LMO 45 AudioCodes SBC

 Teams Direct Routing Local Media Optimization

Figure 2-32: Configuring Classification Rule

3. Click Apply.

2.5.17 Configure Call Setup Rules

This section describes how to configure Call Setup Rules based on the site hostname,
extracted from the Request-URI header. Call Setup rules define various sequences (site
destination in this case) that are run upon receipt of an incoming call (dialog) at call setup,
before the device routes the call to its destination.
Configured Call Setup Rules need be assigned to specific IP Group.

➢ To configure a Call Setup Rules based on Site FQDN:

1. Open the Call Setup Rules table (Setup menu > Signaling & Media tab > SIP
Definitions folder > Call Setup Rules).
2. Click New
3. Configure a Call Setup rule according to the parameters described in the table below.
Table 2-13: Call Setup Rules Table

Rules Action
Index Condition Action Subject Action Value
Set ID Type

0 0 Var.Session.0 == '' Var.Session.0 Modify Header.Request-URI.URL.Host.Name

1 0 Var.Session.0 != '' DstTags.Site Modify Var.Session.0

4. Click Apply and then save your settings to flash memory.

Configuration Note 46 Document #: LTRT-33454

Configuration Note 2. Direct Routing Local Media Optimization

2.5.18 Configure Message Manipulation Rules

This section describes how to configure SIP message manipulation rules. SIP message
manipulation rules can include insertion, removal, and/or modification of SIP headers.
Manipulation rules are grouped into Manipulation Sets, enabling you to apply multiple rules
to the same SIP message (IP entity).
Once you have configured the SIP message manipulation rules, you need to assign them to
the relevant IP Group (in the IP Group table) and determine whether they must be applied to
inbound or outbound messages.

➢ To configure SIP message manipulation rules:

1. Open the Message Manipulations page (Setup menu > Signaling & Media tab >
Message Manipulation folder > Message Manipulations).
2. Configure a new manipulation rule (Manipulation Set 0) for Teams IP Group. This rule
applies to messages received from the Teams IP Group. This remove the privacy header
to enable CLI identity.

Parameter Value

Index 0
Name Privacy Header
Manipulation Set ID 0
Condition Header.Privacy contains 'id'
Action Subject Header.Privacy
Action Type Remove
3. Configure another manipulation rule (Manipulation Set 1) for Teams IP Group. This rule
applies to messages sent to the Teams IP Group. This replace the host part of the
Contact Header with the value from the To Header.

Parameter Value

Index 1
Name Replace Host in Contact
Manipulation Set ID 1
Message Type Invite.Request
Action Subject Header.Contact.URL.Host
Action Type Modify
Action Value Header.To.URL.Host

Teams Direct Routing with LMO 47 AudioCodes SBC

 Teams Direct Routing Local Media Optimization

4. Configure a new manipulation rule (Manipulation Set 2) for Teams IP Group. This rule
applies to messages sent towards the Teams IP Group. This rule adds a routing policy
rule towards Microsoft for handling different call forwarding scenarios (according to the
action values shown below).

Parameter Value

Index 2
Name Teams Routing Policy (arbitrary name)
Manipulation Set ID 1
Condition
Action Subject Header.X-MS-RoutingPolicies
Action Type Add
One of the following values:
’none’,
Action Value ’no_missed_call’,
’disable_forwarding’,
’disable_forwarding_except_phone’

Note: Implementation of this Message Manipulation rule with Microsoft Teams is

optional according to site deployment requirements.

Configuration Note 48 Document #: LTRT-33454

Configuration Note 2. Direct Routing Local Media Optimization

2.5.19 Configure IP-to-IP Call Routing Rules

This section describes how to configure IP-to-IP call routing rules. These rules define the
routes for forwarding SIP messages (e.g., INVITE) received from one IP entity to another.
The SBC selects the rule whose configured input characteristics (e.g., IP Group) match those
of the incoming SIP message. If the input characteristics do not match the first rule in the
table, they are compared to the second rule, and so on, until a matching rule is located. If no
rule is matched, the message is rejected.
The example shown below only covers IP-to-IP routing, though you can route the calls from
SIP Trunk (through Site A SBC) to Teams and vice versa. See AudioCodes' SBC
documentation for more information on how to route in other scenarios.
The following IP-to-IP Routing Rules will be defined:
◼ Calls from Teams Direct Routing to SIP Trunk (through Site A SBC)
◼ Calls from SIP Trunk (through Site A SBC) to Teams Direct Routing

➢ To re-configure IP-to-IP routing rules:

1. Open the IP-to-IP Routing table (Setup menu > Signaling & Media tab > SBC folder >
Routing > IP-to-IP Routing).
2. Configure routing rules as shown in the table below:
Table 2-14: IP-to-IP Call Routing Rules

Source Routing
Request Dest Internal
Index Name IP Dest Type Tag
Type IP Group Action
Group Name

Reply
Terminate
0 Any OPTIONS Internal (Response
OPTIONS
='200')
Teams to
SIP Trunk Destination
1 Teams Site
(arbitrary Tag
name)
SIP Trunk
to Teams
2 Any IP Group Teams
(arbitrary
name)

Note: The routing configuration may change according to your specific deployment
topology.

Teams Direct Routing with LMO 49 AudioCodes SBC

 Teams Direct Routing Local Media Optimization

2.5.20 Configure Firewall Settings (Optional)

As an extra security, there is option to configure traffic filtering rules (access list) for incoming
traffic on AudioCodes SBC. For each packet received on the configured network interface,
the SBC searches the table from top to bottom until the first matching rule is found. The
matched rule can permit (allow) or deny (block) the packet. Once a rule in the table is located,
subsequent rules further down the table are ignored. If the end of the table is reached without
a match, the packet is accepted. Please note that the firewall is stateless. The blocking rules
will apply to all incoming packets, including UDP or TCP responses.

➢ To configure a firewall rule:

1. Open the Firewall table (Setup menu > IP Network tab > Security folder> Firewall).
2. Configure the following Access list rules for Teams Direct Rout IP Interface:
Table 2-15: Firewall Table Rules

Use
Subnet Start End Interface Allow
Index Source IP Protocol Specific
Prefix Port Port ID Type
Interface

<Public DNS Server IP>

0 32 0 65535 Any Enable WAN_IF Allow
(e.g. 8.8.8.8)
1 52.114.148.0 32 0 65535 TCP Enable WAN_IF Allow
2 52.114.132.46 32 0 65535 TCP Enable WAN_IF Allow
3 52.114.75.24 32 0 65535 TCP Enable WAN_IF Allow
4 52.114.76.76 32 0 65535 TCP Enable WAN_IF Allow
5 52.114.7.24 32 0 65535 TCP Enable WAN_IF Allow
6 52.114.14.70 32 0 65535 TCP Enable WAN_IF Allow
7 52.114.16.74 32 0 65535 TCP Enable WAN_IF Allow
8 52.114.20.29 32 0 65535 TCP Enable WAN_IF Allow
9 52.114.36.156 32 0 65535 TCP Enable WAN_IF Allow
10 52.114.32.169 32 0 65535 TCP Enable WAN_IF Allow
11 xxx.xxx.xxx.xxx 32 0 65535 UDP Enable WAN_IF Allow
49 0.0.0.0 0 0 65535 Any Enable WAN_IF Block

Note: Be aware, that if in your configuration, connectivity to other entities (except

Teams) is performed through the same IP Interface as Teams (WAN_IF in our example),
you must add rules to allow traffic from these entities. See an example in the row of
index 11.

