Transcription
Enterprise Session Border Controllers (E-SBC)AudioCodes Mediant SeriesInteroperability LabConfiguration NoteMediant E-SBC & Level 3 SIP TrunkSeptember 2014Document # LTRT-12340
October 2013Document #: LTRT-XXXXX
Configuration NoteContentsTable of Contents1Introduction .71.11.22Intended Audience.7About AudioCodes E-SBC Product Series.7Component Information.92.12.22.32.42.5AudioCodes E-SBC Version .9Level 3 SIP Trunking Version .9Microsoft Lync Server 2013 Version .9Cisco UC Manager Version .10Interoperability Test Topology .112.5.12.5.23Environment Setup . 12Known Limitations . 12Configuring AudioCodes E-SBC .133.1Step 1: IP Network Interfaces Configuration .143.1.13.1.23.1.33.23.3Step 2: Enable the SBC Application .18Step 3: Signaling Routing Domains Configuration . 193.3.13.3.23.3.33.4Microsoft Lync Server 2013 . 31Cisco UC Manager 10 . 35Level 3 SIP Trunk . 36Step 7: Configure Coders .39Step 8: SIP TLS Connection Configuration .423.8.13.8.23.93.103.113.12IP Group for Level 3 SIP Trunk . 29IP Group for Microsoft Lync Server 2013 . 29IP Group for Cisco UC Manager 10 . 30Step 6: Configure IP Profiles .313.6.13.6.23.6.33.73.8Proxy Set for Level 3 SIP Trunk . 24Proxy Set for Microsoft Lync Server 2013 . 25Proxy Set for Cisco UC Manager 10 . 27Step 5: Configure IP Groups.293.5.13.5.23.5.33.6Step 3a: Configure Media Realms . 19Step 3b: Configure SRDs . 21Step 3c: Configure SIP Signaling Interfaces. 23Step 4: Configure Proxy Sets .243.4.13.4.23.4.33.5Step 1a: Configure VLANs. 15Step 1b: Configure Network Interfaces. 16Step 1c: Configure the Native VLAN ID. 17Step 8a: Configure the NTP Server Address . 42Step 8b: Configure a Certificate . 43Step 9: Configure SRTP .48Step 10: Configure Maximum IP Media Channels.49Step 11: Configure IP-to-IP Call Routing Rules .50Step 12: Configure Message Manipulation Rules .553.12.1 SIP Message Manipulation Rules for Microsoft Lync Server 2013 . 553.12.2 SIP Message Manipulation Rules for Level 3 SIP Trunk . 593.13 Step 13: Miscellaneous Configuration.663.13.1 Step 13a: Configure Call Forking Mode . 663.14 Step 14: Reset the E-SBC .67Level 3 SIP Trunk3AudioCodes Mediant E-SBC
Level 3 SIP Trunk4Configuration Requirements for SIP Third-party Vendor .694.14.2ARequired Configuration for Microsoft Lync Server 2013 . 69Required Configuration for Cisco UC Manager 10 . 69AudioCodes INI File Example .71AudioCodes Mediant E-SBC4Document #: LTRT-12340
Configuration NoteNoticesNoticeThis document describes how to connect the UC System (Microsoft Lync Server 2013) or IPPBX (Cisco UC Manager 10) and Level 3 SIP Trunk using AudioCodes Mediant E-SBCproduct series.Information contained in this document is believed to be accurate and reliable at the time ofprinting. However, due to ongoing product improvements and revisions, AudioCodes cannotguarantee accuracy of printed material after the Date Published, nor can it acceptresponsibility for errors or omissions. Updates to this document and other documents as sathttp://www.audiocodes.com/downloads. Copyright 2014 AudioCodes Ltd. All rights reserved.This document is subject to change without notice.Date Published:September-10-2014TrademarksAudioCodes, AC, AudioCoded, Ardito, CTI2, CTI², CTI Squared, HD VoIP, HD VoIPSounds Better, InTouch, IPmedia, Mediant, MediaPack, NetCoder, Netrake, Nuera, OpenSolutions Network, OSN, Stretto, TrunkPack, VMAS, VoicePacketizer, VoIPerfect,VoIPerfectHD, What's Inside Matters, Your Gateway To VoIP and 3GX are trademarks orregistered trademarks of AudioCodes Limited. All other products or trademarks areproperty of their respective owners. Product specifications are subject to change withoutnotice.WEEE EU DirectivePursuant to the WEEE EU Directive, electronic and electrical waste must not be disposedof with unsorted waste. Please contact your local recycling authority for disposal of thisproduct.Customer SupportCustomer technical support and services are provided by AudioCodes or by an authorizedAudioCodes Service Partner. For more information on how to buy technical support forAudioCodes products and for contact information, please visit our Web site atwww.audiocodes.com/support.Documentation FeedbackAudioCodes continually strives to produce high quality documentation. If you have anycomments (suggestions or errors) regarding this document, please fill out theDocumentation Feedback form on our Web site at http://www.audiocodes.com/downloads.Level 3 SIP Trunk5AudioCodes Mediant E-SBC
