Creating a Phone System In Office 365 in Ten Minutes

Posted on 3 CommentsPosted in Cloud PBX, off, Office 365, PSTN, Skype For Business Online, unif, unified messaging, Voicemai, voicemail

I have been invited into the Skype for Business Cloud PSTN preview in the UK and so I though I would jot down a few comments on how easy it was to configure and get a working telephone line and full PBX without doing more than a few clicks of the mouse in Office 365 Admin Center!

Step 1: Purchase Licences

To have a telephone number in Office 365 you need to purchase at either one of the following licences. Each user that you want to assign numbers to need a valid licence – some users can have one of the licences below and others the other licence. You do not need both licences for one user:

  • E5 licence
  • Skype for Business Cloud PBX licence

Step 2: Assign the correct licence for telephone service

Once the correct number of licences have been purchased you need to assign them to the relevant users. So in the admin portal assign the user either an E5 licence or the Skype for Business Cloud PBX licence. If they have an E5 licence already then the Skype for Business Cloud PBX licence is not needed as E5 contains Skype for Business Cloud PBX licence already.

image

If you assign both E5 and Skype for Business Cloud PBX licence then you will get the following error on clicking save:

image

That is not a particularly good error message though! It means you don’t need both licences. The error reads “We couldn’t replace products for everyone you selected. The list below explains who couldn’t get updated and why.”

Step 3: Assign the payment licence for telephone service

You can do this as you do Step 2. This is to assign the Skype for Business PSTN Domestic and International Calling licence

image

Step 4: Assign telephone numbers to your Office 365 tenant

You need one number per user and at the time of writing you can have a US or UK number. You can get a pool of numbers in advance of allocation, but these direct dial numbers (DDI) are not sequential. To do this number pool allocation go to the Skype for Business admin pages and click the new Voice link on the left:

image

From the top menu in the Voice area you can choose the following (phone numbers|port orders|voice users|emergency locations):
image

Before you assign users numbers you need to get the phone numbers and set emergency locations. To get the phone numbers click the + icon. You can have a number per licence.

Select your country, region and area code as shown

image

In England you can currently get numbers in the following area codes:

image

No Oxford number here yet, so I choose City of London on the region page to get an 0203 number. If you select Scotland as the region there is Edinburgh and Glasgow. You can request new area codes by raising a support ticket – instructions on what the ticket should contain are in the link at the top of this page.

Enter the number of numbers in that region you want and click Add.

You will get the following:

image

You can add more and then click Acquire Numbers. You can also click Show Numbers and select or remove any of the provided options you may not want before you click Acquire Numbers. You have 10 minutes to acquire the numbers.

image

The numbers you acquired are added to your list and shown as unassigned. You can delete numbers you don’t want from here by selecting them and choosing Delete

image

Step 5: Set emergency locations

Click Emergency Locations in the top menu and add a location for each user of the service. Typically this will be the office, though if you are a company of remote workers this is a more long winded process. Addresses need to be validated and I have found that new postal codes in the UK at least 18 months old will not validate. You cannot assign an emergency location that you cannot validate.

Step 6: Assign numbers and emergency locations to users

Click Voice Users on the top menu and select your users. Users will not appear here until around 1 hour after they are licenced. You can see below that we have both Cloud PBX and Cloud Connector to connect an on-premises phone system to Skype for Business Online.

image

Click a licenced user and click Assign Number

image

The number of available telephone numbers and emergency locations are shown

image

Click Save when both values are filled in. The popup will close when completed.

For a given licenced user with a number you can now change or remove that number and change their emergency location

image

Other than that you are done.

Step 7: With the end user

Skype for Business client will show a dial pad and you can make and receive calls on your personal number. Voicemail will be stored in your Exchange Online mailbox

image

From the voicemail icon in the Skype for Business client the user can change their greetings and set up voicemail. Clicking “Set up voicemail” takes the user to https://outlook.office.com/owa/?path=/options/callanswering which is currently the wrong page and searching for voicemail in the options dialog returns a link that goes nowhere.

The “Change Greeting” option allows you to do as it says and you need to record a greeting and accept it using the Skype for Business dial pad as shown. You can also use the number keypad on your computer as well.

SNAGHTML6f0030e

When an incoming call arrives via your new number a popup will appear in the bottom corner of the screen identifying the caller if you have their caller ID saved in your contacts:

image

Clicking the picture will answer the call. Ignore will send it to voicemail and options will allow you to text the user back or forward the call to your mobile phone. More permanent call forwarding options can be set in the Skype for Business client such as always forward or set simultaneously ring Skype and another number.

image

The New Rights Management Service

Posted on 3 CommentsPosted in aadrm, active directory, certificates, cloud, compliance, dirsync, exchange, exchange online, https, hybrid, journal, journaling, mcm, mcsm, microsoft, Office 365, Outlook, pki, policy, rms, smarthost, transport, unified messaging, voicemail

This blog is the start of a series of articles I will write over the next few months on how to ensure that your data is encrypted and secured to only the people you want to access it, and only for the level of rights you want to give them.

The technology that we will look at to do this is Microsoft’s recently released Windows Azure Active Directory Rights Management product, also known as AADRM or Microsoft Rights Management, or “the new RMS”.

In this series of articles we will look at the following:

The items above will get lit up as the article is released – so check back or leave a comment to this post and I will let you know when new content is added to this series.

What is “rights management”

Simply this is the ability to ensure that your content is only used by whom you want it to be used by and only for what you grant. Its known in various guises, and the most common guise is Digital Rights Management (DRM) as applied to the music and films you have been downloading for years.

With the increase in sharing music and other mp3 content in the last ten plus years, the recording companies and music sellers started to protect music. It did not go down well, and I would say this is mainly because the content was bought and so the owner wanted to do with it as they liked – even if what they liked was legal they were limited from doing so. I have music I bought that I cannot use because the music retailer is out of business or I tried to transfer it too many times. I now buy all my music DRM free.

