Lifestyle, microsoft teams, News, privacy, WebRTC

Microsoft Teams Phone System, Direct Routing, and SBCs, a journey. (pt.4/4)

Last week we spent some time reviewing the TLS and SIP Options requirements for Microsoft Direct Routing, this week it’s payday! Time to make some final adjustments and place some calls.

Setting your outbound routes

For my setup, I wanted to route the outbound calls to my CPaaS, where I could do many other things besides just Origination or Termination. After some experimenting, we had our route configured and we could try some calls.

Calls were now flowing from my Teams client to my SBC and onto my CPaaS / external PSTN phone numbers. Much to my jubilation, the quality was pretty good, check it out for yourself…

Inbound routes

Now the harder part, routing calls into Teams. For this part, I had to route to the Microsoft SIP resources + assign external numbers from my CPaaS to the Teams active users. This is where things get “interesting”. 

As it turns out, the only way you can assign an external number to a user in Teams (today at least) is to run commands from a Power Shell connected to the Teams instance. Since I am a Mac user, that meant spinning up a VirtualBox, installing Windows on a VM, installing PowerShell and SFB modules. (Microsoft, please tell me there is a C# or Graph API coming for this).

Be sure to Run PS as Administrator

Then we need to run the command to connect to the SFB resources…

It will create some remoting modules…

Once authenticated you will end up back at the prompt, where you can enter the commands to add your phone numbers.

That command looks something like this…

Set-CsUser -Identity “” -OnPremLineURI tel:1234567890 -EnterpriseVoiceEnabled $true -HostedVoiceMail $true

Tech tip: Here is a link to all the Skype module commands.

If it works, it will return you back to the PS prompt. A quick look inside Teams and we will see that the number has been associated with the user as an On-premises number.

Here we see the Teams user with the assigned number inside the Team client interface…

Now, we have to route the inbound number from the CPaaS to the SBC and then onto Teams. In my case, I registered my SBC to a CPaaS SIP endpoint and used that connection to send inbound calls from my number to the SBC endpoint. The SBC then forwards the calls to the Teams SIP servers and decides where to send the media. Even though all my endpoints were in the Vancouver area, the media sometimes connected in East USA, which seems weird, maybe their Western hubs were overloaded, not sure.

Et Voila! Once everything was set up, calls inbound started working. Celebrate your small victories, as my dad always said. Here is a screenshot of me answering a call from an external number to my Teams phone number.

I added a bit of redundancy (few more servers) monitoring + failover logic and rolled it out for my buddy’s business.

He’s elated. Not only is the price right, but he now has a great deal more flexibility in how he uses the systems. He added some SIP desk phones to the mix, which now ring simultaneously when someone calls a Teams number.

I also added some SMS capabilities, TTS (Text To Speech), Call Recording and Call Whisper to his setup. 

The next post will be on using external telephony resources with some of the Microsoft Phone System features like; Auto-Attendant, Call Queues, Transfer, etc.

I hope you found this article interesting. We have had good interest in the offering thus far and now are now thinking of building a complete all-in-one solution that would do all of this through an intuitive interface eg. connect external phone systems, carriers/aggregators/cpaas, buy/manage numbers, choose carriers, set up domains, add TLS certs, et al. Let us know if you think that would be something you would be interested in. 

If you have any questions or comments or want your own SBC for Direct Routing, get in touch via or give us a call 1.877.897.1952

Get to know Microsoft Teams: Messaging external Teams

Getting the hang of Microsoft Teams can be a bit different from other collaborative applications. With that in mind, we have kicked off a new series of short tutorial videos called “Get to know Microsoft Teams”.

These short videos have been designed to provide new Microsoft Teams users with answers to some of the more popular questions we get from our customers.

In this episode we cover Guest Messaging, and more specifically how to create Guests in your Team so that you can send/receive messages with external Teams users and see their presence status.

If you found this video helpful, please share and let us know by leaving a comment.

microsoft teams, privacy

Microsoft Teams Phone System, Direct Routing, and SBCs, a journey. (pt.3)

In the last post we did some preliminary investigation on Direct Routing and what part the SBC plays in Direct Routing. Today we will take a deeper dive into TLS and SIP Options.

TLS and SIP Options

In order for this connection to work, Microsoft expects TLS+SIP Options to signal their servers that your SBC is alive and vice-versa. For the purposes of this demonstration you can think of TLS as SSL for VoIP. I would need to install certificates per domain that were going to be signaling to Microsoft and then I would need to leverage the dispatcher module in Kamailio to send the SIP Options to the Microsoft SIP servers.

Installing TLS correctly would take some forethought. Working through the Microsoft multi-tenant scenario, was a bit of a beast. In order to serve multiple tenants (thinking ahead a bit here) with the same domain and certs we would need a wildcard certificate. The problem is, double wildcard certificates are not supported, for various security reasons. So, we would have to set up a workflow that used a “*” type of structure. We are going to use let’s encrypt certs for the test, just to see if this works. Initially I just created a cert for a single domain. Once that was up, I would return to the multi-tenant requirements. For now, running a single customer on one Digital Ocean droplet was not a huge concern, we can optimize as a next phase.