Configuration Note 50 Document #: LTRT-33454

Configuration Note 2. Direct Routing Local Media Optimization

2.6 Configuring SBC for Local Media Optimization (LMO)

Remote Site SBCs
This section describes the configuration required for supporting Local Media Optimization
handling on the remote site SBCs.

2.6.1 Configure LAN and WAN IP Interfaces

Configuration of the SBC's IP network interfaces done in the same way as in Proxy SBC.
Please refer to Section 2.5.4 on page 25 above.

2.6.2 Configure Media Realms

Configuration of the SBC's IP network interfaces done in the same way as in Proxy SBC.
Please refer to Section 2.5.8 on page 36 above.

2.6.3 Configure SIP Interfaces

This section shows how to configure a SIP Signaling Interfaces on the remote site SBC.

➢ To configure SIP interfaces:

1. Open the SIP Interfaces table (Setup menu > Signaling & Media tab > Core Entities
folder > SIP Interfaces).
2. Enable TLS port for SIP signaling. You can use the default SIP Interface (Index 0),
however modify it as shown in the table below. The table below shows an example of
the configuration. You can change some parameters according to your requirements.
Table 2-16: Configuration Example: Site SBC SIP Interfaces

Enable Classification TLS

Network Application TCP TLS Media
Index Name UDP Port TCP Failure Context
Interface Type Port Port Realm
Keepalive Response Type Name

5060
Disable 0
SIPTrunk (according
(leave (Recommended
0 (arbitrary WAN_IF SBC to Service 0 0 MRWan -
default to prevent DoS
name) Provider
value) attacks)
requirement)

ProxySBC
500 (leave
1 (arbitrary LAN_IF SBC 0 0 5061 Enable MRLan -
default value)
name)

Teams Direct Routing with LMO 51 AudioCodes SBC

 Teams Direct Routing Local Media Optimization

2.6.4 Configure Proxy Sets and Proxy Address

This section describes how to configure Proxy Sets and Proxy address for remote SBCs.

➢ To configure a Proxy Sets:

1. Open the Proxy Sets table (Setup menu > Signaling & Media tab > Core Entities folder
> Proxy Sets).
2. Configure Proxy Sets as shown in the table below
Table 2-17: Configuration Example: Site Proxy Sets

SBC IPv4 SIP TLS Context

Index Name Proxy Keep-Alive
Interface Name

SIPTrunk
1 SIPTrunk Default Using Options
(arbitrary name)
ProxySBC
2 ProxySBC Default Using Options
(arbitrary name)
All other SIP configuration can be left unchanged with their default values.

➢ To configure a Proxy Address for SIP Trunk:

1. Open the Proxy Sets table (Setup menu > Signaling & Media tab > Core Entities folder
> Proxy Sets) and then click the Proxy Set SIPTrunk, and then click the Proxy Address
link located below the table; the Proxy Address table opens.
2. Click +New;
3. Configure the address of the SIP Trunk according to the parameters described in the
table below:
Table 2-18: Configuration Proxy Address for SIP Trunk

Index Proxy Address Transport Type

0 SIPTrunk.com:5060 (SIP Trunk IP / FQDN and port) UDP

All other Proxy Addresses can be left unchanged with their default values.
4. Click Apply.

➢ To configure a Proxy Address for Proxy SBCs:

1. Open the Proxy Sets table (Setup menu > Signaling & Media tab > Core Entities folder
> Proxy Sets) and then click the Proxy Set ProxySBC, and then click the Proxy
Address link located below the table; the Proxy Address table opens.
2. Configure the address of the Proxy SBC according to the parameters described in the
table below:
Table 2-19: Configuration Example: Proxy SBC Address

Index Proxy Address Transport Type

0 {ProxySBC IP}:5061 TLS

All other Proxy Addresses can be left unchanged with their default values.
3. Click Apply.

Configuration Note 52 Document #: LTRT-33454

Configuration Note 2. Direct Routing Local Media Optimization

2.6.5 Configure an IP Profiles

This section describes how to configure the IP Profiles for the SBC at the remote site. See
Appendix C for a summary of all IP Profile configurations.

➢ To configure IP Profile to each remote site SBC:

1. Open the Proxy Sets table (Setup menu > Signaling & Media tab > Coders & Profiles
folder > IP Profiles).
2. Click +New to add the IP Profile for the Microsoft Teams (through Proxy SBC). Configure
the parameters using the table below as a reference.
Table 2-20: Configuration Example: Teams IP Profile (through the Proxy SBC)

Parameter Value

General
Name ProxySBC (arbitrary name)
Media Security
SBC Media Security Mode Secured
SBC Media
Extension Coders Group AudioCodersGroups_1
ICE Mode Lite
SBC Signaling
Remote Update Support Not Supported
Remote re-INVITE Support Supported Only With SDP
Remote Delayed Offer Support Not Supported
Remote Representation Mode Replace Contact
SBC Forward and Transfer
Remote REFER Mode Handle Locally
Remote Replaces Mode Handle Locally
Remote 3xx Mode Handle Locally
SBC Hold
Remote Hold Format Inactive
All other parameters can be left unchanged at their default values.
3. Click Apply.
4. Click +New to add the IP Profile for the SIP Trunk. Configure the parameters using the
table below as reference.
Table 2-21: Configuration Example: SIP Trunk IP Profile (toward SIP Provider/ Media Gateway)

Parameter Value

General
Name SIPTrunk (arbitrary name)
SBC Signaling
P-Asserted-Identity Header Mode Add (required for anonymous calls)

Teams Direct Routing with LMO 53 AudioCodes SBC

 Teams Direct Routing Local Media Optimization

SBC Forward and Transfer

Remote REFER Mode Handle Locally
Remote Replaces Mode Handle Locally
Yes (required, as some SIP Trunks do not play ring-back tone
Play RBT To Transferee
during transfer)
Remote 3xx Mode Handle Locally
All other parameters can be left unchanged at their default values.
5. Click Apply.

Note: Teams Hold music is not supported by Microsoft in consultative transfer of a

PSTN call. The transferee will hear silence during the transfer. To overcome this issue,
it is possible to configure SBC to play music during a consultative transfer. In order to
do this, refer to Section 2.6.9.

2.6.6 Configure IP Groups

This section describes how to configure the IP Groups for the SBC in each remote site.