But if the content is something I created and sold, rather than something I bought I see it very differently. When the program was running I was one of the instructors for the Microsoft Certified Master program. I wrote and delivered part of the Exchange Server training. And following the reuse of my and other peoples content outside of the classroom, the content was rights protected – it could be read only by those who I had taught. Those I taught think differently about this, but usually because the management of getting a new copy of the content when it expires!

But this is what rights management is, and this series of articles will look at enabling Azure Active Directory Rights Management, a piece of Office 365 that if you are an E3 or E4 subscriber then you already have, and if you have a lower level of subscription or none at all you can buy for £2/user/month and this will allow you to protect the content that you create, that it can be used by only those you want to read it (regardless of where you or they put it) and if you want it can expire after a given time.

In this series we will look at enabling the service and connecting various technologies to it, from our smartphones to PC’s to servers and then distributing our protected content to whom needs to see it. Those who receive it will be able to use the content for free. You only pay to create protected content. We will also look at protecting content automatically, for example content that is classified in a given way by Windows Server or emails that match certain conditions (for example they contain credit cards or other personally identifiable information (PII) information such as passport or tax IDs) and though I am not a SharePoint guru, we will look at protecting content downloaded from SharePoint document libraries.

Finally we will look at users protecting their own content – either the photographs they take on their phones of information they need to share (documents, aka using the phones camera as a scanner) or taking photos of whiteboards in meetings where the contents on the board should not be shared too widely.

Stick around – its a new technology and its going to have a big impact on the way we share data, regardless of whether we share it with Dropbox or the like or email or whatever comes next.

Configuring Exchange Server 2013 Unified Messaging With 3CX and Not AsteriskNOW

Posted on 9 CommentsPosted in 2010, 2013, asterisk, asterisknow, exchange, pbx, unified messaging, voicemail, voip

This article is an addendum to my blog series on configuring Exchange Server 2010 and Exchange Server 2013 with AsteriskNOW. AsteriskNOW is a easy to install version of Asterisk 1.8 in that it includes the underlying OS and the FreePBX software. The problem with Asterisk 1.8 is that it does not work well with the correct process of connecting to Exchange Server unified messaging servers.

Asterisk and Issues with Exchange Server and SIP Diversion

Exchange Server runs two unified messaging services, umservice.exe (on Exchange 2010 and Exchange Server 2013 Mailbox Servers) or Microsoft.Exchange.UM.CallRouter.exe (on Exchange Server 2013 Client Access Servers) that listens on TCP 5060 and UMWorkerProcess.exe (both versions of Exchange Server) that listens on TCP 5065 or TCP 5067. The correct process for connecting to Exchange Server unified messaging is to connect to TCP port 5060 and get back a SIP Redirect to either port TCP 5065 or TCP 5067. The reason for the redirect is that Exchange Server starts listening on 5065 and after a week starts a second process listening on 5067 and once the process on 5065 has finished all its call handling it will stop the process listening on 5065. This way Exchange Server manages the process, memory management, etc. without needing to restart the process if it goes bad – it just starts a process on the other port from the current process and directs all new calls at the new process.

The problem with Asterisk 1.8 is that is looses the caller ID during this redirect. Therefore all the posts you will see on the internet for Exchange and Asterisk use port 5065 directly and a few (very few) deal with the issue that this only works for a week before they need to change to port 5067 and so on.

On Exchange Server 2010, as both the umservice and the UMWorkerProcess are on the same machine, you can just connect to 5065&5067 at the same time and Asterisk will complete the call down the channel that answers.

Like Exchange Server 2010, the 2013 version allows you to direct voicemails at any unified messaging server and have them turn up in your inbox. You do not need to connect to that actual server your mailbox is located on – but ideally you would, as that will spread any load caused by voice across all the servers that store mailboxes. If you are connecting to a server in one location, your mailbox could be in another and so ideally you would connect to a mailbox server local to your mailbox, but as Asterisk does not manage the diversion correctly this will not happen.

On of the headline features of Exchange Server 2013 is the load-balancing without needing layer 7 hardware. This not going to work for Exchange Server 2013 and Asterisk as you will always get sent to the IP address of the trunk as configured in Asterisk and not the server your mailbox is located on.

The connectivity flow for Exchange UM is that the CAS role runs the Microsoft.Exchange.UM.CallRouter.exe process (port 5060) and the Mailbox role runs the umservice.exe (port 5062) and the UMWorkerProcess.exe (port 5065 or 5067)*. Therefore your PBX needs to talk to a CAS server on port 5060 (and can do this via a Layer 4 load balancer if they wish) and then the SIP call is redirected to the correct mailbox server for that user at that time. The following screenshot shows the error state in action:

image

From the above Asterisk console session you can see the following steps caused when the user at extension 8001 picks up the phone and calls the subscriber access number for the dialplan (8500):

  • Called SIP/TrunkName/8500
  • Got SIP response 302 “Moved Temporarily” back from CAS_Server_IP:5060
  • Now forwarding SIP/Call-ID to ‘SIP/8500::::TCP@mailboxserver_fqdn:5062’ (thanks to SIP/TrunkName-CallID)

The connection has been routed from the CAS server to the Mailbox server that holds the users mailbox and to the umservice.exe on that mailbox server. It is this service that knows the current port the UMWorkerProcess is running on on (5065 or 5067). So the connection flow continues with:

  • Got SIP response 302 “Moved Temporarily” back from mailbox_server_IP:5062
  • Now forwarding SIP/Call-ID to ‘SIP/8500::::TCP@mailboxserver_fqdn:5065’ (thanks to SIP/mailbox_server_fqdn:5062-CallID)
  • SIP/mailbox_server_fqdn:5065-CallID is ringing
  • SIP/mailbox_server_fqdn:5065-CallID answered SIP/8001-CallID

Exchange then answers with “Sorry, the person you are trying to reach does not have a valid voice mailbox on our system. Goodbye”. This is because in all the diversions (SIP 302) Asterisk looses the From: header which shows which phone the user is calling from and replaces it with the subscriber access number. Configure Asterisk to connect directly to 5065&5067 on a mailbox server and it all works fine, but latency for offsite mailboxes is not catered for, nor is any degree of HA.