Level 3 SIP TrunkThis page is intentionally left blankAudioCodes Mediant E-SBC6Document #: LTRT-12340
Configuration Note11. IntroductionIntroductionThis Configuration Note describes how to set up AudioCodes Enterprise Session BorderController (hereafter, referred to as E-SBC) for interworking between Level 3's SIP Trunkand UC System (Microsoft Lync Server 2013) or IP-PBX (Cisco UC Manager 10).1.1Intended AudienceThe document is intended for engineers, or AudioCodes and Level 3 Partners who areresponsible for installing and configuring Level 3's SIP Trunk and UC Platform/IP-PBX forenabling VoIP calls using AudioCodes E-SBC.1.2About AudioCodes E-SBC Product SeriesAudioCodes' family of E-SBC devices enables reliable connectivity and security betweenthe Enterprise's and the service provider's VoIP networks.The E-SBC provides perimeter defense as a way of protecting Enterprises from maliciousVoIP attacks; mediation for allowing the connection of any PBX and/or IP-PBX to anyservice provider; and Service Assurance for service quality and manageability.Designed as a cost-effective appliance, the E-SBC is based on field-proven VoIP andnetwork services with a native host processor, allowing the creation of purpose-builtmultiservice appliances, providing smooth connectivity to cloud services, with integratedquality of service, SLA monitoring, security and manageability. The native implementationof SBC provides a host of additional capabilities that are not possible with standalone SBCappliances such as VoIP mediation, PSTN access survivability, and third-party valueadded services applications. This enables Enterprises to utilize the advantages ofconverged networks and eliminate the need for standalone appliances.AudioCodes E-SBC is available as an integrated solution running on top of its field-provenMediant Media Gateway and Multi-Service Business Router platforms, or as a softwareonly solution for deployment with third-party hardware.Level 3 SIP Trunk7AudioCodes Mediant E-SBC
Level 3 SIP TrunkThis page is intentionally left blankAudioCodes Mediant E-SBC8Document #: LTRT-12340
Configuration Note2. Component Information2Component Information2.1AudioCodes E-SBC VersionTable 2-1: AudioCodes E-SBC VersionSBC VendorAudioCodesModels Software VersionSIP 6.80A.231.003Protocol Additional NotesNone2.2Mediant 500 E-SBCMediant 800 Gateway & E-SBCMediant 1000B Gateway & E-SBCMediant 3000 Gateway & E-SBCMediant 2600 E-SBCMediant 4000 E-SBCSIP/UDP or TCP (to the Level 3 SIP Trunk)SIP/TCP or TLS (to the Microsoft Lync Server 2013)SIP/UDP or TCP (to the Cisco UC Manager 10)Level 3 SIP Trunking VersionTable 2-2: Level 3 VersionVendor/Service ProviderLevel 3SSW Model/ServiceSoftware VersionProtocolSIPAdditional NotesNone2.3Microsoft Lync Server 2013 VersionTable 2-3: Microsoft Lync Server 2013 VersionVendorMicrosoftModelMicrosoft LyncSoftware VersionRelease 2013 5.0.8308.0ProtocolSIPAdditional NotesNoneLevel 3 SIP Trunk9AudioCodes Mediant E-SBC
Level 3 SIP Trunk2.4Cisco UC Manager VersionTable 2-4: Cisco UC Manager VersionVendorCiscoModelUnified Communications ManagerSoftware Version10ProtocolSIPAdditional NotesNoneAudioCodes Mediant E-SBC10Document #: LTRT-12340
Configuration Note2.52. Component InformationInteroperability Test TopologyThe interoperability testing between AudioCodes E-SBC and Level 3 SIP Trunk with UCSystem/IP-PBX was done using the following topology setup: Enterprise deployed with UC System (Microsoft Lync Server 2013) or IP-PBX (CiscoUC Manager 10) in its private network for enhanced communication within theEnterprise. Enterprise wishes to offer its employees enterprise-voice capabilities and to connectthe Enterprise to the PSTN network using Level 3's SIP Trunking service. AudioCodes E-SBC is implemented to interconnect between the Enterprise LAN andthe SIP Trunk. Session: Real-time voice session using the IP-based Session Initiation Protocol(SIP).Border: IP-to-IP network border between Enterprise Network in the LAN andLevel 3's SIP Trunk located in the public network.The figure below illustrates this interoperability test topology:Figure 2-1: Interoperability Test Topology between E-SBC and UC System or IP-PBXwith Level 3 SIP TrunkLevel 3 SIP Trunk11AudioCodes Mediant E-SBC