➢ To configure an IP Groups:
1. Open the IP Groups table (Setup menu > Signaling & Media tab > Core Entities folder
> IP Groups).
2. Click +New to add the IP Group for the SIP Trunk:
Table 2-22: Configuration Example: Site SBC IP Group towards SIP Trunk

Parameter Value

Name SIPTrunk
Type Server
Proxy Set SIPTrunk
IP Profile SIPTrunk
Media Realm MRLan or MRWan (according to your network environment)
SIP Group Name (according to ITSP requirement)
All other parameters can be left unchanged with their default values.
3. Click Apply.
4. Click +New to add the IP Group towards Teams (through Proxy SBC) in the remote site
SBC:
Table 2-23: Configuration Example: Site SBC IP Group towards Teams (through Proxy SBC)

Parameter Value

Name ProxySBC (arbitrary name)

Type Server
Proxy Set ProxySBC
IP Profile ProxySBC

Configuration Note 54 Document #: LTRT-33454

Configuration Note 2. Direct Routing Local Media Optimization

Parameter Value

Media Realm MRLan

SIP Group Name {MSFT - CsOnlinePSTNGateway }
All other parameters can be left unchanged with their default values.
5. Click Apply.

2.6.7 Configure SRTP

Configuration of the SRTP done in the same way as in Proxy SBC. Please refer to Section
2.5.14 on page 44 above.

2.6.8 Configure IP-to-IP Call Routing Rules

This section describes how to configure IP-to-IP call routing rules on the remote site SBC.

➢ To configure IP-to-IP routing rule:

1. Open the IP-to-IP Routing table (Setup menu > Signaling & Media tab > SBC folder >
Routing > IP-to-IP Routing).
2. Configure routing rules as shown in the table below:
Table 2-24: Site IP-to-IP Call Routing Rule

Source IP Request Call ReRoute Dest IP

Index Name Dest Type Internal Action
Group Type Triger IP Group Group

Terminate Reply
0 Any OPTIONS Internal
OPTIONS (Response='200')
Terminate
Refer
1 Any Any REFER ProxySBC IP Group ProxySBC
(arbitrary
name)

Teams to
SIP Trunk
2 ProxySBC IP Group SIPTrunk
(arbitrary
name)

SIP Trunk
to Teams
3 SIPTrunk IP Group ProxySBC
(arbitrary
name)

Teams Direct Routing with LMO 55 AudioCodes SBC

 Teams Direct Routing Local Media Optimization

2.6.9 Configure SBC To Play Music On Hold (Optional)

Teams Hold music is not supported by Microsoft in consultative transfer of a PSTN call. The
transferee will hear silence during the transfer. To overcome this issue, it is possible to
configure SBC to play music during a consultative transfer. In order to do this, a Prerecorded
Tones (PRT) file needs to be prepared and loaded to the SBC. This section shows how to
load a PRT file to the SBC. For a detailed procedure how to create a Prerecorded Tones
(PRT) file, refer to appropriated AudioCodes' device User Manual document.

➢ Update configuration of the SIP Trunk IP Profile:

1. Open the Proxy Sets table (Setup > Signaling and Media > Coders and Profiles >
IP Profiles).
2. Choose SIP Trunk IP Profile, created in the Section 2.6.5 on the page 53. Configure the
parameters using the table below as reference.
Table 2-25: Update Configuration of the SIP Trunk IP Profile

Parameter Value

SBC Hold
Remote Hold Format Send Only
Reliable Held Tone Source No
Play Held Tone Internal
3. Click Apply, and then save your settings to flash memory.

➢ To load PRT file to the device using the Web interface:

1. Open the Auxiliary Files page:
• Toolbar: From the Actions drop-down menu, choose Auxiliary Files.
• Navigation tree: Setup menu > Administration tab > Maintenance folder >
Auxiliary Files.

2. Click the Browse button corresponding to the Prerecorded Tones file type that you
want to load, navigate to the folder in which the file is located, and then click Open; the

Configuration Note 56 Document #: LTRT-33454

Configuration Note 2. Direct Routing Local Media Optimization

name and path of the file appear in the field next to the Browse button.
3. Click the Load File button corresponding to the file you want to load.
4. Save the loaded auxiliary files to flash memory.

Note: If in your configuration connectivity to SIP Trunks provided from the Proxy SBC,
these changes are required on Proxy SBC.

Teams Direct Routing with LMO 57 AudioCodes SBC

 Teams Direct Routing Local Media Optimization

2.7 Adapt Gateway to Work with Local Media

Optimization
This section provides guidelines for configuring PSTN Gateway Application at the remote
sites for supporting Local Media Optimization handling. In order to do this, SBC entities
needed to be configured on the device.

Notes:
• This section is only relevant for implementation, where the remote site is
populated with PSTN connectivity (through Gateway Application).
• The Gateway configuration can vary from customer to customer, therefore in
this document, we only provide the configuration changes that are necessary
to adopt the Gateway to work with Local Media Optimization.
• Device should be populated with the appropriate (SBC session and IP
security) licenses.

2.7.1 Configure SBC SIP Signaling Interface

This section shows how to configure SBC SIP Signaling Interface. To configure SBC SIP
interface:
1. Open the SIP Interfaces table (Setup menu > Signaling & Media tab > Core Entities
folder > SIP Interfaces).
2. Click +New to add SBC SIP Interface (if there is already a configured SIP Interface with
Application Type ‘SBC’, this interface can be used). You can change some parameters
according to your requirements.
Table 2-26: Configuration Example: Site SIP Interface

Index Name Application Type TLS Port

1 ProxySBC (arbitrary name) SBC 5061 (arbitrary port)

All other SIP configuration can be left unchanged with their default values.

2.7.2 Configure SBC Proxy Set

This section describes how to configure SBC Proxy Set towards Proxy SBC.
1. Open the Proxy Sets table (Setup menu > Signaling & Media tab > Core Entities folder
> Proxy Sets).
2. Click +New to add the ProxySBC Proxy Set as shown in the table:
Table 2-27: Configuration Example: Site Proxy Set

SBC IPv4 SIP TLS Context

Index Name Proxy Keep-Alive
Interface Name

1 ProxySBC ProxySBC Default Using Options

All other Proxy Sets can be left unchanged with their default values.

Configuration Note 58 Document #: LTRT-33454

Configuration Note 2. Direct Routing Local Media Optimization

2.7.3 Configure SBC Proxy Address

This section describes how to configure a Proxy address of the Proxy SBC.

➢ To configure a Proxy Address for remote SBC:

1. Open the Proxy Sets table (Setup menu > Signaling & Media tab > Core Entities folder
> Proxy Sets) and then click the Proxy Set ProxySBC, and then click the Proxy
Address link located below the table; the Proxy Address table opens.
2. Configure Proxy Set Address as shown in the table:
Table 2-28: Configuration Example: Site Proxy Address

Index Proxy Address Transport Type

0 {ProxySBC IP}:5061 TLS

All other Proxy Addresses can be left unchanged with their default values.

2.7.4 Configure SBC IP Profile

This section describes how to configure the IP Profile for the Proxy SBC.

➢ To configure IP Profile to the Proxy SBC:

1. Open the Proxy Sets table (Setup menu > Signaling & Media tab > Coders & Profiles
folder > IP Profiles).
2. Click +New to add the IP Profile for the Teams Direct Routing interface through the
Proxy SBC. Configure the parameters using the table below as reference.
Table 2-29: Configuration Example: Teams IP Profile (through the Proxy SBC)

Parameter Value

General
Name ProxySBC (arbitrary name)
Media Security
SBC Media Security Mode Secured
SBC Media
Extension Coders Group AudioCodersGroups_1
ICE Mode Lite
SBC Signaling
Remote Update Support Not Supported
Remote re-INVITE Support Supported Only With SDP
Remote Delayed Offer Support Not Supported
Remote Representation Mode Add Routing Headers
SBC Forward and Transfer
Remote REFER Mode Handle Locally
Remote Replaces Mode Handle Locally
Remote 3xx Mode Handle Locally

Teams Direct Routing with LMO 59 AudioCodes SBC

 Teams Direct Routing Local Media Optimization

SBC Hold
Remote Hold Format Inactive
All other parameters can be left unchanged at their default values.