So, as Asterisk has issues doing an Exchange Server 2013 multi server deployment that it could do with Exchange 2010, I have added this article to the blog series to explain why this is so and the steps for another IP PBX to solve the issue. Therefore we will look at configuring 3CX instead as an example IPPBX. 3CX with Exchange Server support is a paid for product, but at the time of writing you get a 2 call demo licence when you register to get a download – and a two concurrent call licence is enough for a lab.

Configuring 3CX for Exchange Server 2013

As the process for installation of 3CX is well documented, all I am going to do here is call out the steps that you need to do to get the system working with Exchange Server.

  • Download the free version
  • You will get an email with a licence key for 2 concurrent calls
  • Install the free version on a Windows Server, but not on any of the Exchange Server 2013 machines as both Exchange and 3CX will want to open port 5060.
  • During installation I choose to go for IIS as the web server.
  • Create two extensions during installation. I went for 5001 and 5002, one for each of my SIP phones. Note that if you configure your phones at the same time as you create the extensions they will not register with the server until after installation is complete.
  • Ensure that you enable voicemail for the extension.
  • Activate the software with the demo licence key you have (Settings > Activate Licence)
  • Configure your VoIP Provider settings including an Outbound Rule for sending calls to this provider.
  • Configure Exchange dialplan and UM gateway and UM enable mailboxes with the same extension number as used in 3CX
  • On Settings > Advanced choose the Exchange Server tab and enter the IP address of your Exchange CAS Server or CAS server load-balanced virtual IP. Set the port to 5060 and tick the box to use voicemail on your Exchange Server

You should now be able to place calls between your handsets and have the call forwarded to Exchange for voicemail.

 

 

* Note that if you are using TLS protected SIP (SIP Secure) then the port numbers in the above article are incorrect and are all +1. Therefore Microsoft.Exchange.UM.CallRouter.exe listens on 5061, umservice.exe on 5063 and UMWorkerProcess.exe listens on 5066 or 5068.

Building An Exchange Unified Messaging Lab (Part 8)

Posted on 6 CommentsPosted in 2010, 2013, asterisk, asterisknow, exchange, pbx, unified messaging, voicemail, voip

In the extended series of blog posts we are looking at creating a unified messaging lab for Exchange Server. So far we have looked at installing a software PBX (AsteriskNOW) and configuring Exchange Server (both 2010 and 2013) to accept calls from our PBX. We have also looked and configuring our PBX to send and receive calls to a SIP provider on the internet.

In this post we will configure our PBX to forward calls for our voicemail access number (8000 and 8500 in the blog series) to the Exchange Servers in the lab. Dialling 8000 will call my Exchange Server 2010 lab and dialling 8500 will call my Exchange Server 2013 lab. If you only have one lab environment, then you only need one set of trunks configured.

Configuring SIP Trunks To Exchange Server 2010 from Asterisk

Login to your FreePBX website and click Connectivity > Trunks and click Add SIP Trunk.

imageThis trunk will be configured with the settings of your Exchange Server unified messaging server and have a name such as “ToExchangeUM5065” for both Trunk Name fields (at the top of the screen and under Outgoing Settings). There are no settings needed under Incoming Settings or Registration. Note that the name of this trunk must match the name you selected when configuring the config file in the previous post. If you set the voicemail macro in Asterisk to use the wrong name it will not be able to forward the call anywhere.

The main part of the settings for the trunk is the PEER Details field. For my lab this reads as follows:

host=w.x.y.z ;IP address of the Exchange UM Server
type=peer
transport=tcp
port=5065
context=from-internal
qualify=yes

This creates a trunk with the IP address of the Exchange UM server, using TCP, over one of the ports that the UMWorkerProcess on Exchange listens on and has the qualify=yes setting to tell Asterisk to check if the server is up and running by connecting to it occasionally and sending an SIP OPTIONS header.

Once your first trunk is created you need to create a second trunk. This trunk has a different name and port. The name (following the above example) can be “ToExchangeUM5067” and the port value reads port=5067. All the other settings are the same.

imageOnce the trunks are complete you need to make the Outbound Routes that will be used to forward calls down this trunk. Click Connectivity > Outbound routes and provide a Route Name and a Dial Pattern and finally the Trunk Sequence for Matched Routes value.

For the Dial Pattern you just need to enter the number that users will call to access their voicemail and for the Trunk Sequence you just need to select the two Exchange trunks that you made earlier. Finally, click Apply Config to have all the changes submitted to the Asterisk config files and to have Asterisk reloaded.

As Asterisk does not do Diversion headers correctly (it looses the caller ID during diversion) I have an another article in this series looks an using 3CX. This different IPPBX does the diversion correctly.

Testing Your Unified Messaging Lab

You should now be able to call another extension, wait or reject that call at the destination, and be routed to Exchange Server voicemail. Once the message has been left the recipient of the call should receive an email with your message. If they click the Play on Phone option in Outlook, then their phone should ring and the message be played to them.

If you get an errors or unexpected results then make your calls whilst watching the server console. Run asterisk -Rv from the console and then make calls. You should see many messages and scrolling back through them, using screen before running asterisk –Rv and CTRL+A and [ to access the screen log, will show you messages containing “SIP/ext is ringing”, “Got SIP response 486 Busy Here”, and many lines further on “Executing [s-BUSY@macro-vm:4] Dial(‘SIP/ext-callID’,’SIP/xxxx&SIP/yyyy’) in new stack”. Either trunk xxxx or yyyy will answer with “SIP/yyyy-CallID answered SIP/ext-CallID”. Four or five more lines should take you to the end of the call log.

My final post in this series looks at doing all the same again, but using a different IP PBX – a commercial one called 3CX, but one that has a fully functioning demo licence for two concurrent calls and so is ideal for building labs with. This is covered in Using 3CX and Not Asterisk and Exchange Server.

