• Article

Managing Enterprise Voice

Microsoft Office Communications Server 2007 and Microsoft Office Communications Server 2007 R2 will reach end of support on January 9, 2018. To stay supported, you will need to upgrade. For more information, see Resources to help you upgrade your Office 2007 servers and clients.

The Office Communications Server 2007 Administrative Tools enable you to accomplish the following Enterprise Voice management tasks:

  • Viewing Voice Settings

  • Configuring Global Settings for Enterprise Voice

  • Managing Pool Settings for Enterprise Voice

  • Configuring a Mediation Server

  • Deactivating a Mediation Server

  • Enabling Call Detail Records for Enterprise Voice

Viewing Voice Settings

You can view your settings for Enterprise Voice in the detail pane of the Office Communications Server 2007 administrative snap-in. Use the procedures in this section to do the following:

  • View global settings for Enterprise Voice

  • View Voice configuration task flow

  • View Voice settings for a pool

To view global settings for Enterprise Voice

  1. Open Communications Server 2007.

  2. In the console pane, click the forest node.

  3. In the details pane, click the Voice tab.

    fc0a0fd4-7c51-4dde-83f2-ffecc41cac30

  4. Expand one or more of the following to view the corresponding settings for Voice:

    • Global Policy

    • Phone Usages

    • Normalization Rules

    • Location Profiles

    • Routes

To view Voice configuration task flow

  1. Open Office Communications Server 2007.

  2. In the console pane, click the Forest node.

  3. In the details pane, click the Voice Task Flow tab.

    The Voice Task Flow tab presents the main Voice configuration tasks as a series of steps. To view the property page corresponding to each step, click the MMC Reference path. Click Help to view the online help for each property page.

To view Voice settings for a pool

  1. Open Office Communications Server 2007.

  2. In the console pane, click the pool whose settings you want to view.

    64f85450-3315-4f6c-b618-e9fbe1daac4c

  3. In the details pane, expand Voice Settings to view the pool-level settings for phone lock, location profile, and advanced configuration options, which include quality of service and security settings.

  4. Expand the settings you want to view.

Configuring Global Settings for Enterprise Voice

Global settings govern the routing of calls that originate with Enterprise Voice users throughout a forest. Global settings include the following:

  • Location Profiles specify the normalization rules to be applied to calls from specific locations.

  • Phone Usages define user calling privileges.

  • Policy specifies which phone usage records apply to which users.

  • Routes define how calls are routed through the Enterprise Voice infrastructure. A route consists of a target telephone number, one or more media gateways that are designated to handle that number, and the phone usage records that a user must have for permission to call the target number.

Creating and Configuring Location Profiles

A location profile is a named set of normalization rules that translate phone numbers for a named location to a single standard (E.164) format for purposes of phone authorization and call routing. A location profile specifies a set of phone number normalization rules to be applied to numbers that are dialed from a specific location. The same phone number dialed from different locations can, based on the respective location profiles, resolve to different E.164 numbers, as appropriate to each location. Creating and configuring location profiles includes specifying the following:

  • Name. Type a clear, descriptive name for the location profile. This name must be unique and cannot exceed 256 Unicode characters, each of which can be an alphabetic or numeric character, a hyphen (-), a dot (.), a plus sign (+), underscore ( _ ), or either a left or right parenthesis: ) or (. No other special characters including spaces are allowed. The name typically reflects the location to which it applies. If integrating Exchange Unified Messaging (UM) with Communications Server, the name of the location profile must match the FQDN of the corresponding UM dial plan.

  • Description. Describe the location profile in more detail. The description should be recognizable and significant to end users who might encounter it.

  • Normalization Rules. This list contains all the normalization rules that have been defined and that, therefore, are available for this location profile. Each location profile must have at least one normalization rule. The normalization rules define how phone numbers expressed in various formats are to be routed for the named location by specifying how to convert dialed numbers in various formats to the standard E.164 format for purposes of reverse number lookup. The same number string may be interpreted and translated differently depending on the locale from which it is dialed. Normalizing user-supplied phone numbers provides a consistent format that makes it possible to match a dialed number to the intended recipient's SIP-URI and to apply dialing authorization rules to the calling party.

    You cannot assign a single phone number normalization rule to multiple location profiles. Instead, you create a separate normalization rule for each location profile. To facilitate the process of specifying each normalization rule, you can copy an existing normalization rule. When you copy a normalization rule, the existing rule is used as a template for the creation of the new normalization rule.

    The order of normalization rules is significant because, when attempting to match dialed numbers, the server applies the list from top to bottom. If the first rule matches the dialed number, the server quits looking and proceeds with routing. Typically, to expedite routing, put the normalization rules in order, starting with the most general rule at the top of the list and going to the most specific rule at the bottom of the list.