2.7.5 Configure SBC IP Group

This section describes how to configure the IP group towards Proxy SBC in the remote site.

➢ To configure an IP Group:
1. Open the IP Groups table (Setup menu > Signaling & Media tab > Core Entities folder
> IP Groups).
2. Click +New to add the IP Group towards Proxy SBC:
Table 2-30: Configuration Example: Site IP Group

Parameter Value

Name ProxySBC (arbitrary name)

Type Server
Proxy Set ProxySBC
IP Profile ProxySBC
Media Realm (according to your network environment)
SIP Group Name {MSFT - CsOnlinePSTNGateway }
All other parameters can be left unchanged with their default values.

2.7.6 Configure SBC IP-to-IP Routing Rule

This section describes how to configure IP-to-IP routing rule for calls from Teams (through
Proxy SBC) to the Gateway Application.
The following IP-to-IP Routing Rules are defined:
◼ Terminate SIP OPTIONS messages on the SBC
◼ Terminate REFER messages to Teams Direct Routing
◼ Calls from Teams Direct Routing to the Gateway

➢ To configure SBC IP-to-IP routing rules:

1. Open the IP-to-IP Routing table (Setup menu > Signaling & Media tab > SBC folder >
Routing > IP-to-IP Routing).
2. Configure routing rules as shown in the table below:
Table 2-31: SBC IP-to-IP Routing Rules

Source IP Request Call ReRoute Dest Dest Dest SIP Dest Dest
Index Name
Group Type Triger IP Group Type IP Group Interface Address Port

Terminate Dest
0 Any OPTIONS internal
OPTIONS Address

Refer from
Teams Request
1 Any REFER ProxySBC ProxySBC
(arbitrary URI
name)

Configuration Note 60 Document #: LTRT-33454

 Configuration Note 2. Direct Routing Local Media Optimization

Source IP Request Call ReRoute Dest Dest Dest SIP Dest Dest
Index Name
Group Type Triger IP Group Type IP Group Interface Address Port

Teams to GW {GW SIP

Dest {GW SIP {GW IP
2 (arbitrary ProxySBC Interface
Address Interface} Interface}
name) port}

2.7.7 Configure Gateway Tel-to-IP Routing Rule

This section describes how to configure Gateway Tel-to-IP routing rule for routing calls from
PSTN to Teams through Proxy SBC.

➢ To configure Tel-to-IP routing rules:

1. Open the Tel-to-IP Routing table (Setup menu > Signaling & Media tab > Gateway
folder > Routing > Tel > IP Routing).
2. Click New and configure routing rule as shown in the table below:
Table 2-32: Gateway Tel-to-IP Routing Rule

Route Name IP Profile Dest IP Group Name

GW to Teams
Teams ProxySBC
(arbitrary name)
All other parameters can be left unchanged with their default values.

Teams Direct Routing with LMO 61 AudioCodes SBC

 Teams Direct Routing Local Media Optimization

This page is intentionally left blank.

Configuration Note 62 Document #: LTRT-33454

Configuration Note 3. Verify the Pairing Between the SBC and Direct Routing

3 Verify the Pairing Between the SBC and

Direct Routing
After you have paired the SBC with Direct Routing using the New-CsOnlinePSTNGateway
PowerShell command, validate that the SBC can successfully exchange OPTIONS with
Direct Routing.

➢ To validate the pairing using SIP OPTIONS:

1. Open the Proxy Set Status page (Monitor menu > VoIP Status tab> Proxy Set Status).
2. Find the Direct SIP connection and verify that 'Status' is online. If you see a failure, you
need to troubleshoot the connection first, before configuring voice routing.
Figure 3-1: Proxy Set Status

Teams Direct Routing with LMO 63 AudioCodes SBC

 Teams Direct Routing Local Media Optimization

This page is intentionally left blank.

Configuration Note 64 Document #: LTRT-33454

Configuration Note A. Syntax Requirements for SIP Messages 'INVITE' and 'OPTIONS'

A Syntax Requirements for SIP Messages

'INVITE' and 'OPTIONS'
The syntax of SIP messages must conform with Direct Routing requirements.
This section covers the high-level requirements for the SIP syntax used in 'INVITE' and
'OPTIONS' messages. You can use the information presented here as a first step when
troubleshooting unsuccessful calls. AudioCodes has found that most errors are related to
incorrect syntax in SIP messages.

A.1 Terminology
Strictly required. The deployment does not function correctly without the correct
Must
configuration of these parameters.

A.2 Syntax Requirements for 'INVITE' Messages

Figure A-1: Example of an 'INVITE' Message

◼ Contact header
• MUST: When placing calls to the Direct Routing interface, the 'CONTACT' header
must have the SBC FQDN in the URI hostname
• Syntax: Contact: <phone number>@<FQDN of the SBC>:<SBC Port>;<transport
type>
• If the parameter is not configured correctly, calls are rejected with a '403 Forbidden'
message.

Teams Direct Routing with LMO 65 AudioCodes SBC

 Teams Direct Routing Local Media Optimization

A.3 Syntax Requirements for 'INVITE' Messages in Media

Optimization
Figure A-2: Example of an 'INVITE' Message (External user)

Figure A-3: Example of an 'INVITE' Message (Internal User)

• Privacy header removed

• X-MS- headers receive by Teams

A.4 Syntax Requirements for 'INVITE' Messages in site for

Media Optimization
Figure A-4: Example of an 'INVITE' Message From Site to Teams

• Contact header with Source Site FQDN

Configuration Note 66 Document #: LTRT-33454

Configuration Note A. Syntax Requirements for SIP Messages 'INVITE' and 'OPTIONS'

A.5 Requirements for 'OPTIONS' Messages Syntax

Figure A-5: Example of 'OPTIONS' message

◼ Contact header
• MUST: When sending OPTIONS to the Direct Routing interface, the 'CONTACT'
header must have the SBC FQDN in the URI hostname
• Syntax: Contact: <phone number>@<FQDN of the SBC>:<SBC Port>;<transport
type>
• If the parameter is not configured correctly, the calls are rejected with a '403
Forbidden' message
The table below shows where in the Web interface the parameters are configured and where in this
document you can find the configuration instructions.
Table A-1: Syntax Requirements for an 'OPTIONS' Message

Parameter Where Configured How to Configure

Contact Setup > Signaling and Media > See Section 2.12.
Core Entities > IP Groups>
<Group Name> > Local Host
Name
In IP Group, 'Contact' must be
configured. In this field ('Local Host
Name'), define the local host name
of the SBC as a string, for
example, sbc.ACeducation.info.
The name changes the host name
in the call received from the IP
Group.

