Versions Compared

Old Version 2

changes.mady.by.user Nathaniel Halbrooks

Saved on

compared with

New Version 3

changes.mady.by.user Kelli Higdon

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  eFQDN or IP address of Lync Server Mediation Server

 

 

...

2. Media Profile

 

Because Lync only supports G711 codecs (PCMU and PCMA), it is suggested that you create a media profile that only includes PCMU and PCMA.

  • Go to "Configuration -> Media -> Media Profiles", create a new media profile named "LyncOnly" (of course you can use other name you like);

  • Make sure that only "PCMU 20ms, PT=0" and "PCMA 20ms, PT=8" are selected;

  • Set "Enable Silence Suppression" to "Enabled";

  • Save the media profile.

 

 

...

3. Outbound Call

 

For a call from Mediation Server to NSC, we call it an outbound call; what we need to do is to create NSC SIP Profile.

...

  1.   "SIP IP Address": choose the NIC you want to use for SIP listening;

  2.   "Transport": choose "TCP" or "TLS" depending on 1-a;

    1. If "Transport" is "TCP", set the value of 1-c (e.g. 5081) into item "Port";

    2. if "Transport" is "TLS", set the value of 1-c (5081) to item "TLS Port";

    3. note: that when TCP is the only transport, "Port" will be used; if TLS is the only transport, only "TLS Port" is used.

  3.   Set both "Inbound Media Profile" and "Outbound Media Profile" to "LyncOnly"

  4.   Set "Maximum Sip Request URI Length" to "255"

  5.   Set "Notify REFER on Final Response" to "Enabled"

  6.   Set "Lync Interoperability" to "Enabled"

  7.   Upload TLS Server Certificate in "TLS Certificate"; (check Annex A for more details about Certificate Generation)

  8.   Set "Authenticate Calls" to "Disabled"

  9.   Depends on the value of 1-d (Encryption support level):(In real world, if you want a call to be completely secure, please pick TLS and Encryption level "Required")

    1. when it is "Not Supported": "Secure RTP" = "Disabled";

    2. when it is "Required": "Secure RTP" = "Enabled"; "Require Only Secure RTP" = "Enabled"; "Secure AVP" = "Disabled"; "Crypto Life Time" = "Medium"; "Crypto MKI Length" = "1:1";

    3. when it is "Optional": "Secure RTP" = "Enabled"; "Require Only Secure RTP" = "Enabled"; "Secure AVP" = "Enabled"; "Crypto Life Time" = "Medium"; "Crypto MKI Length" = "1:1"

Here below I attach a set of screen shots for TLS configuration:

...

 

  

Don't forget to link this sip profile to the correct dial plan.

 

 

 

...

4. Inbound Call

 

For a call from NSC to Mediation Server, we call it an inbound call; besides the sip profile we defined in section 3, we need to create a new sip trunk

  • Go to "Configuration -> Signalling -> SIP Trunks", add a new sip trunk;

  • Get the value of 1-e(Mediation Server IP or FQDN) and 1-b(Mediation Server port), create <ip>:<port> format string, e.g. "lync-demo.sangoma.local:5067", and then fill into "Domain";

  • Fill in "User Name" and "Password" with dummy string, like "notuse" and "notuse";

  • Fill in "Transport" with the value from 1-a;

  • "Options Ping Frequency" = "60";

  • "Options Max Ping" = "5";

  • "Options Min Ping" = "1";

  • In Sip Profile, choose the sip profile created in section 3;

  • Keep "Registration" to "Disabled"

  • Save the sip trunk configuration.

...

 

 

...

Annex A. Certificates for TLS

...