- Stop all the services on the Front-End servers, Archiving, Monitoring and SBA.
- Create the LyncFileshare folder manually with appropriate rights (read & write)
- Create New File Store in the Topology Builder
- File Server FQDN: sg-lyncdb.contoso.com
- File Share: LyncFileShare
- Publish the topology
- Re-point the IIS MeetingFiles to new LyncFileShare
- Re-run “Install or Update Lync Server System” from Lync/SfB Front End servers
- Copy all the content from older file share to the new file share
Moving Standard Lync CMS to Enterprise Lync/SfB
- Backup the CMS from Standard FE server.
- Export-CsConfiguration -Filename Customerconfig.zip
- Export-CsLisConfiguration –Filename Customerlis.zip
- Run as Administrator: Open Lync Management Shell from Enterprise Edition Server and type below.
- Install-CsDatabase –CentralManagementDatabase –UseDefaultSQL Paths -SqlServerFQDN sg-lyncdb.contoso.com –clean
- Run as Administrator: Enable from the Lync topology
- Run as Administrator: Move the CMS
- Restart both Master Replica Service and File-Transfer Agent service on Front end Servers
- Verify if CMS is installed on the EE pool
- Verify if replication is UpToDate
- Re-run “Install or Update Lync Server System” from Front end Servers
Remove the CM store files after a move
- Warning! Do not proceed if Get-CsManagementStoreReplication status isn’t UpToDate yet.
- Login to Standard FE server and remove CMS database files
- Uninstall-CsDatabase –CentralManagementDatabase –SqlServerfqdn sg-LyncTMP.contoso.com –SqlInstanceName rtc
Looks easy, isn’t it?
Firmware version: 7.0
The procedure below describes how to configure the address of the debug recording (capturing) server to where the device sends the captured traffic. Once you configure an address, the device generates DR packets for all calls.
Configuration tab > System menu > Logging > Logging Settings
In the “Debug Recording Destination IP”, put the IP address of your PC where you install and run wireshark.
Configuration tab > System menu > Logging > Logging Filters Table
Set as below:
- Filter Type: Any
- Log Type: Signalling & Media
- Mode: Enable
Activate a wireshark which will gather all the SIP and RTP traffic coming to and from the GW or SBC.
Reproduce the issue, then stop the wireshark. Send the logs to AudioCodes Support.
Note: Disable the Debug Recording on the GW or SBC.
You can configure the amount of information (debug level) to include in Syslog messages.
To configure the Syslog debug level:
Configuration tab > System > Syslog Settings
- Enable Syslog: Enable
- Syslog Server IP Address: IP address where Syslog Viewer or Wireshark is installed
- Syslog Server Port: 514
- Syslog CPU Protection: Enabled
- Debug Level: Detailed
Syslog Viewer can be downloaded here http://www.audiocodes.com/downloads
- Enterprise LAN users in LAN #1 served by SIP entity server #1:
Voice coder: G.711
SIP transport protocol: UDP
- Enterprise LAN users in LAN #2 served by SIP entity server #2:
Voice coder: G.729
SIP transport protocol: TCP
As the two SIP entity servers use different voice codecs, you need to configure the SBC to perform transcoding between the servers. In the example, the codec support is as follows:
SIP Entity Server #1 uses G.711 A-law or G.711 μ-law, and does not allow any other coder in the SDP offer-exchange coder list
SIP Entity Server #2 uses G.729
The configuration for the example uses the following terms related to coders:
Extension Coders: Voice codecs supported by the SIP entity. The SBC adds these coders to the SDP offer sent to the SIP entity. Extension coders are required for transcoding when the two communicating SIP entities support different coders (i.e., supported coders do not appear in the SDP offer).
Allowed Coders: Coders that are permitted to be listed in the SDP offer that the device sends to the SIP entity. This is required for SIP entities that accept only SDPs that include specific coders (for whatever reason). The Allowed coders would include the Extension coder as well as other coders.