Teams Direct Routing with LMO 67 AudioCodes SBC

 Teams Direct Routing Local Media Optimization

A.6 Connectivity Interface Characteristics

The table below shows the technical characteristics of the Direct Routing interface.
In most cases, Microsoft uses RFC standards as a guide during development, but does not
guarantee interoperability with SBCs - even if they support all the parameters in the table below
- due to the specifics of the implementation of the standards by SBC vendors.
Microsoft has a partnership with some SBC vendors and guarantees their devices'
interoperability with the interface. All validated devices are listed on Microsoft's website.
Microsoft only supports devices that are validated in order to connect to the Direct Routing
interface.
AudioCodes is one of the vendors who are in partnership with Microsoft.
AudioCodes' SBCs are validated by Microsoft to connect to the Direct Routing interface.
Table A-2: Teams Direct Routing Interface - Technical Characteristics

Category Parameter Value Comments

Ports and SIP Interface FQDN See Microsoft's -
IP ranges Name document Deploying
Direct Routing Guide.
IP Addresses range for See Microsoft's -
SIP interfaces document Deploying
Direct Routing Guide.
SIP Port 5061 -
IP Address range for See Microsoft's -
Media document Deploying
Direct Routing Guide.
Media port range on See Microsoft's -
Media Processors document Deploying
Direct Routing Guide.
Media Port range on See Microsoft's -
the client document Deploying
Direct Routing Guide.
Transport SIP transport TLS -
and
Security Media Transport SRTP -
SRTP Security Context DTLS, SIPS https://tools.ietf.org/html/rfc57
Note: Support for DTLS 63
is pending. Currently,
SIPS must be
configured. When
support for DTLS will be
announced, it will be
the recommended
context.
Crypto Suite AES_CM_128_HMAC_ -
SHA1_80, non-MKI
Control protocol for SRTCP (SRTCP-Mux Using RTCP MUX helps
media transport recommended) reduce the number of required
ports

Configuration Note 68 Document #: LTRT-33454

Configuration Note A. Syntax Requirements for SIP Messages 'INVITE' and 'OPTIONS'

Category Parameter Value Comments

Supported Certification See the Deployment -
Authorities Guide

Transport for Media ▪ ICE-lite (RFC5245) -

Bypass (of configured) – recommended
▪ Client also has
Transport Relays
Audio codecs ▪ G711 -
▪ Silk (Teams clients)
▪ Opus (WebRTC
clients) - only if
Media Bypass is
used
▪ G729
Codecs Other codecs ▪ CN -
▪ Required
narrowband and
wideband
▪ RED - Not required
▪ DTMF - Required
▪ Events 0-16
▪ Silence Suppression
- Not required

Teams Direct Routing with LMO 69 AudioCodes SBC

 Teams Direct Routing Local Media Optimization

This page is intentionally left blank.

Configuration Note 70 Document #: LTRT-33454

Configuration Note B. SIP Proxy Direct Routing Requirements

B SIP Proxy Direct Routing Requirements

Teams Direct Routing has three FQDNs:
◼ sip.pstnhub.microsoft.com [Global FQDN. The SBC attempts to use it as the first
priority region. When the SBC sends a request to resolve this name, the Microsoft Azure
DNS server returns an IP address pointing to the primary Azure datacenter assigned to
the SBC. The assignment is based on performance metrics of the datacenters and
geographical proximity to the SBC. The IP address returned corresponds to the primary
FQDN.]
◼ sip2.pstnhub.microsoft.com [Secondary FQDN. Geographically maps to the second
priority region.]
◼ sip3.pstnhub.microsoft.com [Tertiary FQDN. Geographically maps to the third priority
region.]
These three FQDNs must be placed in the order shown above to provide optimal quality of
experience (less loaded and closest to the SBC datacenter assigned by querying the first
FQDN).
The three FQDNs provide a failover if a connection is established from an SBC to a datacenter
that is experiencing a temporary issue.

B.1 Failover Mechanism

The SBC queries the DNS server to resolve sip.pstnhub.microsoft.com. The primary
datacenter is selected based on geographical proximity and datacenters performance metrics.
If during the connection the primary datacenter experiences an issue, the SBC will attempt
sip2.pstnhub.microsoft.com which resolves to the second assigned datacenter, and in rare
cases if datacenters in two regions are unavailable, the SBC retries the last FQDN
(sip3.pstnhub.microsoft.com) which provides the tertiary datacenter IP address.
The SBC must send SIP OPTIONS to all IP addresses that are resolved from the three FQDNs,
that is, sip.pstnhub.microsoft.com, sip2.pstnhub.microsoft.com and
sip3.pstnhub.microsoft.com.

Teams Direct Routing with LMO 71 AudioCodes SBC

 Teams Direct Routing Local Media Optimization

This page is intentionally left blank.

Configuration Note 72 Document #: LTRT-33454

Configuration Note C. Configuration Quick Guidelines

C Configuration Quick Guidelines

This appendix provides quick guidelines for configuring of the SBC’s (Proxy SBC and the remote
sites SBC’s) to support Local Media Optimization.

C.1 Proxy SBC Scenario Topology

Figure C-1: IP Profile for Remote Sites and Proxy SBC
Proxy SBC
Remote Site A

Session Border Controller + DR

Phone System
PSTN (Cloud PBX)

Remote Site B

C.2 SIP Interface

Table C-1: SIP Interface Proxy SBC Configuration Summary

Classification
Enable TLS
Network Application UDP TCP Failure Media
Index Name TLS Port TCP Context
Interface Type Port Port Response Realm
Keepalive Name
Type

5061
SiteSIPInt (accordi Disable
erface ng to (leave 500 (leave
0 LAN_IF SBC 0 0 MRLan -
(arbitrary site default default value)
name) requirem value)
ent)

5061 (as
0
Teams configur
(Recommend
1 (arbitrary WAN_IF SBC 0 0 ed in the Enable MRWan Teams
ed to prevent
name) Office
DoS attacks)
365)

Teams Direct Routing with LMO 73 AudioCodes SBC

 Teams Direct Routing Local Media Optimization

Table C-2: SIP Interface Remote SBC Configuration Summary

Enable Classification TLS

Network Application TCP TLS Media
Index Name UDP Port TCP Failure Context
Interface Type Port Port Realm
Keepalive Response Type Name

5060
Disable 0
SIPTrunk (according
(leave (Recommended
0 (arbitrary WAN_IF SBC to Service 0 0 MRWan -
default to prevent DoS
name) Provider
value) attacks)
requirement)

ProxySBC
500 (leave
1 (arbitrary LAN_IF SBC 0 0 5061 Enable MRLan -
default value)
name)

C.3 Proxy Set

Table C-3: Proxy Set Proxy SBC Configuration Summary

Proxy
TLS Proxy Proxy
SBC IPv4 SIP Load Transport Proxy
Index Name Context Keep- Hot Proxy Address
Interface Balancing Type Priority
Name Alive Swap
Method

sip.pstnhub.micros
oft.com:5061
Teams TLS 1
Using Random sip2.pstnhub.micr
1 (arbitrary Teams Teams Enable TLS 2
Options Weights osoft.com:5061
name) TLS 3
sip3.pstnhub.micr
osoft.com:5061
SiteA 192.168.1.5:5061
SiteSIPInterface Using
2 (arbitrary Default - - (IP address of the TLS
(arbitrary name) Options
name) SiteA SBC)