Building An Exchange Unified Messaging Lab (Part 7)

Posted on Leave a commentPosted in 2008, 2010, 2013, asterisknow, exchange, rtp, sip, unified messaging, voicemail

In this series of blog posts I am looking at creating a Unified Messaging lab for Exchange Server 2010 (and 2013). Earlier posts have looked at the installation of the PBX (AsteriskNOW) and the configuration of the Exchange Server.

This post will look at the configuration of the user’s settings. For each user there are two settings to configure. The first are the related settings on the telephone and the second is the configuration of the unified messaging properties on the Exchange mailbox.

The first set of settings are covered in detail in Part 4 of the blog but in brief they involve choosing a unique extension number that has the same number of digits as the dialplan (all extensions must be unique within the dialplan) and creating this extension within the PBX and configuring a phone to use this extension. Once you have done the steps in Part 4 of the blog you should be able to ring any of your extensions and pickup the call.

If you ignore the call or press any “reject” button on the handset you will find that Asterisk voicemail answers the phone. So this part of the blog series will go into the steps to configure Asterisk to forward voicemail to Exchange Server (and this is the same for Exchange Server 2010 or 2013).

Configuring Unified Messaging Mailboxes in Exchange Server

For each user you need to associate their mailbox in Exchange with their extension number. You can do with the Enable-UMMailbox cmdlet or the Enable Unified Messaging wizard in the Exchange Management Console.

For the wizard, right-click the mailbox under Recipient Configuration and select the Unified Messaging Mailbox Policy that you created earlier. Then either choose a PIN or have the system generate on for the user automatically. The user will get an email informing them of their PIN either way. Click Next.

imageIf the user already has the Business Phone attribute (or Telephone number attribute on the General tab in Active Directory Users and Computers) populated in Active Directory then the option to automatically generate the mailbox extension will be available, and the extension will be shown (greyed out) in the field to the right. If this is incorrect, or a full phone number was not specified, then only the manual option will be available.

The Exchange Management Shell cmdlet to do the same is:

Enable-UMMailbox username -PinExpired $false -UMMailboxPolicy 'policy_name'

 

 

or, if you want to specify the extension number:

 

Enable-UMMailbox username -PinExpired $false -UMMailboxPolicy 'policy_name' -Extensions '8001'

 

 

As each mailbox is enabled for unified messaging, the mailbox will get an email telling them the access numbers for voicemail (the dialplan subscriber numbers), their number (which should be the same as their telephone extension number) and their PIN.

 

On the mailbox, if you look on the E-mail Addresses tab you will see the EUM address, and this should read ext;phone-content=policy. You can add additional extensions (EUM addresses) here manually if you wish.

 

Configuring and Using Outlook Voice Access

 

Now that you have the extension configured on a phone, the same extension configured against the mailbox, a dialplan with subscriber access number configured, SIP trunks to Exchange and an Outbound Route for the subscriber access number you should be able to ring the subscriber access number from your physical handset.

 

Upon dialling from the phone configured with your extension number you will hear the Exchange chimes and be asked to setup your Outlook Voice Access for the first time. You will need your PIN number to complete this, and this will have been emailed to the mailbox at the time the mailbox was configured for UM.

 

Configure Asterisk to Forward Calls to Exchange Unified Messaging for Voicemail

 

Asterisk defaults to forwarding calls to its own voicemail extensions and so edits need to be made to extensions.conf (or linked files if using FreePBX) to route calls to Exchange Server for voicemail.

 

In this blog series we have FreePBX installed, so we need to edit /etc/asterisk/extensions_override_freepbx.conf rather than extensions.conf. The first change is to copy the [macro-vm] section from /etc/asterisk/extensions_additional.conf into /etc/asterisk/extensions_override_freepbx.conf. [macro-vm] is approx 150 lines long and ends with “;–== end of [macro-vm] ==–;”.

 

Then we need to make some changes and additions to the macro-vm section. The first set of changes will comment out the code the directs calls to Asterisk voicemail and the additional lines will dial the Exchange Server trunks and add SIP Diversion headers so that Exchange knows which mailbox to answer the call for.

 

So first, locate the following lines and comment them out. The numbers in brackets at the start are the approx. location in extensions_override_freepbx.conf where you will find the line:

(86) exten => s-BUSY,n,VoiceMail(${MEXTEN}@${VMCONTEXT},${VM_OPTS}b${VMGAIN})
(92) exten => s-NOMESSAGE,n,VoiceMail(${MEXTEN}@${VMCONTEXT},s${VM_OPTS}${VMGAIN})
(97) exten => s-DIRECTDIAL,n,VoiceMail(${MEXTEN}@${VMCONTEXT},${VM_OPTS}${VM_DDTYPE}${VMGAIN})

 

Each of the above lines can be commented out by placing a semi-colon (;) at the start of the line.

 

Return to the s-BUSY block (starting at line 84) and add the following after the line that you just commented out:

exten => s-BUSY,n,SIPAddHeader(Diversion:<tel:${MEXTEN}>\;reason=no-answer\;screen=no\;privacy=off)
exten => s-BUSY,n,Dial(SIP/xxxx&SIP/yyyy) /* xxxx/yyyy here are the two trunk names, one for each TCP listening port */
exten => s-BUSY,n,Hangup

 

This code adds the Diversion header to read tel:extension. Note that the tel:ext block is surrounded by greater and less than signed (triangle brackets if you will) which have a habit of not being displayed on web pages.

 

Also note that you need to use the names of your two trunks connecting to Exchange that you will make in the final part of this blog series (Part 8). You will make one trunk connecting to port 5065 and the other to port 5067. The Dial() command tells Asterisk to dial both trunks at the same time and direct the call to whichever answers first. Therefore if Exchange is listening on 5065 or 5067 the connection will work. For ease of configuration, if you pick the names for the two trunks now you can add them to the config file here and then when you create the trunk in Part 8 you just need to use the same names. I used ToExchangeUM5065 and ToExchangeUM5067 in my lab. Then I replace xxxx with ToExchangeUM5065 and yyyy with ToExchangeUM5067.