Step 1: Add Extension Coder Groups for SIP Entities
A Coder Group (or Extension Coder Group) defines the codecs supported by the SIP entity. Even if the original SDP offer does not include the coder supported by the SIP entity, the SBC adds it to the SDP before sending it to the SIP entity.
In the example, you need to configure a Coder Group per SIP entity server with the supported coder:
SIP Entity Server #1 – G.711 A-law and G.711 μ-law
SIP Entity Server #2 – G.729
Configuration tab > VoIP menu > Coders and Profiles > Coders Group Settings
Coder Group for SIP Entity Server #1
Coder Group for SIP Entity Server #2
Step 2: Add Allowed Coders Group for SIP Entity Server #1
In the example, SIP Entity Server #1 allows only the G.711 A-law and G.711 μ-law coders to be listed in the SDP offer sent to it by the SBC. If other coders are listed in the SDP, the SBC removes them before sending them to the SIP entity. Therefore, you need to configure an Allowed Audio Coders Group with these coders.
Configuration tab > VoIP menu > SBC > Allowed Audio Coders Group
Allowed Audio Coders Group for SIP Entity Server #1
Step 3: Add IP Profiles for SIP Entities and Assign their Coder Groups
An IP Profile defines a set of configuration settings that can be assigned to specific calls. In the example, you need to configure an IP Profile for each SIP entity server and assign it the supported codec (i.e., Coder Group) that you configured in the previous steps:
SIP Entity Server #1: Supports only G.711 (A-law and μ-law) and does not allow other additional coders to be listed in the SDP. Therefore, the IP Profile must be assigned the following:
• Extension Coders Group (Index 1): G.711 (A-law and μ-law)
• Allowed Audio Coders Group (Index 0): G.711 (A-law and μ-law)
SIP Entity Server #2: Supports only G.729, but accepts SDPs listing other additional coders. Therefore, the following configuration is required:
• Extension Coders Group (Index 2): G.729
Configuration tab > VoIP menu > Coders and Profiles > IP Profile Settings
IP Profile for SIP Entity Server #1
IP Profile for SIP Entity Server #2
Step 4: Assign IP Profiles to SIP Entity IP Groups
To associate the voice coders with the SIP entity servers, you need to assign the previously configured IP Profiles to the IP Groups of the SIP entities.
Note: IP Profiles should already been created for SIP entities.
Configuration tab > VoIP menu > VoIP Network > IP Group Table
Assigning IP Profile to IP Group of SIP Entity Server #1
Assigning IP Profile to IP Group of SIP Entity Server #2
AudioCodes has created an SBA Upgrade Kit meant for Skype for Business. Essentially, upgrade depends on customer current M1K model or SBA Platform.
The following table lists the different Mediant 1000B SBA platforms and their corresponding SBA upgrade kits.
Upgrading HDMX Module from HDD to SSD
- Maintain power to the Mediant 1000B SBA chassis.
- Shutdown the SBA server
- Remove the current HDMX module from the chassis:
a. Gently pull the HDMX module’s handle out to the first notch; the handle is now partially pulled out and the module undergoes a shutdown sequence, indicated by the slow-flashing LED on the module.
b. When the LED stops flashing and is constantly lit, indicating that the shutdown sequence is complete, grip and gently pull the HDMX module’s handle to slide the module out of the slot.
- Insert the new HDMX module:
a. Take the HDMX module out of the box in which it was shipped and remove it from the protective plastic packet.
b. Hold the new HDMX module in the correct orientation, as shown in the figure below, and gently insert the module into the slot, sliding it along the slot’s guide rails until it makes contact with the card-edge connector located on the backplane
- Push-in the HDMX module’s handle until it clicks firmly into the slot.
Installing the SBA Skype for Business Image
The SBA Skype for Business application is provided on the USB dongle that is shipped in your ordered SBA upgrade kit. The image also includes Microsoft Windows Server 2012 R2 installation.
• Before installing the SBA Skype for Business image, make sure that your OSN server (SBA server) is running a compatible BIOS version (5603E216 or later). If not, you need to upgrade the BIOS.