A large organization may need a separate location profile for each location where it maintains an office. If your organization has a legacy PBX deployed, as most do, you can use its dial plan to create location profiles.

Note

We recommend that, if you intend to configure Exchange Server 2007 Unified Messaging (UM) to work with Enterprise Voice, you do that before creating the location profiles. Each Exchange UM dial plan requires a corresponding location profile. If you use the same dial plan name in multiple Exchange forests, you must create a matching location profile specific to the UM dial plan FQDN for each forest. After creating location profiles, you must configure Communications Server to work with Exchange UM, as well as complete deployment and configuration of other components.
To create Exchange UM dial plans, you can use the OcsUMUtil tool that is included with Office Communications Server 2007 to validate the names of the corresponding location profiles. The tool does not correct invalid names, but it does identify each location profile name that does not match the FQDN of the corresponding UM dial plan. For more information about the use of this tool and other planning and implementation information, see the Microsoft Office Communications Server 2007 Enterprise Voice Planning and Deployment Guide.

After creating location profiles for an Enterprise pool, you need to assign them to the Communications Server Front End Server pool, and Mediation Server (or Advanced Media Gateway). The Front End Server and pool use the location profile to determine the media gateways to which calls to the PSTN or a PBX are to be routed. The Mediation Server receives E.164 numbers from the gateway, uses the location profile to determine how to interpret the E.164 number for local dialing, and then routes the number to the next hop server for reverse lookup. You must configure the PSTN gateway to convert telephone numbers from a national format to the E.164 format before sending them to the Mediation Server.

For more information about location profiles and how they are used, including routing logic, see the Microsoft Office Communications Server 2007 Enterprise Voice Planning and Deployment Guide.

Use the information in this section to create or configure a location profile, as well as to add or edit a normalization rule.

To create or configure a location profile

  1. On a Front End Server, open Office Communications Server 2007.

  2. In the console tree, right-click the Forest node, point to Properties, and then click Voice Properties.

    a515ed0e-89a0-40b3-bde0-744579511cb5

  3. On the Location Profiles tab, do one of the following:

    • To add a new location profile, click Add.

    • To edit an existing location profile, click Edit.

  4. In the Add Location Profile or Edit Location Profile dialog box, do the following:

    • In Name, type a unique name that does not exceed 256 Unicode characters, consisting only of the following: alphabetic or numeric character, a hyphen (-), a dot (.), a plus sign (+), underscore (_), or either left or right parenthesis: ) or (.

    • In Description, type a description of the location profile.

    • In the Normalization Rules drop-down list box, ensure that the required normalization rules are in the list and in the appropriate sequence. To remove a normalization rule, click Remove. To add or edit a normalization rule, use the following steps.

  5. Under Normalization Rules, click Add or Edit, as appropriate.

  6. In the Add Phone Number Normalization Rule or Edit Phone Number Normalization Rule dialog box, specify the following:

    • Name. Specify a name for this normalization rule. The name must be a Unicode string that does not exceed 256 characters. The name should clearly identify the normalization rule.

    • Description. Specify a description for the normalization rule. The description can be any Unicode string up to 1,024 characters. The description provides an opportunity to describe the normalization rule more fully.

    • Phone pattern regular expression. Specify a .NET regular expression that describes the numeric pattern of the user-supplied phone numbers that will be matched.

    • Translation pattern regular expression. Specify the E.164 format into which phone numbers matching the Phone pattern regular expression are to be translated.

    For example, you could specify a phone pattern of ^([0-9]{7})$ and a translation pattern of +1425$1 to translate a number such as 5550100 to +14255550100. Use the Helper button to get detailed information about how to specify the phone pattern regular expression and translation pattern regular expression (.NET Regular Expressions). For more information about using .NET Regular Expressions to specify a phone usage normalization rule, including examples, see the Microsoft Office Communications Server 2007 Enterprise Voice Planning and Deployment Guide.

    Use the Copy button to use an existing normalization rule as the template for a new rule. This copies all settings for the normalization rule, except the name of the normalization rule, to the Add Phone Number Normalization Rule dialog box. If before clicking the Copy button, you typed a description for the new rule, the description you typed is retained and the description from the existing rule is not copied.

    After specifying the rule, test it by typing a number in Sample dialed number, and then check the translation in Translated number.

Configuring Call Authorizations

Configuring call authorization consists of defining phone usage records and Voice policies.