 

The s-NOMESSAGE block (at line 92) needs the following added after the line that has been commented out:

exten => s-NOMESSAGE,n,SIPAddHeader(Diversion:<tel:${MEXTEN}>\;reason=no-answer\;screen=no\;privacy=off)
exten => s-NOMESSAGE,n,Dial(SIP/xxxx&SIP/yyyy) /* xxxx/yyyy here are the two trunk names, one for each TCP listening port */
exten => s-NOMESSAGE,n,Hangup

 

Again, change xxxx and yyyy for your two different trunk names that you create in the next part of this blog and make sure that the Diversion: header includes triangle brackets around tel:ext.

 

Next you need to do the same for the s-DIRECTDIAL block:

exten => s-DIRECTDIAL,n,SIPAddHeader(Diversion:<tel:${MEXTEN}>\;reason=no-answer\;screen=no\;privacy=off)
exten => s-DIRECTDIAL,n,Dial(SIP/xxxx&SIP/yyyy) /* xxxx/yyyy here are the two trunk names, one for each TCP listening port */
exten => s-DIRECTDIAL,n,Hangup

 

As you can see, the three blocks of inserted code are all the same apart from the s-WORD value at the start of each.

 

One block of code is missing through from the FreePBX defaults. If you call an extension and it is busy Asterisk runs the code starting s-BUSY, but if the call is ignored then Asterisk attempts to find and run code starting s-NOANSWER and as this is missing it will route ignored calls to Asterisk voicemail. To route ignored calls to Exchange Server add the following block of text:

exten => s-NOANSWER,1,Noop(NOANSWER voicemail - Exchange UM)
exten => s-NOANSWER,n,Macro(get-vmcontext,${MEXTEN})
exten => s-NOANSWER,n,SIPAddHeader(Diversion:<tel:${MEXTEN}>\;reason=no-answer\;screen=no\;privacy=off)
exten => s-NOANSWER,n,Dial(SIP/xxxx&SIP/yyyy) /* xxxx/yyyy here are the two trunk names, one for each TCP listening port */
exten => s-NOANSWER,n,Hangup
exten => s-NOANSWER,n,Goto(exit-${VMSTATUS},1)

 

This new block is again a copy of s-BUSY (or the other two) and just the s-WORD bit changed to s-NOANSWER. For completion the Noop line (line 1 above) is also changed to NOANSWER so that the correct text is written to the Asterisk console and log files.

 

No other changes are needed in extensions_override_freepbx.conf. So save the file and restart Asterisk by using amportal restart from the console.

 

There is now one more thing to do. That is to create the SIP Trunks to Exchange Server. This is detailed in Part 8, and once you have a way to connect to Exchange Server you are able to route voicemail requests to Exchange and complete your unified messaging lab.

Building An Exchange Unified Messaging Lab (Part 6)

Posted on Leave a commentPosted in 2010, 2013, asterisk, asterisknow, exchange, pbx, unified messaging, voicemail, voip

Earlier parts in this blog have talked about VoIP, configured AsteriskNOW software PBX and configured inbound and outbound calls via the PBX. Now it is time to configure voicemail to be provided by Exchange Server 2013 and for the telephone users to be able to call Exchange an listen to their voicemail. In addition to listening to voicemail, when a user logs into Exchange Server via their telephone handset Exchange can read and the user change items in their mailbox (i.e. delete email, change calendar bookings) and direct calls to other users.

This blog article will look specifically at Exchange Server 2013. The preceding article repeats the steps here, but for Exchange Server 2010. So lets start by configuring all the required pieces on the Exchange Server.

Configuring Exchange Server 2013 Unified Messaging

The first thing to set up in Exchange Server 2013 with regards to Unified Messaging is the mailbox server role. Unified Messaging is automatically installed on the mailbox role. Once the role is installed go to the Voice area of Exchange Control Panel.

image

By default Exchange is installed with the United States language pack. Download and install the correct unified messaging language packs for your country before you proceed further or Exchange will answer you in the wrong language. 

The first thing that you need to create is the UM Dial Plan with the correct number of digits (four in the case of this blog), set Unsecured for VoIP Security, enter your Country/Region code (for example 44 for the UK) and choose the language you want the server to answer callers in. Unlike Exchange Server 2010 you do not associate dial plans with servers unless you are using Lync Server as the PBX.

On the UM IP Gateways screen add a gateway for the IP address of your PBX.  Exchange requires TCP support and we covered the steps for configuring Asterisk in Step 3 to support SIP over TCP.

image

If you are using a PBX that supports custom ports for SIP over TCP (Asterisk 1.8 does not support changing the TCP port for SIP) then remember to adjust the port in Exchange Server. You set the port if different from 5060 using Exchange Management Shell: Set-UMIPGateway –identity BlogGateway -Port 5065 for example.

You also need to select the dial plan you just created and a display name for the UM Gateway.

Unlike Exchange 2010, there will be nothing in the Event Viewer upon successful creating an IP Gateway. Also you are not required to associated the dial plan with a UM Server. The PBX should be configured to forward all calls to the front-end CAS array and CAS redirects the call to the Mailbox server that holds the users mailbox for answering by the Unified Messaging service.

Now that you have the initial configuration complete, go back to the UM Dial Plans screen and open the dial plan that you created earlier. You will need to associate a subscriber access number with this dial plan. This is the number that users will call to listen to their voicemail. Exchange Server will be informed of the dialled number when the PBX forwards the call to it, and so the number called must be associated with a mailbox or be the subscriber number. In other PBX systems, this number is often called the Pilot Number. In the lab we are building here, with a four digit dial plan, the chosen subscriber number is 8500.

To add the subscriber number click the configure UM dial plan button on the UM Dial Plan properties screen and change to Outlook Voice Access tab

image

Change any of the the remaining properties as required before saving your changes.

Back on the UM Dial Plan screen edit the default UM Mailbox Policy as required. I would suggest for a lab environment that you have a 4 digit PIN and no requirement to reset it.

image

For the purposes of the lab we are not going to configure the UM Auto Attendants and we will just use the default hunt group created.