• When you install the SBA Skype for Business image, all previous SBA settings are restored to default settings.
To install the SBA Skype for Business image:
- Establish a connection with the OSN server:
• Direct connection through HDMI
- Connect the SBA USB dongle:
• Direct connection through HDMI: Plug the SBA dongle into one of the available USB ports on the USB hub:
- Reset the OSN server using the OSN module’s handle
- Even though the handle can be pulled out two notches, gently pull it out only to the first notch; the LED light starts flashing blue:
- Wait until the LED light changes to solid blue, indicating that the SBA server has shut down.
- Gently push the handle all the way back into the module; the LED switches off, indicating that the SBA server is undergoing a reset:
- At the prompt, type the following:
The following appears:
- At the confirmation prompt, type the following:
The Skype for Business and Windows installation begins. When complete, the following appears:
- Unplug the SBA dongle from the USB port.
- At the prompt, type the following:
• For HDMI Connection: The SBA server restarts to complete installation.
- (For OSN3 Module Only) To activate the Windows Server 2012 R2, access the BIOS of the SBA server and enter the Microsoft license (supplied).
Proceed first to do the usual pre-requisites for SBA installation like:
- Adding SBA to Active Directory
- Defining Branch Site Topology
And continue the SBA configuration through Web-based (HTTP) SBA Management interface. This procedure I will tackle on another blog.
Plan your network design
- Below design is based on AudioCodes M800 CCE
- The two rear Ethernet ports will be used (GE1:Corpnet & Ge2:Internet)
- Front Ethernet port will be used for GW/SBC
Prepare the required IP addresses
- 6 Internal IP addresses
- 1 External IP NAT’ed to 1 Public IP address
- BaseVMIP is optional
- You may put the gateway or SBC same range as Internal IP of the CCE or place it on your internal corporate network range (e.g. 192.168.1.10)
- Below IP addresses are mere examples only
Public DNS Records
- Other Office 365 DNS records should already be created at this point
- SRV records are created as well
Office 365 with CloudPBX license
- E5 license
- E3 + Cloud PBX
Prepare the following Administrator during installation
|Safemode domain Adminfirstname.lastname@example.org|
|Office 365 Global Administratoremail@example.com|
Prepare the Cloud Connector ini file
- I prefer it to be pre-populated before starting the installation
- Values will depend on above information
- Each parameters are explained well here: https://aka.ms/deploycloudconnector
- Common Name: accesspool1.contoso.com
- Subject Alternative Names: accesspool1.contoso.com, sip.contoso.com
Open the Required Firewall Rules
- Here’s the drill, once you have finalize the network design make sure to let company’s Security team approve it as this part usually gets some exciting discussion.
|Source IP||Destination IP||Source Port||Destination Port|
|Cloud Connector Mediation component||SBC/PSTN Gateway||Any||TCP 5060**|
|SBC/PSTN Gateway||Cloud Connector Mediation component||Any||TCP 5068/ TLS 5067|
|Cloud Connector Mediation component||SBC/PSTN Gateway||UDP 49 152 – 57 500||Any***|
|SBC/PSTN Gateway||Cloud Connector Mediation component||Any***||UDP 49 152 – 57 500|
|Cloud Connector Mediation component||Internal clients||TCP 49 152 – 57 500*||TCP 50,000-50,019
|Cloud Connector Mediation component||Internal clients||UDP 49 152 – 57 500*||UDP 50,000-50,019|
|Internal clients||Cloud Connector Mediation component||TCP 50,000-50,019||TCP 49 152 – 57 500*|
|Internal clients||Cloud Connector Mediation component||UDP 50,000-50,019||UDP 49 152 -57 500*|
External firewall – recommended configuration
|Source IP||Destination IP||Source Port||Destination Port|
|Any||Cloud Connector Edge External Interface||Any||TCP 5061|
|Cloud Connector Edge External Interface||Any||Any||TCP 5061|
|Cloud Connector Edge External Interface||Any||Any||TCP 80|
|Cloud Connector Edge External Interface||Any||Any||UDP 53|
|Cloud Connector Edge External Interface||Any||Any||TCP 53|
|Cloud Connector Edge External Interface||Any||TCP 50,000-59,999||Any|
|Cloud Connector Edge External Interface||Any||UDP 3478; UDP 50,000-59,999||Any|
|Any||Cloud Connector Edge External Interface||Any||TCP 443; TCP 50,000-59,999|
|Any||Cloud Connector Edge External Interface||Any||UDP 3478; UDP 50,000 – 59,999|
Once you have done above, you should be ready to start your installation! Hopefully, I could still have time to share my step-by-step installation on next blog 🙂
Stay tune! Cheers!