  • Phone usage records are named classes of calls that specify which call routes a user is authorized to use, facilitating enforcement of both dialing authorization and route utilization. Phone usage records are similar to what in traditional telephony is known as "class of service," but phone usage records offer greater flexibility because they are applied to both users and routes, making it possible to formulate very precise phone authorizations for both individuals and groups. You specify a phone usage record as an arbitrary label that enables you to identify a category of call destinations. You can name phone usage records whatever you like, but the names should be easily recognizable. For example, typical phone usage records might include "Local," "Area Code," "State," "Province," "USA," "Singapore," and "International." After creating phone usage records, you then assign them to both policies and routes. Planning phone usage records consists primarily of listing all the current call permissions for your organization, and then determining the permissions for which to create phone usage records. Phone usage records are assigned to both routes and users for the purposes of specifying call authorization. A single user can have multiple phone usage records. Phone usage records provide a quick, simple way to assign call permissions to users as well as facilitate route prioritization and selection. By assigning phone usage records to both user policies and outbound call routes, you indicate which users are allowed to make calls that utilize particular routes.

  • Policies are named sets of phone usage records. Policies are used to assign call privileges to users. They also specify whether endpoint devices are enabled for simultaneous ringing. When you deployed Enterprise Voice, you specified at least one Voice policy. You can change the global policy used for the forest by selecting a specific policy to be used as the global policy or specifying that the policy is to be specified on a per-user basis. If you chose to apply policies on a per-user basis, you can create multiple policies and assign each, as appropriate, to specific individuals or groups of users. If you specify a global policy that applies to all users, not a per-user policy, you cannot assign additional policies on a per-user basis.

If a policy associated with a user account contains one or more phone usage records that match a phone usage record that is associated with a specific route, then the user is authorized to initiate calls that use that route.

The order in which you create phone usage records does not matter, but the order in which you assign them to Voice policies is significant because the server traverses the phone usage records in the Voice policies from top to bottom. For best performance, the phone usage records in each policy should be ordered top to bottom from most to least widely preferred. For example: RedmondLocal, RedmondLongDist, RedmondInternational, RedmondBackup.

Note

The recommended way of creating a Voice policy is to create the appropriate phone usage records first, and then create the policy and add the appropriate phone usage records.
As an alternative, you can create one or more policies and add the phone usage records later. However, should you forget to add the phone usage records and then apply the policy to one or more users, the policy will have no effect whatsoever.

Before you configure call authorizations for your organization, it is recommended that you read the information about phone usage records, policies, and planning call authorizations in the Microsoft Office Communications Server 2007 Enterprise Voice Planning and Deployment Guide.

Use the information and procedures in this section to do the following:

  • Create a phone usage record

  • Create a Voice policy

  • Specify a global Voice policy

For information about configuring routing for Enterprise Voice, see the Configuring Outbound Call Routing for Enterprise Voice of this guide, later in this topic.

To create a phone usage record

  1. On a Front End Server, open Office Communications Server 2007.

  2. In the console tree, right-click the Forest node, point to Properties, and then click Voice Properties.

  3. Click the Phone Usages tab.

    489cb38f-b0a7-4569-8b4c-5547d115f617

  4. On the Phone Usages tab, click Add to create a new phone usage record.

    be8dab9b-76f0-442f-8c06-8a0088c1ee35

  5. In the Add Phone Usage Record dialog box, do the following:

    • In Name, type a clear, descriptive, unique name for the phone usage record, for example, Local Long-Distance Stockholm, Internal Only, International. You can use any name you like up to 256 Unicode characters. The name can contain spaces.

    • In Description, optionally, describe the phone usage record in more detail.

  6. Repeat the two previous steps to create as many phone usage records as you require.

To create a Voice policy

  1. On a Front End Server, open Office Communications Server 2007.

  2. In the console tree, right-click the Forest node, point to Properties, and then click Voice Properties.

  3. Click the Policy tab.

    85802407-7626-461c-8c00-30de2457445e

  4. On the Policy tab, click Add.

    fc5e70f0-6f06-4e12-9bdb-80b413579aef

  5. In the Add Policy dialog box, in Policy name, type a name.

  6. To enable simultaneous ringing of phones for this policy, select the Allow simultaneous ringing of phones check box. This enables each user to configure Communicator such that incoming calls, in addition to ringing the user's registered endpoints, also ring an additional non-registered endpoint, such as a personal mobile phone. To disable simultaneous ringing, clear the check box. Normally, simultaneous ringing should be enabled, but in the event of excessive congestion, you can disable this feature

  7. To add a phone usage record to the policy, click Configure.

    0706a2ae-cb06-423a-bdf2-08271c2bd87b

  8. In the Configure Phone Usage Records dialog box, do the following:

    • To add a phone usage record to the Configured list, click the phone usage record in the Available list, and then click the right arrow. Continue adding phone usage records, if appropriate.

    • To remove a phone usage record from the Configured list, click it, and then click the left arrow.