The previous blog post covered these same settings for Exchange Server 2010. The next part, Part 7 will look at configuring users (mailboxes) to have valid unified messaging settings and then Part 8 will look at the configuration on the PBX to create a trunk to reach your Exchange Server and the settings to forward voicemail messages to the Exchange Server. These following posts look at the configuration mainly from an Exchange 2010 viewpoint, but will work for Exchange Server 2013.

Building An Exchange Unified Messaging Lab (Part 5)

Posted on Leave a commentPosted in 2010, asterisk, asterisknow, exchange, unified messaging, voicemail, voip

Earlier parts in this blog have talked about VoIP, configured AsteriskNOW software PBX and configured inbound and outbound calls via the PBX. Now it is time to configure voicemail to be provided by Exchange Server and for the telephone users to be able to call Exchange an listen to their voicemail. In addition to listening to voicemail, when a user logs into Exchange via their telephone handset Exchange can read and the user change items in their mailbox (i.e. delete email, change calendar bookings) and direct calls to other users.

This blog article will look specifically at Exchange Server 2010. The following article will repeat the steps here, but for Exchange Server 2013. So lets start by configuring all the required pieces on the Exchange Server.

Configuring Exchange Server 2010 Unified Messaging

The first thing to set up in Exchange Server 2010 is to ensure that you have the Unified Messaging role installed on at least one Exchange Server. This role can be shared with any other role apart from the Edge Server role is you need to. Once the role is installed go to the Unified Messaging area under Organization Configuration in EMC.

By default Exchange is installed with the United States language pack. Download and install the correct unified messaging language packs for your country. These are service pack dependent, so install the correct one.

For Exchange 2010 create a UM Dial Plan with the correct number of digits (four in the case of this blog), set Unsecured for VoIP Security and enter your Country/Region code (44 for the UK).

image

Click Next and associate the server on which you installed the UM role with this dialplan.

In the UM IP Gateways dialog add a gateway for the IP address of your PBX. Exchange requires TCP support and we covered the steps for configuring Asterisk in Step 3 to support SIP over TCP.

image_thumb3

If you are using a PBX that supports custom ports for SIP over TCP (Asterisk 1.8 does not support this for TCP) then remember to adjust the port in Exchange Server. You set the port if different from 5060 using Exchange Management Shell: Set-UMIPGateway –identity BlogGateway -Port 5065 for example.

The application event log will show if there are errors in the IP Gateway configuration. If there are no errors and Exchange is able to communicate successfully with your PBX over TCP then it will report Event ID 1401

The following UM IP gateways responded promptly to a SIP OPTIONS request.
Transport = TCP, Address = 192.168.5.100, Port = 5060, Response Code = 200, Message = OK

If you change your view to the UM Mailbox Policies tab then you can see the default mailbox policy that has been created for you. You might want to change this, but at the very least you need to check its settings. For a lab environment I suggest a 4 character PIN, no PIN lifetime and 1 previous PINs to disallow.

image

For now you do not need to create a UM Auto Attendant and so we will skip this section of the configuration for you to return to in your own time later.

Now that you have the initial configuration complete, go back to the UM Dial Plans tab and open the dial plan that you created earlier. You will need to associated a subscriber access number with this dial plan. This is the number that users will call to listen to their voicemail. Exchange Server will be informed of the dialled number when the PBX forwards the call to it, and so the number called must be associated with a mailbox or be the subscriber number. In other PBX systems, this number is often called the Pilot Number. In the lab we are building here, with a four digit dial plan, the chosen subscriber number is 8000:

image

Finish the remaining tabs in this dialog by entering valid Dial Codes and other options as you need to:

image

Change to Server Configuration > Unified Messaging in the Exchange Management Console and double-click your unified messaging server. Ensure the UM Settings properties reads TCP for startup mode and if you change this ensure that you restart the Microsoft Exchange Unified Messaging service.

The next blog post will cover these settings for Exchange Server 2013 and then the two following will look at the mailbox configuration and the configuration on the PBX to create the trunks to reach Exchange Server and the settings to forward voicemail messages to the Exchange Server.

Building An Exchange Unified Messaging Lab (Part 2)

Posted on 1 CommentPosted in 2010, 2013, asterisk, asterisknow, exchange, sip, unified messaging

This series of blog posts started with Part 1 where we discussed the requirements of the lab and what you would need from any PBX that you might have to hand. Part 2 (and the next few parts) will look at installing AsteriskNOW to provide a software PBX to support the Exchange Server unified messaging environment.

Installing AsteriskNOW Software IP PBX

Start by downloading the latest version of AsteriskNOW from http://www.asterisk.org/downloads. This is a easy to install version of the open source Asterisk IP PBX. AsteriskNOW installs the underlying Linux OS it needs with very little initial configuration and is especially easy for non Linux people like myself! This blog is based on AsteriskNOW 2.0.2

While AsteriskNOW is downloading create yourself a new virtual machine with the following configuration:

  • 512Mb RAM (dynamic memory not required)
  • 1 Processor
  • 1 Legacy Network Card (that is, remove the standard NIC that Hyper-V adds to new virtual machines and add a legacy network adapter). AsteriskNOW runs on CentOS and this does not have an easy to install Hyper-V Integration Services that would provide support for the standard network card.
  • Connect this network card to a physical network with internet access.
  • 1 new virtual hard disk, dynamically expanding is fine. 15GB should be plenty, though no harm is making its maximum size larger if you need to.
  • Once the AsteriskNOW iso is downloaded attach this to the virtual machine.

The settings for the virtual machine should similar to the below screenshot:

image_thumb1

Start the virtual machine and then connect to it to see the installation proceed.

First, select option 1 to install Asterisk 1.8 and the FreePBX web interface for the PBX:

image_thumb2

CentOS (a Linux distribution) will install automatically followed by an installation of AsteriskNOW and FreePBX. You will be asked to create the disk partition, wiping all data – and your answer will be Yes:

image_thumb3

Then you will need to partition the hard disk. Choose the option to Use free space on selected drives and create default layout and click Next.

image_thumb4

Select your timezone and check the box System clock uses UTC and click Next.

image_thumb5

Enter the password that you want to use for the root account. Click Next and go and get a coffee. A long coffee! And come back in about 30 minutes.

image_thumb7

Finally, and before you reboot the server at the end of the installation, change the virtual machine settings so that the ISO is not mounted as a DVD.