SiteB 192.168.2.5:5061
SiteSIPInterface Using
3 (arbitrary Default - - (IP address of the TLS
(arbitrary name) Options
name) SiteB SBC)

Table C-4: Proxy SET Remote SBC Configuration Summary

Proxy
SBC IPv4 TLS Proxy Proxy
Load Transport
Index Name SIP Context Keep- Hot Proxy Address Proxy Priority
Balancing Type
Interface Name Alive Swap
Method

SIPTrunk
Using
1 (arbitrary SIPTrunk Default - - SIPTrunk.com:5060 UDP -
Options
name)

ProxySBC
Using
2 (arbitrary ProxySBC Default - - {ProxySBC IP}:5061 TLS -
Options
name)

Configuration Note 74 Document #: LTRT-33454

Configuration Note C. Configuration Quick Guidelines

C.4 IP Profile
Table C-5: IP Profile Configuration Summary

Remote SBC Proxy SBC

Parameter Value Value Value Value

General

SIPTrunk (toward
SiteA (toward site
Name SIP Provider/ ProxySBC Teams
A Remote SBC)
MGW appl)

SBC Media Security

Not Secured
SBC Media Secured Secured
(should be
Security (according to (according to Secured
synchronized with
Mode customer needs) customer needs)
SIP provider)

SBC Early Media

By Media
(required, as
Remote Teams Direct
Early Media Routing does not
By Signaling By Signaling By Signaling
RTP send RTP
(Default) (Default) (Default)
Detection immediately to
Mode remote side when it
sends a SIP 18x
response)

SBC Media

Extension
AudioCodersGro AudioCodersGro AudioCodersGro AudioCodersGro
Coders
ups_1 ups_1 ups_1 ups_1
Group
Generate Always
(required, as some
ITSPs do not send
RTCP Transparent Transparent Transparent
RTCP packets
Mode (Default) (Default) (Default)
during Hold, but
Microsoft expects
them)
ICE Mode Disable (Default) Lite Disable (Default) Lite

SBC Signaling

P-Asserted-
Identity Add (required for
As Is (Default) As Is (Default) As Is (Default)
Header anonymous calls)
Mode
SIP
Supported Supported
UPDATE Not Supported Not Supported
(Default) (Default)
Support

Teams Direct Routing with LMO 75 AudioCodes SBC

 Teams Direct Routing Local Media Optimization

Remote SBC Proxy SBC

Remote re-
Supported Supported Only Supported Supported Only
INVITE
(Default) With SDP (Default) With SDP
Support
Remote
Delayed Supported Supported
Not Supported Not Supported
Offer (Default) (Default)
Support
Remote According to According to
Add Routing
Representa Operation Mode Replace Contact Operation Mode
Headers
tion Mode (Default) (Default)

SBC Forward and Transfer

Remote
REFER Handle Locally Handle Locally Regular (Default) Regular (Default)
Mode
Remote
Replaces Handle Locally Handle Locally Standard (Default) Standard (Default)
Mode
Play RBT
To Yes No (Default) No (Default) No (Default)
Transferee
Remote Transparent Transparent
Handle Locally Handle Locally
3xx Mode (Default) (Default)

SBC Hold

Send Only (Only

Remote in case, when you
Transparent
Hold want that SBC will Inactive Inactive
(Default)
Format play Music On
Hold)
No (Only in case,
Reliable
when you want that
Held Tone Yes (Default) Yes (Default) Yes (Default)
SBC will play
Source
Music On Hold)
Internal (Only in
case, when you
Play Held
want that SBC will No (Default) No (Default) No (Default)
Tone
play Music On
Hold)
All other parameters can be left unchanged at their default values.

Configuration Note 76 Document #: LTRT-33454

Configuration Note C. Configuration Quick Guidelines

C.5 IP Group
Table C-6: IP Group Proxy SBC toward Teams Configuration Summary

Parameter Value

Name Teams
Type Server
Proxy Set Teams
IP Profile Teams
Media Realm MRWan
MRLan
This parameter is relevant when the 'Teams Local Media Optimization
Handling' parameter (see below) is configured to any value other than
“None” and the X-MS-UserLocation header in the incoming SIP message is
Internal Media Realm set to ‘Internal’. In this case, the Internal Media Realm determines the UDP
port range and maximum sessions for Media traffic on this IP interface.

If X-MS-UserLocation=Internal response is received from Teams, a new IP

address/port is allocated using the Internal Media Realm only if the call is
non-direct media i.e. media traverses the paired SBC to the remote SBCs.

Classify by Proxy Set Disable

<FQDN name of the SBC in the enterprise tenant> (For example,
sbc.ACeducation.info defines the host name (string) that the device uses in
the SIP message's Via and Contact headers. This defines the FQDN as the
host name that is recognized by Microsoft Teams. The device uses this
Local Host Name
string for Via and Contact headers in outgoing INVITE messages sent to a
specific IP Group, and the Contact header in SIP 18x and 200 OK
responses for incoming INVITE messages received from the other
configured IP Groups (SiteA and SiteB).
Always Use Src
Yes
Address
Teams Local Media Teams Decides (The routing decision is made according to the Microsoft
Optimization Handling Teams headers for the primary route)
This parameter is relevant for inbound calls to Teams when “Teams Local
Media Optimization Handling” is set to “Teams Decides” or “SBC Decides”:
• Direct Media (default) – Perform direct media call towards Teams.
• Internal - Perform non-direct media call (media traverses the paired
Teams Local Media
SBC from the remote SBC) towards Teams using Internal Media Realm.
Optimization Initial
• External – Perform non-direct media call (media traverses the paired
Behavior
SBC from the remote SBC) towards Teams using external (regular)
Media Realm.
Note: The value of this parameter can be variable depending on particular
setup
Proxy Keep-Alive using
Enable
IP Group settings
Inbound Message
0
Manipulation Set
Outbound Message
1
Manipulation Set
Call Setup Rules Set ID 0

Teams Direct Routing with LMO 77 AudioCodes SBC

 Teams Direct Routing Local Media Optimization

Table C-7: IP Group Proxy SBC toward Remote SBC’s Configuration Summary

Parameter Value

Name SiteA/SiteB
Type Server
Proxy Set SiteA/SiteB
IP Profile SiteA/SiteB
Media Realm MRLan
Site={RemotePSTNGateWayFQDN}
Tags The Site Tag should be defined as the remote site SBC’s FQDN and
should be discoverable by DNS from the Proxy SBC.
All other parameters can be left unchanged with their default values.

Table C-8: IP Group Remote SBC toward Proxy SBC Configuration Summary

Parameter Value

Name ProxySBC (arbitrary name)

Topology Location Down
Type Server
Proxy Set ProxySBC
IP Profile ProxySBC
Media Realm MRLan
SIP Group Name {MSFT - CsOnlinePSTNGateway }
All other parameters can be left unchanged with their default values.

Table C-9: IP Group Remote SBC toward SIP Trunk (PSTN) Configuration Summary

Parameter Value

Name SIPTrunk (arbitrary name)

Topology Location Down
Type Server
Proxy Set SIPTrunk
IP Profile SIPTrunk
Media Realm MRWan
Classify by Proxy Set Enable
SIP Group Name (according to ITSP requirement)
All other parameters can be left unchanged with their default values.