    • To move a phone usage record up or down in the Configured list, click it, and then click Up and Down.

  9. When finished, click OK. The phone usages you added now appear in the list of Phone usage records in the Add Policy or Edit Policy dialog boxes.

To specify a global Voice policy

  1. On a Front End Server, open Office Communications Server 2007.

  2. In the console tree, right-click the Forest node, point to Properties, and then click Voice Properties.

  3. On the Policy tab, in the Global policy drop-down list, do one of the following:

    • To use a single policy for all users, click the name of the policy.

    • To apply policies individual for specific users, select Use per user policy.

Configuring Outbound Call Routing for Enterprise Voice

Enterprise Voice routes specify how Communications Server 2007 handles outgoing calls placed by Enterprise Voice users. These routes associate target phone numbers with particular media gateways and phone usage records. Communications Server maintains a table of outbound call routes. When a user places a call, the server, if necessary, normalizes the phone number to E.164 format and attempts to match it to a SIP-URI. If the server is unable to make the match, it applies outgoing call routing logic based on the number. You define that logic in the form of a separate route for each set of target phone numbers that are listed in the location profile for each location.

When Communications Server determines that a dialed number needs to be routed to a PSTN gateway, the routing table is queried to determine the optimal gateway for the call. The policy of the calling user (or a user transferring the call), along with the dialed number, together determine the gateway to which the call should be routed. The ability to specify the PSTN gateways to which various numbers are routed enables you to determine which routes incur the lowest costs and implement them accordingly. Typically, you specify gateways by choosing the one closest to the location of the destination number in order to minimize long-distance charges. For example, if you are in New York and calling a number in Rome, you would carry the call over the IP network to the gateway in your Rome office, thereby incurring a charge only for a local call.

Configuring outbound call routing consists of instructing Communications Server how to route calls from Enterprise Voice users to phone numbers on the PSTN or a PBX. These routes populate the routing table, which embodies the outbound call routing logic that is followed by the server for PBX and PSTN numbers. An Enterprise Voice Route consists of:

  • A unique name and optional description that identify and describe the route.

  • One or more .NET regular expressions that specify target phone numbers that can use this route for outbound calls. The regular expression provides a numeric pattern to be matched to identify the target phone numbers to which the route is applied. The pattern-matching notation of regular expressions makes it possible to quickly parse large amounts of text to find specific character patterns; to extract, edit, replace, or delete text substrings; or to add the extracted strings to a collection in order to generate a report. Numbers that do not match the pattern of the target number cannot use this route. For more information about specifying a route target regular expression using .NET regular expressions, and samples and descriptions of route target regular expressions (such as for creating a failover route, dialing 911, setting up an international gateway, or blocking calls to specific numbers), see the Microsoft Office Communications Server 2007 Enterprise Voice Planning and Deployment Guide.

  • One or more phone usage records that must be present in a callers Voice policy in order for that caller to place calls to target phone numbers associated with this route. The routing logic uses the phone usage record assigned to the caller as well as the dialed number in order to determine the optimal route. If a user's Voice policy does not include a phone usage record associated with this route, the user is not authorized to place calls to those numbers. The order of phone usage records in Voice policies is significant because, when matching users to routes, the server compares phone usage records from top to bottom. If the first phone usage record matches the call route, the server quits looking and routes the call to the corresponding gateway. The remaining phone usages provide backup in the event of route congestion or call failure. To expedite call routing, the order of phone usage records should typically proceed from general to specific.

  • One or more media gateways and Mediation Servers that can handle routing for the target phone numbers.

To add a route, you must have previously deployed at least one media gateway and, if necessary, Mediation Server, as well as a location profile and phone usage record. For a route to work, numbers routed to a gateway must be localized at the gateway, using the gateways administrative interface. For more information about routes and how to plan for and implement specific routes, such as failover routes and other types of routes for specific purposes, see the Microsoft Office Communications Server 2007 Enterprise Voice Planning and Deployment Guide.

To create an outbound call route

  1. On a Front End Server, open Office Communications Server 2007.

  2. Right-click the Forest node, point to Properties, and then click Voice Properties.

  3. Click the Routes tab.

    495b3508-24ae-4a5d-bd37-11291f727f9e

  4. On the Routes tab, click Add.

    b01f7aea-eff5-4d47-9299-37f9f2451b3f

  5. In the Add Route dialog box, in the Name box, type a unique name for the new call route.

  6. In the Description box, type an optional description of the new call route.

  7. In Target phone numbers, use .NET framework regular expressions to describe the pattern of the phone numbers that are to use this route. To specify a target regular expression for target phone numbers, you specify a combination of symbols and variables that represent the target numbers and their dialing patterns. For assistance, including a sample values, click Helper.