Last Monday, January 30, 2017, AudioCodes has released the updated Beta version for 450HD phones.
Better Together over Ethernet (BToE) PC application version also has a newer release, version 2.0.3:
- AudioCodes BToE.exe
- AudioCodes BToE.msi
List of New Features:
Online sign-in – connectivity to Office 365. New capability to sign in to (connect to) and authenticate with Microsoft’s Cloud PBX, Microsoft’s cloud-hosted version of enterprise voice. AudioCodes’ phone features two new sign-in method options, allowing users to connect to Microsoft’s Cloud PBX:
- ADAL (Azure AD Authentication Library) that is based on OAuth 2.0 (RFC 6749). The phone always starts with ADAL and if it’s unavailable on the server side, the phone moves to OrgID.
- OrgID (Organizational ID) or LiveID is Microsoft’s proprietary connectivity to Cloud services.
Cloud PBX Web Sign-In k.a. Device Pairing – connectivity to Microsoft’s Cloud PBX, Microsoft’s cloud-hosted version of enterprise voice. AudioCodes’ 450HD IP phone features a sign-in option allowing users to connect to Microsoft’s Cloud PBX: Web Sign-in
The option exempts users from having to laboriously key in their user name and password using the phone keypad in order to sign in. If the option is selected, a URL and a Pairing Code are displayed, as shown in the figure above. Users must then point their browser to the URL and enter the Pairing Code in the Microsoft web page. Sign-in to Microsoft’s Cloud PBX is then performed
Multi-Party Skype for Business Remote Conferencing utilizing CCCP (Centralized Conference Control Protocol) is now supported on the phone. A new Meet Now/Conf softkey is displayed by default in the 400HD phones. The softkey allows users to easily initiate remote multi-party Skype for Business conference calls. By pressing the new softkey, users can initiate, join or be added to a multi-party conference call while having full control and viewing capability. Users can now:
Merging a call into a conference. Two separate calls can now be merged into one conference call. This can be performed via a new Merge option accessed from the phone’s Call Menu softkey, or via the Skype for Business client if the user is paired.
Integration with Microsoft Exchange Server (Calendar) + click to join a Skype for Business meeting. [Applies to all AudioCodes phones except the 420HD]. Users can view their Microsoft Exchange Calendar meetings in the phone’s LCD by selecting a new Calendar option from the MENU key. The phone by default displays meetings scheduled to commence between the present and 24 hours from the present (24H), but the network administrator can change the default and configure the phone to display meetings scheduled to commence between the midnight of the night before the present and the midnight of the night ahead (TODAY). Via the phone, the user can join any online meeting scheduled in Skype for Business: A Join softkey is displayed for the user to join in the meeting online. To connect to Microsoft Exchange and receive the Calendar feature, sign-in must be with username in UPN format, as described in the Note above.