The Initial Configuration of AsteriskNOW

After the installation has completed and the new software PBX has been restarted you can complete the initial configuration of the server. This includes network and other settings such as NTP time sync and keyboard changes is you are not based in the US.

To make some of these changes you will need to either have experience of using Linux text editors or install WinSCP and use this to edit the config files from Windows. WinSCP can be downloaded from www.winscp.net

First change is the network settings. The Setup Agent screen appears, and you can exit from this (or wait and it will disappear shortly). You will be presented with the login screen:

image_thumb8

Enter root and the password you choose during setup. Make a note of the IP address that is currently assigned to the server. This is shown above the login prompt. If you forget the IP address you can type ifconfig at the prompt in the console to be reminded of it.

Type system-config-network to allow you to change the IP address and DNS on the server. Note that DNS changes will not work until after the network is restarted (or the server rebooted).

image_thumb9

Tab until Edit Devices is selected and press Enter.

Your current network card will be highlighted. Press Enter to let you make changes. If this virtual server is clustered you will need to change the IP address and reboot, then switch the virtual server over to the other node(s) and configure an identical set of network settings and reboot on each node. If you don’t then the server will have different IP addresses per node that it runs on.

image_thumb10

image_thumb11

Tab to change fields, use space to deselect the * under Use DHCP and then enter a valid fixed IP for your network, and valid mask and gateway settings. Tab to OK and space to action this.

Tab to select Save and then select Edit DNS Configuration. This DNS configuration will only take effect after you restart the network upon changing the IP address (or use /etc/init.d/network restart to restart the network). So after reboot run system-config-network to make these changes. Do not set the primary DNS IP as 127.0.0.1 as a DNS server is not installed on the AsteriskNOW box.

image_thumb12

Reboot your server with shutdown –r now and upon restart connect to the server’s fixed IP address with WinSCP to do some other initial configuration.

Start WinSCP and click New to create a new session. Enter the IP address (or DNS name if you have made one) for the server. Enter root and your password where needed and set the File Protocol to SCP:

image_thumb14

Click Save and then Login. Accept the prompt about the server’s key and then you will see the local file system and server’s file system:

image_thumb15

Edit the file /etc/sysconfig/keyboard so that KEYTABLE=”xx” where xx is the name of the keytable file located in /lib/kbd/keymaps/i386 not including the .map.gz bit of the filename. For example my value would be uk.

Navigate to /usr/share/zoneinfo and find the folder names that match your timezone. Mine is Europe/London.

In the AsteriskNOW server console login and type the following where Europe/London matches the folder and filenames you located.

ln -sf ../usr/share/zoneinfo/Europe/London /etc/localtime

Then enter the following to see the time on the hardware clock and change it if needed. The last command set the hardware clock to the value of the system clock:

hwclock
date mmddhhmm
/sbin/hwclock --systohc

Finally to set automatic updating of time to an NTP clock (port UDP 123 outbound is needed if going to the internet, or just enter the IP of a domain controller) you need to enter the following commands:

yum install ntp 
chkconfig ntpd on
ntpdate pool.ntp.org
/etc/init.d/ntpd start

Update CentOS to the latest updates

Get the latest updates for CentOS and Asterisk with the command yum update.

On completion of the updates reboot the server with:

shutdown –r now

After the reboot check that the DNS values have been set correctly. To avoid a reboot use:

/etc/init.d/network restart

Install the Hyper-V Integration Tools

To allow for time sync and other integration with Hyper-V download the Linux Integration Services Version 3.4 for Hyper-V from http://www.microsoft.com/en-GB/download/details.aspx?id=34603.

This download is an ISO file. Attach the ISO to the Asterisk virtual machine.

In the Linux console type the following:

mount /dev/cdrom /media
cd /media/RHEL58
./install-rhel58.sh

Allow the installation to complete and reboot with shutdown –r now.

Initial Configuration of FreePBX

Login to http://your_IP and use admin and admin as the username and password.

If the webpage looks like it is broken and the following links don’t work (it keeps logging you out) then from the server console type the following command to fix the issue.

amportal restart

Once you are logged into the FreePBX console without issue, if there is a retrieve_conf error towards the top left the run the following commands from the console

rm -rf /etc/asterisk/logger.conf
ln -s /var/www/html/admin/modules/core/etc/logger.conf /etc/asterisk/logger.conf #ln to here is one entire line
amportal reload

Click Admin menu > Administrators and select admin user on the right. Change the admin user password and click Submit Changes button. Don’t click the Apply Config button that has just appeared on the toolbar. You have other changes to make first.

Click Admin menu > Module Admin > Check Online > Click the Upgrade All link to the right and the click Process > Confirm and finally the Return link once you scroll all the way down the update popup screen.

Click the red Apply Config and after the configuration has reloaded, logout and back in again with your new password.

Change the default ARI Admin password from Advanced Settings menu. To do this click Display Readonly Settings and Override Readonly Settings to True. Click the Green save icon and then Apply Changes. Find the User Portal Admin Password field and change it. Click Save and then Apply Config. Change the two Readonly settings back to False, Save and Apply Config.

The next part of this blog series will look at further configuration of Asterisk PBX to support Exchange Server (TCP needs to be enabled amongst other settings) and to configure the firewall to allow external calls to and from the PBX.

Building An Exchange Unified Messaging Lab (Part 3)

Posted on 2 CommentsPosted in 2010, draytek, exchange, firewall, rtp, sip, unified messaging, voicemail

This blog is part of a series on creating a unified messaging lab for Microsoft Exchange Server. Configuring Unified Messaging was not as easy as I thought it would be and there was a lack of information that brought all the settings into one place, and a lot of incorrect information! The series started with Part 1 for the requirements and Part 2 for the initial configuration of AsteriskNOW and FreePBX.