  8. To add a media gateway or Mediation Server to the Gateways list, click Add.

    066bc08b-035c-4046-a850-19c7d8767871

  9. In the Add Route Gateway dialog box, in the Select the Gateway Address drop-down list box, click the Mediation Server or Advanced Media Gateway to be added, and then click OK. Only those gateways and/or Mediation Servers that have been correctly installed and configured will appear in this list.

  10. To add a phone usage record to this call route, in the Add Route dialog box, under Phone Usages, click Configure.

    488ab68e-5274-42d8-98b3-f8a9843c2f25

  11. In the Configure Phone Usage Records dialog box, do the following:

    • To add a phone usage record to the Configured list, click the phone usage record in the Available list, and then click the right arrow. To add a phone usage record to a route, you must have previously defined at least one phone usage record. Continue adding phone usage records, if appropriate.

    • To remove a phone usage record from the Configured list, click it, and then click the left arrow.

  12. When finished, click OK. The phone usages you added now appear in the list of Phone usage records in the Add Route or Edit Route dialog boxes.

  13. Create as many routes as you need.

Managing Pool Settings for Enterprise Voice

The Communications Server 2007 Enterprise Pool, or a Standard Edition Server functioning as a pool, must be configured with a location profile. The location profile translates dialed numbers into E.164 format for reverse number look-up and call routing. The location profile defines the default set of normalization rules that are applied to phone numbers dialed by users in the pool. The normalized phone numbers are used to perform reverse number lookup, which is the process of finding a recipient's SIP URI from their phone number. If this lookup fails, the call will be routed according to the global routing rules which have been established.

You should have specified one or more initial location profiles when you deployed Enterprise Voice. You can change the default location profile for the pool. The location profile you select as the default should include all phone numbers to which calls can be routed for the pool. It can be any location profile that has been previously created at the global level for the forest. For more information about creating a location profile, see the Creating and Configuring Location Profiles section of this guide, in Managing Enterprise Voice.

In addition to specifying a default location profile for the pool, you can also change settings for the Microsoft Office Communicator Phone Edition. This includes the following:

  • Enforce phone lock. Selecting this option locks the Office Communicator Phone Edition desktop device. The Office Communicator Phone Edition desktop device phone can be locked for purposes of security. If you choose to enforce the phone lock, it is enforced only in the pool for which it is configured. If you select this option, also specify the following:

    • Minimum PIN length. This is the minimum PIN length for a valid PIN created by a user to unlock an Office Communicator Phone Edition desktop device.

    • Minimum time-out. This is the minimum length of time in minutes before the phone locks itself.

  • Quality of Service (QoS). For an acceptable quality of service for Enterprise Voice, the IP network must assure that packet loss, delay, jitter, and bandwidth fall within acceptable ranges. Voice communication in particular is intolerant of packet loss and delay and requires greater bandwidth than data transmissions. The Voice QoS value and 802.1p Voice settings work together to enable your IP network to assign priority to audio packets, based on the settings you specify:

    • The Voice QoS value allows you to assign higher priority to audio packets at routers performing Network Layer IP-based packet routing. The default value of 40 represents an IETF Differential Service Code Point, which is used to mark packets so that routers can provide appropriate per-hop behavior based on the class of traffic. For optimum quality of service, it is recommended that you do not change the default value.

    • The 802.1p Voice setting allows you to assign higher priority to audio packets at the nodes performing Data Link Layer switching within a LAN segment. The default value is 0. Assigning a higher value assigns higher priority to audio packets. For optimum quality of service, it is recommended that you do not change the default value.

  • SIP security. The SIP security settings are used to specify transport and authentication requirements for IP phones connecting to Communications Server 2007. If you do not configure a policy setting, an IP phone can use any transport, but if it does not use TLS and the server authenticates users, then the phone must use either NTLM or Kerberos authentication.

Use the following procedures to manage pool-level settings for Enterprise Voice:

  • View pool-level properties

  • Assign a default location profile for an Enterprise pool or Standard Edition Server

  • Configure phone lock for the Microsoft Office Communicator Phone Edition

  • Configure Quality of Service for the Microsoft Office Communicator Phone Edition

  • Configure SIP security settings for Microsoft Office Communicator Phone Edition

For more information about deploying Enterprise Voice, see the Microsoft Office Communications Server 2007 Enterprise Voice Planning and Deployment Guide*.*

To view pool-level properties

  1. Open Office Communications Server 2007.

  2. In the console tree, expand the Forest node, and then do one of the following:

    • If you are configuring a Standard Edition Server, expand Standard Edition Servers, right-click the Standard Edition pool that you want to configure (not the server itself but the pool-level node for that server), point to Properties, and then click Front End Properties.