Meeting Reminder. [Applies to all phones except 420HD]. The phone automatically pops up a Meeting Reminder for meetings scheduled in Skype for Business. The Meeting Reminder pops up in the phone’s idle screen at the time defined for it in the Meeting Invitation. Users can either Snooze the Reminder, or Dismiss it. If the user selects Dismiss, the Reminder does not pop up again. The user will still be able to access the Calendar items and view the meeting. If Snooze is selected, the Reminder pops up 10 minutes before the start of the meeting, five minutes before the start of the meeting, and when the meeting starts. This provides the user advance notice and allows them to join in from the phone by selecting a new Join
- Automatic Pairing (requires BToE PC/laptop application Version 2.x). Users no longer need to manually pair the BToE PC/laptop application with the phone. Pairing is now automatically performed when the phone’s PC port is connected to the PC/laptop ‘behind’ the phone. If the laptop after automatic pairing is disconnected and moved to another location, its speaker/headset becomes the audio device associated with the Skype for Business client.
If the laptop is manually paired and then relocated (manual pairing is still an option), Skype for Business audio remains through the phone. It’s therefore advisable to pair automatically.
Phone Automatic lock. The Skype for Business phone now supports the capability to automatically lock after a preconfigured period of time. The feature secures phones against unwanted (mis)use. When the phone is locked:
- Incoming calls are allowed but outgoing calls require a security PIN code
- Without the PIN code, the Call Log, Calendar and Corporate Directory cannot be accessed but users are allowed to call preconfigured emergency numbers
Capability to handle multiple calls – N Concurrent calls (NCC). The phone is capable of managing up to 8 concurrent calls per line, for example, of holding multiple calls and switching between them (most relevant to the receptionist)
Integrated Log Upload. Allows uploading logs from the phone to the Microsoft server for troubleshooting/support purposes. Complies with Microsoft’s certification requirements for 3rd party Skype for Business clients.
Device Update. The Skype for Business server can update the IP phone firmware version.
For detailed information on the update process, refer to https://technet.microsoft.com/en-us/library/gg398861.aspx/
Quality of Experience (QoE) reports are now sent to Microsoft’s SQL server. The phone supports QoE reporting directly to the Skype for Business monitoring tool. Supported metrics include the voice quality parameters of Jitter and Packet Loss.
- New codecs supported: Skype’s SILK 8000 and SILK 16000.
The section below shows the features that were included in Version 3.0 of the 400HD series phone models but which are presently missing from Version 3.0.1 of the 450HD phone model. All features are planned to be supported as part of forthcoming 3.0.1 releases, or as part of the 3.0 GA release.
- Multicast Paging
- Multi-Language support
- Support for video calls.
- Switching between audio devices.
- Visual Voice Mail.
- Skype for Business ‘Favorites’ contacts & Outlook contacts integrated with the phone.
- Locking / unlocking a paired phone: If a user’s phone was automatically paired (by connecting its PC port to the PC/laptop ‘behind’ it) and if the PC/laptop is active (not locked), the phone cannot be manually locked. The user can manually lock it only after locking the PC/laptop.
I’m excited to test these features on my lab, hopefully my boss will lend me one test unit.
Configuration entities configured with the name “LAN” are used for interfacing with the LAN (e.g., IP PBX) and those configured with the name “WAN” are used for the interfacing with the WAN (e.g., SIP Trunk). IP addresses used above are only set as examples.
