See Also
The settings that you must configure on your basic media gateway are specified in the following list, but for details about how to configure these settings on a given gateway, refer to the manufacturer’s product documentation. Each gateway must be configured according to the vendor’s documentation. Depending on the vendor, there are potentially many attributes that must be set, but the attributes specific to Enterprise Voice are as follows:
Gateway Configuration
Requirements
- The fully qualified domain name (FQDN) and IP address of the
Mediation Server that is associated with the gateway.
- The listening port (5060) that is used for Transmission Control
Protocol (TCP) connections to the Mediation Server.
Important:The previous settings must match those of corresponding settings for the Mediation Server. If the settings do not match, the connection between the gateway and Mediation Server will fail. - Session Initiation Protocol (SIP) Transport – specify either
TLS (recommended) or TCP.
Important:If you specify TLS as the SIP transport to be used by your basic or basic-hybrid media gateway, you must also configure the corresponding Mediation Server for TLS. - If the SIP transport for the link between the gateway and the
Mediation Server is set to TLS, the gateway must be configured with
a certificate for purposes of authentication during the mutual TLS
(MTLS) handshake with the Mediation Server. The certificate on the
gateway must be configured as follows:
- The certificate may be directly signed by the trusted
certification authority (CA) configured in the Mediation Server.
Alternatively, a certificate chain may have to be traversed to
verify the certificate provided by the gateway. The gateway must
provide this chain as part of its TLS handshake with the Mediation
Server.
- The CN part of the subject field should be set to the FQDN of
the gateway. If the FQDN in the CN part of the subject field does
not match the expected and configured FQDN for the gateway, the
certificate must also contain a subject alternate name (SAN) that
lists the expected and configured FQDN for the gateway.
The Mediation Server validates the certificate provided by the gateway by checking that the FQDN on the certificate exactly matches the gateway FQDN configured on the Mediation Server. If the FQDNs do not match, the session is terminated. Additional validation includes checking the signature and expiration date, and making sure that the certificate has not been revoked.
- The certificate may be directly signed by the trusted
certification authority (CA) configured in the Mediation Server.
Alternatively, a certificate chain may have to be traversed to
verify the certificate provided by the gateway. The gateway must
provide this chain as part of its TLS handshake with the Mediation
Server.
- If the SIP transport for the link between the gateway and the
Mediation Server is set to TLS, separate ports must be opened for
the TLS connection to the gateway and the TLS connection to the
Office Communications Server pool. The port assignments should be
configured as follows:
- TLS link between media gateway and Mediation Server: 5060.
- TLS link between Mediation Server and Office Communications
Server pool: 5061.
- TLS link between media gateway and Mediation Server: 5060.
- Each gateway must be configured so that the E.164 numbers
routed by Enterprise Voice to the gateway are normalized to a
locally dialable format.
- Each gateway must also be configured to pass only E.164 numbers
to the Mediation Server. For details about how to normalize source
phone numbers to E.164, see each gateway vendor’s documentation.
- Each gateway should be configured to convert the source number
(the number presented as caller ID) to a normalized E.164 number.
This ensures the caller ID can be matched to an Office Communicator
contact, a Microsoft Office Outlook contact, or a member of the
corporate directory, thereby enabling Office Communicator to
provide additional information about the caller. This number will
also appear in e-mail messages notifying the user of missed calls
and voice mail, allowing the user to click the phone number in
order to quickly return a call. If the number has been normalized
by the gateway, no further processing is required. If for some
reason the number cannot be normalized by the gateway, the
normalization rules defined by the location profile will be applied
when returning a call. It might be necessary to add normalization
rules to a location profile to handle numbers that cannot be
normalized by the gateway. For details about how to normalize
source phone numbers to E.164, see each gateway vendor’s
documentation.
- Each gateway should also be configured to convert numbers in
E.164 format into a format that will be accepted on the PSTN
network. For example, when +1425xxxxxx is dialed, the gateway
should strip the +1425 if the gateway is in Redmond, because these
prefixes are not required for a local call.