    • If you are configuring an Enterprise Edition Pool, expand Enterprise Pools, expand the pool that you want to configure, right-click Front Ends, and then click Properties.

  3. In the Front End Properties dialog box, click the Voice tab.

    33689024-c12d-4471-be3b-5f20ca11fa3f

To assign a default location profile for an Enterprise pool or Standard Edition Server

  1. Open Office Communications Server 2007.

  2. In the console tree, expand the Forest node, and then do one of the following:

    • If you are configuring a Standard Edition Server, expand Standard Edition Servers, right-click the Standard Edition pool that you want to configure (not the server itself but the pool-level node for that server), point to Properties, and then click Front End Properties.

    • If you are configuring an Enterprise Edition Pool, expand Enterprise Pools, expand the pool that you want to configure, right-click Front Ends, and then click Properties.

  3. On the Voice tab, under Location Profile, in the drop-down list box, click the name of a profile, and then do the following:

    • To review the settings of the location profile, click View.

    • To use the profile as the default profile, click OK.

    If the location profile you want does not exist, you must create a new one. For information about how to create a location profile, see the Creating and Configuring Location Profiles section of this guide, in Managing Enterprise Voice.

To configure phone lock for the Microsoft Office Communicator Phone Edition

  1. Open Office Communications Server 2007.

  2. In the console tree, expand the Forest node, and then do one of the following:

    • If you are configuring a Standard Edition Server, expand Standard Edition Servers, right-click the Standard Edition pool that you want to configure (not the server itself but the pool-level node for that server), point to Properties, and then click Front End Properties.

    • If you are configuring an Enterprise Edition Pool, expand Enterprise Pools, expand the pool that you want to configure, right-click Front Ends, and then click Properties.

  3. On the Voice tab, select the Enforce phone lock check box, and then accept the default values for Minimum pin length and Minimum timeout or type new values. Acceptable value ranges are shown in Table 14:

    Table 14. Valid ranges for PIN length and time-out length

    PIN Length Time-out Length (in minutes)

    4–15 characters; default 6

    0–60 minutes; default 10

To configure Quality of Service for the Microsoft Office Communicator Phone Edition

  1. Open Office Communications Server 2007.

  2. In the console tree, expand the Forest node, and then do one of the following:

    • If you are configuring a Standard Edition Server, expand Standard Edition Servers, right-click the Standard Edition pool that you want to configure (not the server itself but the pool-level node for that server), point to Properties, and then click Front End Properties.

    • If you are configuring an Enterprise Edition Pool, expand Enterprise Pools, expand the pool that you want to configure, right-click Front Ends, and then click Properties.

  3. On the Voice tab, next to Advanced options, click Configure.

    6f560d84-0b6d-4e7c-aa2e-9ca055efd725

  4. In the Advanced Voice Options dialog box, under Quality of Service, accept the default values for Voice QoS value and 802.1p Voice or type new values. Acceptable value ranges are shown in the Table 15.

    Table 15. Valid ranges for Voice QoS Value and 801.2p Voice

    Voice QoS Value Setting 801.2p Voice Setting

    0-63; default 40

    0–7; default 0

    For optimum quality of service, we recommend that you do not change the default Voice QoS value or the default 801.2p Voice setting.

To configure security settings for Microsoft Office Communicator Phone Edition

  1. Open Office Communications Server 2007.

  2. In the console tree, expand the Forest node, and then do one of the following:

    • If you are configuring a Standard Edition Server, expand Standard Edition Servers, right-click the Standard Edition pool that you want to configure (not the server itself but the pool-level node for that server), point to Properties, and then click Front End Properties.

    • If you are configuring an Enterprise Edition Pool, expand Enterprise Pools, expand the pool that you want to configure, right-click Front Ends, and then click Properties.

  3. On the Voice tab, click Configure.

  4. In the Advanced Voice Options dialog box, under SIP security, specify the SIP security mode. The default setting is High.

Managing a Mediation Server

During deployment of the Mediation Server, you should have completed the initial setup of the Mediation Server, including assigning a certificate. After deployment you need to configure the mediation server. You can also change the certificate and deactivate the mediation server, as appropriate. Use the information in this section to do the following:

  • Configuring the Mediation Server

  • Configuring the certificate for the Mediation Server

For details about setting up a Mediation Server, including initial assignment of the certificate, see the Microsoft Office Communications Server 2007 Enterprise Voice Planning and Deployment Guide.

Configuring the Mediation Server

The existence of media gateways in a Communications Server network creates a potential security loophole because they do not support MKI, TLS, or SRTP, and therefore cannot be trusted. To help ensure the physical as well as logical separation of the Enterprise Voice infrastructure from the media gateways, the Mediation Server is generally installed on a computer that has two network adapters:

  • Network adapter facing the Communications Server 2007 proxy that acts as the Mediation Servers internal next hop. This adapter on the internal edge of the Mediation server accepts traffic only from the internal network.