- AudioCodes Mediant Software
- Firmware Version: 7.00A.049.003
Step 1 – Assign Ethernet Ports to Ethernet Groups
LAN: Ethernet Group 1 with ports GE_1
WAN: Ethernet Group 2 with ports GE_2
Configuration tab > VoIP menu > Network > Ethernet Groups Table
Step 2 – Assign VLAN IDs to Ethernet Groups
LAN: VLAN ID 1 assigned to Ethernet Group 1
WAN: VLAN ID 2 assigned to Ethernet Group 2
Configuration tab > VoIP menu > Network > Ethernet Device Table
Step 3: Add Logical IP Network Interfaces for LAN and WAN
LAN: IP address 172.16.0.234
WAN: IP address 220.127.116.11
VLAN 1 (Ethernet Group 1) is assigned to the LAN interface
VLAN 2 (Ethernet Group 2) is assigned to the WAN interface
Configuration tab > VoIP menu > Network > IP Interfaces Table
Step 4: Add Media Realms for LAN and WAN
Configuration tab > VoIP menu > VoIP Network > Media Realm Table
Media Realm for LAN Interface
Media Realm for WAN Interface
Step 5: Add SIP Interfaces for LAN and WAN
Configuration tab > VoIP menu > VoIP Network > SIP Interface Table
SIP Interface for LAN
SIP Interface for WAN
Step 6: Add Proxy Sets for IP PBX and SIP Trunk
The Proxy Set defines the actual address of SIP server entities in your network. Therefore, you need to add a Proxy Set for the following entities:
LAN: IP PBX with address 172.16.0.231
WAN: SIP Trunk with address 18.104.22.168
Configuration tab > VoIP menu > VoIP Network > Proxy Sets Table
Proxy Set for IP PBX (e.g. Skype for Business)
Select the table row of the Proxy Set that you added, and then click the Proxy Address Table link located below the table
Proxy Set for ITSP (e.g. Telstra)
Select the table row of the Proxy Set that you added, and then click the Proxy Address Table link located below the table.
Step 7: Add IP Groups for IP PBX and SIP Trunk
The IP Group represents the SIP entity. In the example, you need to add an IP Group for the following entities:
WAN SIP Trunk (server-type IP Group)
LAN IP PBX (server-type IP Group)
Configuration tab > VoIP menu > VoIP Network > IP Group Table
IP Group for LAN IP PBX
IP Group for WAN SIP Trunk
Step 8: Add IP-to-IP Call Routing Rules
For call routing between the SIP entities, you need to add IP-to-IP routing rules for the following call directions:
Calls from the WAN SIP Trunk to the LAN IP PBX.
Calls from the LAN IP PBX to the WAN SIP Trunk.
Configuration tab > VoIP menu > SBC > Routing SBC > IP-to-IP Routing Table
Call Routing Rule from WAN SIP Trunk to LAN IP PBX
Call Routing Rule from LAN IP PBX to WAN SIP Trunk
It will look like this
Note: A destination SIP Interface is not specified for the routing rules. The ‘Destination SIP Interface’ parameter is applicable only if the ‘Destination Type’ parameter is configured to any value other than IP Group.
Step 9: Add IP-to-IP Manipulations
Essentially, manipulation will depend on your scenario and requirements. Like for example, if your IP-PBX is a Skype for Business you need to configure your incoming destination number to be in E.164 format like +65912345678. On the other hand, the destination number for outgoing calls must strip + sign or + and country code. And usually add 00 for international calls.
I will discuss more of this on another blog so just tune in.
Hope it’ll help you to initially setup your AudioCodes Mediant SW SBC!!
- AudioCodes Auto-Attendant is installed as virtual machine inside the SBA.
- SBA is associated to a SfB Enterprise Edition in Central Pool.
- AudioCodes AA configured with Automatic Call Distribution (ACD) in Call Work Flow
- When a PSTN caller calls to AA IVR and chose ACD option (e.g. transfer to Receptionist), Receptionist answer the call but when it tries to transfer to any internal SfB user within the branch site, the transfer failed.
Errors on SfB logs captured on SBA
- The call cannot be transferred
- SIP/2.0 504 Server time-out
- ms-diagnostics: 1038;reason=”Failed to connect to a peer server”;ip-address=”192.168.10.10″;peer-type=”InternalServer”;winsock-code=”10061″;winsock-info=”The peer actively refused the connection attempt”;source=”SfBPoolinCentralSiteFQDN”
- SIP/2.0 400 Bad Request
Open TCP port 15001 from SfB servers in Central office to AudioCodes Auto-attendant.
SfB requires that all servers, that receive REFER and start a new call as result of the REFER, have access to the referring server, for authenticating the referred-by header.
In the case above all servers should have access to AudioCodesAA.local:15001
Thanks to AudioCodes R&D, they found the solution!
But this port is not on Firewall requirement on AC document so we have requested it to be added.