Tech Tip: Adding a certificate to a debian linux VM is widely documented, that said, using let’s encrypt’s certbot module makes it dead easy.

Kamailio Dispatcher Module

Once I had the machine up and resolving on a secure socket, we needed to ensure that the dispatcher in Kamailio was sending out the SIP Options. First we need to ensure the dispatcher module was loaded add then add entries to the dispatcher list. Nick has a great article on getting started with Kamailio dispatcher, so check that out if you want to learn more about it.

Once we had our Microsoft SIP Server records in Dispatcher, we could reload Kamailio and see what’s what!

sbc:~# kamcmd dispatcher.list | egrep “URI|FLAGS” allows us to see state Flags which means our system is Actively Probing and our config is correct. 




If you are seeing IP or another FLAG, your configuration is likely incorrect. See below for the flag states.

  • AP — Active Probing — Destination is responding to option pings & looks to be up.
  • IP — Inactive Probing — Destination is not responding to pings and might be unreachable. This could also mean the destination isn’t liking what you’re sending it and therefore is not responding. In many cases this is due to the improper configuration of TLS on your server.
  • DX — Destination is disabled (administratively down)
  • AX — Coming up, but has not yet satisfied the minimums to be considered up (ds_inactive_threshold)
  • TX — Looks like or is, down. Has stopped responding to pings but has not yet satisfied downstate failed ping count (ds_probing_threshold)

Now let’s take a look at the SBC in our Teams configuration…

Hey that looks positive! Much better than the inactive state that is was in before. It would be nice if Microsoft were to rate these as a percentage of usage versus efficiency.

Next week in our final post in this series, “Microsoft Teams Phone System, Direct Routing, and SBCs, a journey (pt.4)” – we will try some outbound calls and set up our systems for inbound calls.

We hope you found this article interesting, please leave a comment or text the number below and tell us what you think!

If you have any questions or comments or want your own SBC for Direct Routing, get in touch via or give us a call at 1.877.897.1952 (also textable).

microsoft teams, Misc, News, privacy, WebRTC, Websites

Microsoft Teams Phone System, Direct Routing, and SBCs, a journey. (pt.2)

In the last post, we talked about Microsoft’s Business Voice offer and why it’s not always a practical solution. Today we get a bit more in-depth on the Direct Routing components and what’s required for external Teams telephony and the associated SBCs.

Direct Routing and Session Border Controllers

Direct Routing is Microsoft’s way of saying, external SIP connectivity. It allows admins of Teams to create interconnectivity with the outside VoIP and PSTN world without using Microsoft’s calling plans. From the Microsoft website…

Direct Routing lets you connect a supported Session Border Controller (SBC) to Microsoft Phone System to enable voice calling features. You can view information about SBCs and online voice routes; add, edit, or delete an SBC; add, edit, and specify priority of online voice routes; and manage online PSTN usage records.

So, here we know that in order for us to connect our own VOIP phone system, I needed an SBC in the middle. Here’s a quick reminder of what an SBC does in a VoIP network…

SBCs, or Session Border Controllers, are network elements that help protect VoIP networks from malicious attacks. They also serve as a point of NAT traversal and media transcoding, to aid in the connection of VoIP endpoints.

Well, it’s not the end of the world. My favorite CPaaS has plenty of SBCs in-network so that shouldn’t be an issue. Not so fast. This particular SBC needs to be set up with some specific configuration including TLS + SIP Options, specific Contact Headers & audio codecs, and few more fiddly bits. Time to dust off my SIP tools and get started. Let’s start by seeing what happens when we try and point Direct Routing to my CPaaS SBCs…

Nope, no go. Now what’s this about the domain not being setup? O365 admin says my DNS configuration is fine, so what gives?

After spending some time with Microsoft Support, the fellow I was speaking to said he copied my setup and his config wasn’t working until he enabled Exchange and Outlook MX records in his DNS. Hmm, that didn’t sound right. I didn’t want to point all my MX records to Outlook for this test, I only want Voice and Teams chat to work. Then I noticed there is a “Skype For Business / Voice” only option when verifying your domain.

I added the DNS records and it gave me the all green as you can see above, but it still wasn’t allowing me to add the SBC.

Tech Tip: I had to actually assign a user to that domain before it would recognize that domain as being active. After doing that I was able to add my SBC domain.

Down the SBC rabbit hole

The SBC in my chosen CPaaS was not directing calls to the proper Microsoft SIP signaling servers, looks like I will definitely need an SBC in between my CPaaS and Microsoft’s SIP servers. 

I had no choice, if I was going to get this working I would have to use one of the certified Teams SBCs, or build my own. The certified SBCs were relatively expensive and required licensing based on per channel usage or per minute metering if you used one of their cloud images eg. Azure, Amazon. That would not fly for my friend’s business, he is very cost-conscious, not unlike most business owners.