Level 3 SIP Trunk2.5.1Environment SetupThe interoperability test topology includes the following environment setup:Table 2-5: Environment SetupAreaSetupNetwork SignalingTranscoding CodecsTranscoding UC System/IP-PBX environment is located on the Enterprise'sLAN Level 3 SIP Trunk is located on the WANUC System/IP-PBX operates with SIP-over-UDP or SIP-overTCP or SIP-over-TLS transport type Level 3 SIP Trunk operates with SIP-over-UDP or SIP-over-TCPtransport typeUC System/IP-PBX supports G.711A-law and G.711U-lawcoders Level 3 SIP Trunk supports G.711A-law, G.711U-law, and G.729coderMedia Transcoding UC System (Microsoft Lync Server 2013) operates with SRTP orIP-PBX (Cisco UC Manager 10) operates with RTP media type Level 3 SIP Trunk operates with RTP media type2.5.2Known LimitationsThere were no limitations observed in the interoperability tests done for the AudioCodesE-SBC interworking between UC System/IP-PBX and Level 3's SIP Trunk.AudioCodes Mediant E-SBC12Document #: LTRT-12340
Configuration Note33. Configuring AudioCodes E-SBCConfiguring AudioCodes E-SBCThis chapter provides step-by-step procedures on how to configure AudioCodes E-SBC forinterworking between UC System/IP-PBX and the Level 3 SIP Trunk. These configurationprocedures are based on the interoperability test topology described in Section 2.5 on page11, and includes the following main areas: E-SBC WAN interface - Level 3 SIP Trunking environment E-SBC LAN interface – UC System/IP-PBX environmentThis configuration is done using the E-SBC's embedded Web server (hereafter, referred toas Web interface).Notes: For implementing IP-PBX and Level 3 SIP Trunk based on theconfiguration described in this section, AudioCodes E-SBC must beinstalled with a Software License Key that includes the following softwarefeatures: Microsoft SBC Security DSP RTP SIPFor more information about the Software License Key, contact yourAudioCodes sales representative.The scope of this interoperability test and document does not cover allsecurity aspects for connecting the SIP Trunk to the UC System/IP-PBXenvironment. Comprehensive security measures should be implementedper your organization's security policies. For security recommendations onAudioCodes’ products, refer to the Recommended Security Guidelinesdocument.Before you begin configuring the E-SBC, ensure that the E-SBC's Webinterface Navigation tree is in Full-menu display mode. To do this, select theFull option, as shown below:Note that when the E-SBC is reset, the Navigation tree reverts to Basicmenu display.Level 3 SIP Trunk13AudioCodes Mediant E-SBC
Level 3 SIP Trunk3.1Step 1: IP Network Interfaces ConfigurationThis step describes how to configure the E-SBC's IP network interfaces. There are severalways to deploy the E-SBC; however, this interoperability test topology employs thefollowing deployment method: E-SBC interfaces with the following IP entities: UC System/IP-PBX, located on the LAN Level 3 SIP Trunk, located on the WAN E-SBC connects to the WAN through a DMZ network Physical connection: The type of physical connection to the LAN depends on themethod used to connect to the Enterprise's network. In the interoperability testtopology, E-SBC connects to the LAN and WAN using dedicated LAN ports(i.e., two ports and two network cables are used). E-SBC also uses two logical network interfaces: LAN (VLAN ID 1) WAN (VLAN ID 2)Figure 3-1: Network Interfaces in Interoperability Test TopologyLAN PortLAN PortVlan ID 1ManagementStation (OAMP)Vlan ID 2LANDMZWANEdge Router /FirewallITSPMS Lync Server 2013Cisco UC ManagerAudioCodes Mediant E-SBC14Document #: LTRT-12340