  • Network adapter facing the gateway. This adapter on the external edge of the Mediation Server accepts traffic from a media gateway.

Each of these two network adapters is configured with a separate listening address so that there is always clear separation between trusted traffic originating in the Communications Server network and untrusted traffic from the PSTN.

A Mediation Server must be able to pass SIP requests and media between the Enterprise Voice infrastructure and a media gateway connected to the PSTN. Media flowing both directions between the Mediation Server and Communications Server network is encrypted using SRTP. Organizations that rely on IPSec for packet security are strongly advised to create an exception on a small media port range if they are to deploy Enterprise Voice. The security negotiations required by IPSec work fine for normal UDP or TCP connections, but they can slow down call setup to unacceptable levels.

Network settings for the Mediation Server include the following:

  • The FQDN of the Mediation Server.

  • The Communications Server listening IP address. The internal edge of a Mediation Server should be configured to correspond to a unique static route that is described by an IP address and a port number. The default port is 5061. The Communications Server listening IP address is the address on an advanced media gateway that listens for call traffic from Communications Server. If no advanced media gateways are available, this address corresponds to the network adapter that serves as the internal edge of the Mediation Server. The IP address that you select from the Communications Server listening IP address must match the address that is returned by a DNS query on the Mediation Servers FQDN. If the two addresses do not match, the IP address listed in DNS for your FQDN you will not be able to connect, and call traffic will not be directed to an interface that listens for Office Communications Server traffic.

  • The Gateway listening IP address. The external edge of a Mediation Server should be configured as the internal next-hop proxy for the media gateway. The default port is 5060. It should be identified by a unique combination of IP address and port number. The IP address should not be the same as that of the internal edge. The gateway listening IP address is the address on the Mediation Server that listens for traffic from a basic media gateway or Basic Hybrid Media Gateway. This address corresponds to the network adapter that serves as the external edge of the Mediation Server.

  • The name of the A/V Edge Server that is to provide A/V authentication for the Mediation Server.

  • The default location profile to be used by the Mediation Server.

  • The port range for media exchange. This range can be between 49152 and 65535, but we recommend that you use the default media port range, which is 60000 to 64000. This is because of the following:

    • High-bandwidth traffic such as voice and video tends to stress poorly provisioned networks, and reducing the port range greatly reduces server capacity.

    • Limiting media traffic to a known range of ports makes troubleshooting bandwidth problems easier.

For basic media gateways, the bandwidth requirement between gateway and Mediation Server is 64,000 per concurrent call. Multiplying this number by the number of ports for each gateway is a fair estimate of the required bandwidth on the gateway side of the Mediation Server. On the Communications Server side, the bandwidth requirement is considerably lower. The default media port range enables the server to handle up to 1,000 simultaneous voice calls. Reducing the port range greatly reduces server capacity. Changing the port range should be undertaken only for specific reasons by an administrator who is knowledgeable about media port requirements and scenarios.

  • The FQDN and TLS port of the internal Office Communications Server next hop server used by this Mediation Server.

  • The FQDN and TCP port of the media (PSTN) gateway used by this Mediation Server.

A Mediation Server also requires a certificate, which must be assigned to the Mediation Server.

Note

All of the settings in the previous list except the FQDN of the Mediation Server can be configured in the Office Communications Server 2007 administrative snap-in. Changes to any of these settings except the default location profile, the A/V Edge Server, the media port range, and the certificate take effect only after you restart the Office Communications Server Mediation service. Changes to the default location profile and A/V Edge Server take effect only after Active Directory replication completes.

To configure the Mediation Server, use the information in this section and the following procedure.

To configure a Mediation Server

  1. Log on to a Communications Server 2007 Mediation Server.

  2. Click Start, point to Administrative Tools, and then click Office Communications Server 2007.

  3. Expand the appropriate forest node.

  4. Expand the Mediation Servers node, right-click the Mediation Server to be configured, click Properties, and then click the General tab.

    0c43c872-2013-410b-8722-60d28afced62

  5. In the FQDN box, make sure the FQDN listed matches that of the Mediation Server you have selected.

  6. Open a command prompt, change to the root directory, and type nslookup <fqdn of Mediation Server>, using the FQDN displayed on the Mediation Server General tab, and then press ENTER.

  7. From the list of IP addresses displayed in the Communications Server listening IP address list, select the IP address returned in step 6.

    Important

    If the IP address selected in step 7 does not match the IP address returned in step 6, Communications Server traffic is directed toward an interface that is not listening for such traffic and away from the one that is.