Configuration Note 78 Document #: LTRT-33454

Configuration Note C. Configuration Quick Guidelines

C.6 IP-To-IP Routing

Table C-10: IP-To-IP Routing in the Proxy SBC

Routing
Source IP Request Dest IP
Index Name Dest Type Tag Internal Action
Group Type Group
Name

Terminate
0 Any OPTIONS Internal Reply (Response='200')
OPTIONS

Teams to
SIP Trunk
1 Teams Destination Tag Site
(arbitrary
name)

SIP Trunk
to Teams
2 Any IP Group Teams
(arbitrary
name)

Table C-11: IP-To-IP Routing in the Remote Site SBC

Source IP Request Call ReRoute IP Dest Dest IP

Index Name Dest Address
Group Type Triger Group Type Group

Terminate Reply
0 Any OPTIONS Internal
OPTIONS (Response='200')

Terminate
Refer IP
1 Any Any REFER ProxySBC ProxySBC
(arbitrary Group
name)

Teams to
SIP Trunk IP
2 ProxySBC SIPTrunk
(arbitrary Group
name)

SIP Trunk
to Teams IP
3 SIPTrunk ProxySBC
(arbitrary Group
name)

Teams Direct Routing with LMO 79 AudioCodes SBC

 Teams Direct Routing Local Media Optimization

C.7 Message Manipulations

Table C-12: Proxy SBC Message Manipulation Index 0

Parameter Value

Index 0
Name Privacy Header
Manipulation Set ID 0
Condition Header.Privacy contains 'id'
Action Subject Header.Privacy
Action Type Remove

Table C-13: Proxy SBC Message Manipulation Index 1

Parameter Value

Index 1
Name Replace Host in Contact
Manipulation Set ID 1
Message Type Invite.Request
Action Subject Header.Contact.URL.Host
Action Type Modify
Action Value Header.To.URL.Host

Configuration Note 80 Document #: LTRT-33454

Configuration Note D. AudioCodes ARM and SBCs with Teams Direct Local Media Optimization

D AudioCodes ARM and SBCs with Teams

Direct Local Media Optimization
This appendix describes how to provision all the system components involved in the ARM and
SBC solution for Teams Direct Routing Local Media Optimization.

D.1 About AudioCodes Routing Manager (ARM)

The ARM is a LINUX-based, software-only, telephony management product which expedites
and streamlines IP telephony routing for enterprises with multiple globally distributed branches.
The ARM determines the quickest, least expensive, and best call quality routes in packet
networks. Routing data, previously located on the SBC, Unified Communications (UC)
application (e.g., Microsoft's Skype for Business), or Media Gateway, is now located on the ARM
server. If an enterprise has an SBC in every branch, a single ARM, deployed in HQ, can route
all calls in the globally distributed corporate network to PSTN, the local provider, enterprise
headquarters, or to the IP network. Routing rules, configured by the IT manager in the ARM's
Routing Table, perform the routing.
If an enterprise has only one or two branches, its IT manager can easily independently
implement maintenance changes. In globally distributed enterprises, IT managers until now had
to laboriously implement changes, multiple times, per branch. With the ARM, IT managers
implement changes only once, saving significant labor and time resources and costs.

D.2 Solution Overview

In Teams Direct Local Media Optimization, ARM handles call signaling for all solution SBCs
(Proxy SBC and Remote SBCs). Remote SBCs handle the Local Media Optimization business
logic. ARM significantly simplifies the provisioning of connectivity between the Proxy SBC and
Regional SBC and visualizes the topology.
Figure D-1: IP Profile for Remote Sites and Proxy SBC

Teams Direct Routing with LMO 81 AudioCodes SBC

 Teams Direct Routing Local Media Optimization

The following sections describe the exact steps for configuring:

◼ Proxy and Remote SBCs
◼ ARM - Nodes, Connections, Routing Rules

D.3 Configuration of the SBCs

Notes:
• Validate that your AudioCodes' Mediant SBCs are loaded with the correct
firmware version (7.20A.258.354 or later).
• The following sections assumes that an SBC configuration is deployed in
production working with Local Media Optimization and you wish to add support
for working with ARM.

D.3.1 Configuring Proxy SBC for Local Media Optimization (LMO)

This section describes the configuration required for supporting Local Media Optimization
handling on the Proxy SBC.

➢ To configure LMO on Proxy SBC:

1. Configure the IP Interfaces as described in Section 2.5.4.
2. Configure the TLS Context as described in Section 2.5.5.
3. Generate and install a certificate as described in Section 2.5.6.
4. Load the Baltimore Trusted Root Certificates as described in Section 2.5.7.
5. Open the SRDs table (Setup menu > Signaling & Media tab > Core Entities folder >
SRDs) and set the 'Used by Routing Server' parameter to ‘Used’ for all SRDs.

Note: If the SBC is already provisioned to work with Local Media Optimization, and the
solution is being extended to work with ARM, set the 'Used by Routing Server' parameter
to ‘Used’ for all SRDs.

6. Configure the Media Realms as described in Section 2.5.8 and set the 'Used by Routing
Server' parameter to ‘Used’ for both Media Realms.

Note: If the SBC is already provisioned to work with Local Media Optimization and the
solution is being extended to work with ARM, set the 'Used by Routing Server' parameter
to ‘Used’ for both Media Realms.

7. Configure SIP Interfaces as described in Section 2.5.9 and set the 'Used by Routing Server'
parameter to ‘Used’ for both interfaces.

Note: If SBC is already provisioned to work with Local Media Optimization, and the
solution is being extended to work with ARM, set the 'Used by Routing Server' parameter
to ‘Used’ for both interfaces.

8. Add a Proxy Set towards Teams as described in Section 2.5.10.

a. Configure the Proxy Set according to Table 2-6 (Teams).
b. Configure the Proxy Address for this Proxy Set as described in Table 2-7.

Note: If SBC is already provisioned to work with Local Media Optimization, and the
solution is being extended to work with ARM, delete all Proxy Sets towards sites.

9. Configure the Coder Groups as described in Section 2.5.11.

Configuration Note 82 Document #: LTRT-33454

Configuration Note D. AudioCodes ARM and SBCs with Teams Direct Local Media Optimization

10. Add an IP Profiles for Teams as described in Section 2.5.12 according to Table 2-9.
11. Add an IP Group toward Teams as described in Section 2.5.13 according to Table 2-11
and set the 'Used by Routing Server' parameter to ‘Used’.

Note: If SBC is already provisioned to work with Local Media Optimization, and the
solution is being extended to work with ARM, set the 'Used by Routing Server' parameter
to ‘Used’ and delete all IP Groups towards sites.

12. Configure the SRTP as described in Section 2.5.14.

13. Add a Message Condition as described in Section 2.5.15.
14. Add a Classification Rules as described in Section 2.5.16.
15. Add Message Manipulations as described in Chapter 2.5.18.
16. Open the IP-to-IP Routing table (Setup menu > Signaling & Media tab > SBC folder >
Routing > IP-to-IP Routing).
17. Insert a new row to work with the ARM (should be before the other INVITE rules):

Index Name Source IP Group Request Type Destination Type

1 ARM Any INVITE Routing Server

D.3.2 Configuring Remote Site SBCs for Local Media Optimization

(LMO)
This section describes the configuration required for supporting Local Media Optimization
handling on the remote site SBCs.