Configuration Note3.1.13. Configuring AudioCodes E-SBCStep 1a: Configure VLANsThis step describes how to define VLANs for each of the following interfaces: LAN VoIP (assigned the name "Voice") WAN VoIP (assigned the name "WANSP") To configure the VLANs:1.Open the Ethernet Device Table page (Configuration tab VoIP menu Network Ethernet Device Table).2.There will be one existing row for VLAN ID 1 and underlying interface GROUP 1.3.Add VLAN ID 2 for the WAN side as follows:ParameterValueIndex1VLAN ID2Underlying InterfaceGROUP 2 (Ethernet port group)Namevlan 2Figure 3-2: Configured VLAN IDs in Ethernet Device TableLevel 3 SIP Trunk15AudioCodes Mediant E-SBC
Level 3 SIP Trunk3.1.2Step 1b: Configure Network InterfacesThis step describes how to configure the IP network interfaces for each of the followinginterfaces: LAN VoIP (assigned the name "Voice") WAN VoIP (assigned the name "WANSP") To configure the IP network interfaces:1.Open the IP Interfaces Table page (Configuration tab VoIP menu Network IPInterfaces Table).2.Modify the existing LAN network interface:a.b.Select the 'Index' radio button of the OAMP Media Control table row, andthen click Edit.Configure the interface as follows:Parameter3.ValueIP Address10.15.17.77 (IP address of E-SBC)Prefix Length16 (subnet mask in bits for 255.255.0.0)Gateway10.15.0.1VLAN ID1Interface NameVoice (arbitrary descriptive name)Primary DNS Server IP Address10.15.25.1Underlying Devicevlan 1Add a network interface for the WAN side:a.b.Enter 1, and then click Add Index.Configure the interface as follows:Parameter4.ValueApplication TypeMedia ControlIP Address195.189.192.159 (WAN IP address)Prefix Length25 (for 255.255.255.128)Gateway195.189.192.129 (router's IP address)VLAN ID2Interface NameWANSPPrimary DNS Server IP Address80.179.52.100Secondary DNS Server IP Address80.179.55.100Underlying Devicevlan 2Click Apply, and then Done.AudioCodes Mediant E-SBC16Document #: LTRT-12340
Configuration Note3. Configuring AudioCodes E-SBCThe configured IP network interfaces are shown below:Figure 3-3: Configured Network Interfaces in IP Interfaces Table3.1.3Step 1c: Configure the Native VLAN IDThis step describes how to configure the Native VLAN ID for the LAN and WAN interfaces. To configure the Native VLAN ID for the IP network interfaces:1.Open the Physical Ports Settings page (Configuration tab VoIP menu Network Physical Ports Table).2.For the GROUP 1 member ports, set the 'Native Vlan' field to 1. This VLAN wasassigned to network interface "Voice".For the GROUP 2 member ports, set the 'Native Vlan' field to 2. This VLAN wasassigned to network interface "WANSP".3.Figure 3-4: Configured Port Native VLANLevel 3 SIP Trunk17AudioCodes Mediant E-SBC
Level 3 SIP Trunk3.2Step 2: Enable the SBC ApplicationThis step describes how to enable the SBC application. To enable the SBC application:1.Open the Applications Enabling page (Configuration tab VoIP menu Applications Enabling Applications Enabling).Figure 3-5: Enabling SBC Application2.From the 'SBC Application' drop-down list, select Enable.3.Click Submit.4.Reset the E-SBC with a burn to flash for this setting to take effect (see Section 3.14 onpage 67).AudioCodes Mediant E-SBC18Document #: LTRT-12340
Configuration Note3.33. Configuring AudioCodes E-SBCStep 3: Signaling Routing Domains ConfigurationThis step describes how to configure Signaling Routing Domains (SRD). The SRDrepresents a logical VoIP network. Each logical or physical connection requires an SRD,for example, if the E-SBC interfaces with both the LAN and WAN, a different SRD would berequired for each one.The SRD is composed of the following:3.3.1 Media Realm: defines a UDP port range for RTP/SRTP (media) traffic on a specificlogical IP network interface of the E-SBC. SIP Interface: defines a listening port and type (UDP, TCP, or TLS) for SIP signalingtraffic on a specific logical IP network interface of the E-SBC.Step 3a: Configure Media RealmsThis step describes how to configure Media Realms. The simplest configuration is to createt
Sep 10, 2014 · For implement ing IP-PBX and Level 3 SIP Trunk based on the configuration described in this section, AudioCodes E-SBC must be installed with a Software LicenseKey that includes the following software features: Microsoft SBC Security DSP RTP SIP For more