  8. From the list of two IP addresses displayed in the Gateway listening IP address list, select the other IP address (that is, the one not already selected in step 7).

    Note

    The address selected in Step 8 can listen for traffic from either a media gateway or a PBX.

  9. From the A/V Edge Server list, select the A/V Edge Server that hosts the Audio/Video Authentication Service for this Mediation Server.

    Important

    If the A/V Edge Server that hosts the Audio/Video Authentication Service for this Mediation Server does not appear in the list, that means that the A/V Edge Server on which the service is collocated has not been entered into the A/V Edge Servers list on the Edge Servers tab of the Global Properties dialog box. You will need to add the A/V Edge Server to the previous list before it will appear in the A/V Edge Server list on the Mediation Server tab. For more information, see the Microsoft Office Communications Server 2007 Edge Server Deployment Guide.

  10. In the Default location profile list, select the default location profile for this Mediation Server.

    Important

    As discussed in the introduction to this section, organizations that employ IPSec for packet security are advised to disable it for media ports. Also, as discussed in the introduction to this section, changing the media port range is generally not recommended.

  11. In Media port range accept the default range of 60000 to 64000.

  12. Click the Next Hop Connections tab.

    9c005983-2b4c-47c5-af9b-5ebc6da95847

  13. On the Next Hop Connections tab under Office Communications Server next hop, do the following:

    • In the FQDN list, select the FQDN of the next-hop internal server. This server could be a Director or pool.

    • In the Port box, accept the default of 5061 for TLS.

  14. On the Next Hop Connections tab under PSTN Gateway next hop:

    • In the IP address box, specify the IP address of the PSTN Gateway or the PBX associated with this Mediation Server.

    • In the Port box, accept the default of 5060 for TCP.

  15. If you make changes to the Communications Server listening IP address or Gateway listening IP address settings on the General tab, or to the Office Communications Server next hop FQDN or Port settings or PSTN gateway next hop IP address or Port settings on the Next Hop Connections tab, restart the Office Communications Server Mediation service.

Configuring a Certificate for the Mediation Server

The Mediation Server must be configured with a server certificate in order to connect to other Office Communications Server servers. You should have set up this certificate using the Certificate Wizard when you deployed the Mediation Server. If you want to change the certificate, you can do either of the following:

  • If you are logged onto the Mediation server, you can use the Certificate Wizard to guide you through the process of requesting and assigning a certificate. For more information about using the Certificate Wizard to configure a certificate for the Mediation Server, see the Microsoft Office Communications Server 2007 Enterprise Voice Planning and Deployment Guide.

  • If you want to assign a different certificate on an individual server, view a certificate, or delete a certificate, you can open the individual server's properties and configure the certificate using the Certificate tab. Deleting a certificate causes it to no longer be assigned to the server for TLS or MTLS, but the certificate is not deleted from the computer. The procedure in this section describes the use of the Certificate tab.

Any modifications you make are only applied to future connections—existing connections continue to use the old certificate as long as the connection continues.

To configure a certificate for a Mediation Server

  1. Open Office Communications Server 2007.

  2. In the console tree, expand the forest node, expand Mediation Servers, right-click the Mediation Server for which you want to configure a certificate, and then click Properties.

  3. On the Certificate tab, do one of the following:

    • To delete the current certificate, click Delete Certificate, and then click OK. This causes the certificate to no longer be assigned to the server, but the certificate is not deleted from the computer.

    • To assign a certificate to the Mediation Server, click Select Certificate. In the Select Certificate dialog box, in the list of certificates, click the certificate you want to use, and then click OK twice.

Enabling Call Detail Records for Enterprise Voice

You can configure CDR (Call Detail Records) in Office Communications Server 2007 to capture Enterprise Voice call details.

Note

Before you administer call detail recording, you must first install an Archiving and CDR Server and all its prerequisites as well as enable call detail recording according to the instructions in the Microsoft Office Communications Server 2007 Archiving and CDR Server Deployment Guide. Also ensure that you have enabled archiving according to the instructions in the Configuring Archiving section of this guide, in Configuring Archiving, Call Detail Recording, and Meeting Compliance.

To enable call detail recording for Enterprise Voice

  1. Log on to a server in the forest where you installed Communications Server 2007 that has the Office Communications Server, Administration Tools installed using an account in the RTCUniversalServerAdmins group.

  2. Open Office Communications Server 2007.

  3. In the console tree, right-click the Forest node, point to Properties, and then click Global Properties.

  4. Click the Call Detail Records tab.

    1e4eb35f-ff27-44d3-b05f-58f454ce4fdf

  5. On the Call Detail Records tab, select the Voice call details check box, and then click OK.