➢ To configure remote site SBCs for LMO:

1. Configure the IP Interfaces as described in Section 2.6.1.
2. Open the SRDs table (Setup menu > Signaling & Media tab > Core Entities folder >
SRDs) and set the 'Used by Routing Server' parameter to ‘Used’ for all SRDs.

Note: If the SBC is already provisioned to work with Local Media Optimization, and the
solution is now being extended to work with ARM, set the 'Used by Routing Server'
parameter to ‘Used’ for all SRDs.

3. Configure the Media Realms as described in Section 2.6.2 and set the 'Used by Routing
Server' parameter to ‘Used’ for both Media Realms.

Note: If the SBC is already provisioned to work with Local Media Optimization, and the
solution is now being extended to work with ARM, set the 'Used by Routing Server'
parameter to ‘Used’ for both Media Realms.

4. Configure SIP Interfaces as described in Section 2.6.3 and set 'Used by Routing Server'
parameter to ‘Used’ for both interfaces.

Note: If the SBC is already provisioned to work with Local Media Optimization, and the
solution is now being extended to work with ARM, set the 'Used by Routing Server'
parameter to ‘Used’ for both interfaces.

5. Add a Proxy Set toward SIP Trunk as described in Section 2.6.4.

a. Configure the Proxy Set according to Table 2-17.
b. Configure the Proxy Address for this Proxy Set as described in Table 2-18.

Note: If SBC is already provisioned to work with Local Media Optimization, and now
solution is extended with ARM, you have to delete Proxy Set towards Proxy SBC.

Teams Direct Routing with LMO 83 AudioCodes SBC

 Teams Direct Routing Local Media Optimization

6. Add an IP Profiles for SIP Trunk as described in Section 2.6.5 according to Table 2-21.
7. Add an IP Group toward SIP Trunk as described in Section 2.6.6 according to Table 2-22
and set the 'Used by Routing Server' parameter to ‘Used’.

Note: If the SBC is already provisioned to work with Local Media Optimization, and the
solution is being extended to work with ARM, set the 'Used by Routing Server' parameter
to ‘Used’ and delete IP Group towards Proxy SBC.

8. Configure the SRTP as described in Section 2.6.7.

9. Open the IP-to-IP Routing table (Setup menu > Signaling & Media tab > SBC folder >
Routing > IP-to-IP Routing).
10. Insert a new row to work with the ARM (should be before the other INVITE rules):

Index Name Source IP Group Request Type Destination Type

1 ARM Any INVITE Routing Server

Configuration Note 84 Document #: LTRT-33454

Configuration Note D. AudioCodes ARM and SBCs with Teams Direct Local Media Optimization

D.4 ARM Configuration

This section describes how to configure the ARM Web interface.

D.4.1 Defining SBC Nodes

This section describes how to define SBC nodes.

➢ To define SBC nodes:

1. In ARM GUI Interface, add an AC Node for the Proxy_sbc.
Figure D-2: AC Node for Proxy SBC

2. Add an AC Node for the Remote_SBC.

Figure D-3: AC Node for Remote SBC

Teams Direct Routing with LMO 85 AudioCodes SBC

 Teams Direct Routing Local Media Optimization

3. Unlock the Peer Connections. Wait for Sync. Nodes will be enabled.
Figure D-4: Enable Nodes

D.4.2 Defining Connection

This section describes how to define the connection between the remote SBC and the proxy
SBC.

➢ To define connection between the remote SBC and the proxy SBC:
1. Drag a Connection from the Remote_SBC to the Proxy_sbc.
2. Select the protocol type, Routing Interface, Name, Ip Profile, Media Realm for both Nodes.
3. Configure Sip Group Name for the Remote Node.
Figure D-5: Add Connection

4. Wait for sync. The Connection will be enabled.

Configuration Note 86 Document #: LTRT-33454

Configuration Note D. AudioCodes ARM and SBCs with Teams Direct Local Media Optimization

Figure D-6: Established Connection

5. Edit the Teams Voip-Peer and select TEAMS.

Figure D-7: Teams Voip-Peer

.
6. Edit the SIPTrunk Voip-Peer and select SIP_TRUNK.
Figure D-8: SIPTrunk VoIP-Peer

Figure D-9: Established Connection

Teams Direct Routing with LMO 87 AudioCodes SBC

 Teams Direct Routing Local Media Optimization

D.4.3 Defining Routing Rules

This section describes how to define routing rules.

D.4.3.1 Calls from Teams

This section describes how to define routing rules for calls from Teams.

➢ To define a routing rule for calls from Teams.

1. Add a Routing Rule for incoming call from Teams.
Name = From TEAMS to SIPTrunk
Source Peer Connection = The Peer Connection of Proxy_sbc toward
Teams
Destination Host = {MSFT - CsOnlinePSTNGateway} of Remote_SBC
Routing Action = The Peer Connection of Remote_SBC toward
SIPTrunk
2. Click Live to activate the routing rule; the rule is now activated in the ARM.
Figure D-10: Add a Routing Rule for Incoming Call from Teams

Configuration Note 88 Document #: LTRT-33454

Configuration Note D. AudioCodes ARM and SBCs with Teams Direct Local Media Optimization

D.4.3.2 Calls to Teams

This section describes how to define routing rules for calls to Teams.

➢ To define a routing rule for calls to Teams:

1. Add a Routing Rule for incoming call from SIPTrunk.
Name = From SIPTrunk to TEAMS
Source Peer Connection = The SIPTrunk Peer Connection of
Remote_SBC
Routing Action = The Peer Connection of Proxy_sbc toward TEAMS
2. Define the characteristics of the route request, e.g., the User Group and phone prefix of the
originator/destination.
3. Click Live to activate the routing rule; the rule is now activated in the ARM.
Figure D-11: Add a Routing Rule for Incoming Call from SIP Trunk

Teams Direct Routing with LMO 89 AudioCodes SBC

International Headquarters
1 Hayarden Street,
Airport City
Lod 7019900, Israel
Tel: +972-3-976-4000
Fax: +972-3-976-4040

AudioCodes Inc.
200 Cottontail Lane
Suite A101E
Somerset NJ 08873
Tel: +1-732-469-0880
Fax: +1-732-469-2298

Contact us: https://www.audiocodes.com/corporate/offices-worldwide

website: https://www.audiocodes.com/

©2021 AudioCodes Ltd. All rights reserved. AudioCodes, AC, HD VoIP, HD VoIP Sounds Better, IPmedia, Mediant,
MediaPack, What’s Inside Matters, OSN, SmartTAP, User Management Pack, VMAS, VoIPerfect, VoIPerfectHD, Your
Gateway To VoIP, 3GX, VocaNom, AudioCodes One Voice, AudioCodes Meeting Insights, AudioCodes Room Experience
and CloudBond are trademarks or registered trademarks of AudioCodes Limited. All other products or trademarks are
property of their respective owners. Product specifications are subject to change without notice.

Document #: LTRT-33454