Up until now the changes you have made have been pretty much the same for everyone. Sure, you have set an IP, keyboard and timezone that are different but everything else has been pretty much standard. Now we need to change some Asterisk configuration files to support Exchange Server Unified Messaging.

Configuring Asterisk for Internal and External Calls

As we have chosen to install FreePBX as well, we will edit the configuration files that FreePBX does not control. If you are doing your configuration without FreePBX installed there will be different files to change.

Before we make the changes though, you need to decide a few things. Some of these will be determined by your current environment. The first thing you will need to know is the number of digits in your dialplan. A dialplan is the internal extension number configuration at your office. For example if you dial 1xxx to reach one office and 2xxx to reach another then you have a four digit dialplan and sequences starting 1 and 2 are already reserved. In my lab I am going to use a four digit dialplan where 8xxx is going to be allocated to physical telephone handsets (extensions) and 8000 is going to be the number I call to listen to my voicemail (the Pilot Number) when I am using Exchange 2010 and 8500 when I am using Exchange 2013. Two numbers for voicemail allows me to use two different Exchange labs from one set of SIP phones.

Once you have picked your dialplan you can start to configure the various components of your PBX for your telephone network. These changes include forwarding your pilot number (8000 and 8500 in this blog) to Exchange and configure your telephone extensions.

In Asterisk we need to do these configuration changes by editing the config files. We can do this in a few different ways. We can edit the config files directly in the Linux console (using text editors such as vi), use WinSCP from a Windows PC if you don’t want to edit the files in Linux directly or use FreePBX for some of the changes. You must use FreePBX to change any file that has the FreePBX banner at the top of the config file.

SIP.Conf Changes for NAT and Exchange Server

Firstly, if you have a NAT’ed network you need to tell Asterisk your external IP address. Edit /etc/asterisk/sip_general_custom.conf to contain:

nat=yes
;externip needs to be your public IP
externip=w.x.y.z
;localnet=internal_IP_network/subnet_mask
localnet=192.168.5.0/255.255.255.0

You also need to add the following to the same file:

context = default
bindport = 5060
bindaddr = 0.0.0.0
tcpbindaddr = 0.0.0.0
tcpenable = yes
promiscredir = yes

Amongst these changes some of them tell Asterisk to listen on TCP, bind to all IP addresses and listen on port 5060 for UDP. Exchange Server and Lync Server require TCP support from the IP PBX that they connect to and without these settings Asterisk will only do UDP. Asterisk 1.8 will only listen on 5060 for TCP and there is no config setting to change this. The bindport setting controls the listening port for UDP.

Notice that we changed the sip_general_custom.conf file and not sip.conf. If you did not have FreePBX installed you would make all your changes to Asterisk in the config files and so could edit sip.conf directly. FreePBX overwrites some config files with its settings whenever you click Apply Config in the web GUI. To avoid having your settings overwritten you need to make them to files that are referenced by include statements in the master file.

For this example, if you open sif.conf (in /etc/asterisk) then in the [general] section (where the above edits are needed) you will see #include sip_general_custom.conf. This tells Asterisk to load sip_general_custom.conf as part of sip.conf, and we know that sip_general_custom.conf will not be overwritten by FreePBX because it does not tell us this at the top of the file.

To determine the file that you need to make the change in for other config files open the master file that you need to edit (i.e. sip.conf in this example) and see if there is a FreePBX banner at the top of the file. If not, then edit the file as required. If there is a banner telling you not to make changes then look for the section that your change will be inside (for example in sip.conf above we made our initial changes in the [general] section) and locate the #include statement that follows that section. This statement tells Asterisk the name of additional config files to load and to consider as part of the master file that you are currently reading. Some of these include files contain the FreePBX banner as well but others don’t for example to make changes to the [general] section of sip.conf we will edit sip_general_custom.conf, the custom config file for the general section in the sip.conf file.

RTP.Conf Changes For Your Network

SIP is the protocol that is used to manage connections between the parties involved in the call. RTP is the protocol used to transfer the voice data. You need to edit /etc/asterisk/rtp.conf so that the rtpstart and rtpend values are suitable for your network.

For each call connections will be made to 5060 and two additional ports. These two additional ports need to be sequential, and the odd numbered port will carry RTP data (voice traffic) into your PBX and the even numbered port carries RTCP packets (data about the connection). Outbound SIP/RTP traffic is determined by settings on the other parties PBX, so you typically need to allow all outbound ports from your PBX.

Therefore you need to configure Asterisk to have a start and end range for RTP that is a minimum of two ports (for one concurrent call) and a max of the number of concurrent calls you can make to through your PBX. Your external firewall will need to be configured to publish all these ports to your IP PBX so don’t make the range too big – but equally you need two ports per concurrent call so don’t make the range too small.

The range will always be the higher of the max number of calls your SIP Trunk provider allows and the number of physical handsets you have (plus some overhead to allow for parked calls). So if you have a five call SIP trunk, ten staff members, and 12 handsets you would need to support at least 12 concurrent calls. Therefore configure RTP to start at 10010 and finish at 10034 (two ports for each of the twelve concurrent calls you can support). Then increase it a bit for your sanity!

Edit /etc/asterisk/rtp.conf so:

rtpstart=10110
rtpend=your calculated value

 

Make sure your firewall forwards these ports to this PBX server and if you have other PBX servers ensure that you do not use the same port range. The following shows an example firewall configuration for this PBX. In the picture and in my config files I am using 5065 for SIP as I have two PBX’s and the other is using 5060.

 

image

 

Once we test calls to the outside world, if you start getting “one way traffic” (that is you can be heard but you cannot hear the caller or the reverse) then you need to check your firewall rules.

 

In Part 4 the fun will start. In this part we will configure a few telephone extensions so that we can make internal calls and then configure a SIP Trunk provider so we can make external calls. Part 5 will look at configuring Exchange Server 2010 and Part 6 the same, but for Exchange Server 2013. Part 7 will look at connecting these calls to your Exchange Server when we want to record a voicemail message.