Down the rabbit hole we go, I bit the bullet and began building up a server. The first objective was getting outbound calls to the PSTN/outside world from Teams users. From past experience, it’s always easier to start with outbound calling first, when you get that working move on to inbound. The reason being is that NAT firewalls and SIP don’t mix well, especially if they are blocking certain traffic. Sending traffic out of a NAT was always easier than getting past the firewall inbound.

I set to work on building my SBC also known as a B2BUA (Back to back user Agent). This is not brain surgery but it does take some VoIP network know-how and a good understanding of Linux.

My first stop was A great open-source SIP server project that is used in countless commercial deployments. I found some recent articles on their mail-list talking about how to setup up Kamailio with Teams, which was a great start. Before we can proceed we must address the elephant in the room, TLS.

More on that in the next “Microsoft Teams Phone System, Direct Routing, and SBCs, a journey. (pt.3)”, to be published next week!

I hope you found this article interesting.

If you have any questions or comments or want your own SBC for Direct Routing, get in touch via or give us a call 1.877.897.1952

microsoft teams, WebRTC

Microsoft Teams Phone System, Direct Routing, and SBCs, a journey. (pt.1)


If you are frustrated by how difficult it is to associate external phone numbers and SIP services (Session Initiation Protocol, the defacto signaling protocol for VoIP) to Teams users, this may be of interest to you. In this article, I will break down my journey from initial research of Microsoft’s inbuilt calling features to the implementation of an external Direct Routing solution using primarily open-source resources. If you are a Microsoft Teams direct routing and SBC (Session Border Controller) aficionado, you might decide to skip this one.

We understand that Microsoft Teams is intrinsically connected to Azure AD (Active Directory) and Microsoft 365, and therefore requires licensing and some training to manage. It can be a complicated beast. That being said, adding phone numbers and calling would seem to be something that Microsoft would have enabled by default? I mean, why would anyone want their customers to jump through hoops to get a phone number for their Teams account? A loaded question to be sure, let’s unpack it.

Getting Started

Recently I have been helping some of my friends, colleagues, and even my son’s teachers get more familiar with Microsoft Teams. I am quite impressed with how far this product has come in recent years. The old Skype For Business app was never my thing, it just felt clunky, but this new Teams app, it’s pretty good! 

The one question I am hearing a lot is, “How can I get a phone number from my existing phone system into Teams?”. It’s been a while since I have looked at this but I was hoping Microsoft had a simple way of enabling basic calling from an external SIP source. I then had a flashback going back several years, I remembered that the process for adding SIP trunks to Skype for Business was arcane and wrought with utter frustration. I was hoping that had improved. Spoiler alert: it has improved, but not by a large margin, especially if you are moving from one Microsoft platform (eg. Skye for Business On-line, Or SfB On-premises) to Teams.

Setting up Microsoft Business Voice and Phone System in Teams

After a bit of research, and familiarizing myself with Azure AD, 365, licensing mechanisms (and Power Shell) and Teams, a few things became clear;

1) Managing policies & licensing is done via Azure Active Directory, the 365 admin center, Power Shell, and Teams Admin.

2) Teams user management is done primarily in Teams admin

3) Calling plans in Teams are fine but not what I would describe as competitively priced.

4) Enabling external phone services is not trivial. 

To expand on that last point, things get much more complicated when you are migrating from existing Lync, Exchange, or Skype for Business Online or on-premises deployments. Microsoft has plenty of information on the topic on their website, so I won’t get into the nitty-gritty details but suffice it to say, you really need a certified Microsoft shop to help you with this.

Enabling Phone System in Teams

To enable calling using Microsoft’s own phone services, we needed the Business Voice License and a Calling Plan license for each user. These are extra costs per subscriber over and above the other 365 fees your organization would need. Then, you can add numbers via the Teams admin console, but ensure you have the correct licensing and policies in 365 admin or you will not see anything. As you can see, there were none available… in the entire United States…

Most shops that are deploying Teams calling have an in-house admin that will know their way around the licensing. For this demo I am using a trial version of Microsoft Office 365 — Enterprise 5/E5, (you can get a trial here) so I can feel the pain from ground zero. 

After a bit more digging, I found out I had not attributed the proper license, of course. Once I had the configuration in proper order, I then saw locations and numbers. I added some numbers to the account and then provisioned them to the users. After a few calls, I was satisfied it was working as per expectations. The admin could pick some number, associate them with users and the number would propagate to the end-user. 

A friend of mine was keen on using Teams to make calls, as his team was using it daily for internal communications. What he wasn’t keen on was paying roughly $22/user (USD)+ extra monthly 365 licensing costs per user. Which is what spurred on this whole journey. Now that I knew what was possible and what it costed, I shifted gears to research any potential support for SIP trunking in Teams, something Microsoft calls Direct Routing.

More on “Microsoft Teams Phone System, Direct Routing, and SBCs, a journey” in Part 2, to be published next Monday!

I hope you found this article interesting.

If you have any questions or comments or want your own SBC for Direct Routing, get in touch via or give us a call 1.877.897.1952

microsoft teams, WebRTC

Microsoft Teams Phone System and Direct Routing. DIY, Certified SBC or Turnkey solution?

Your organization is using Microsoft 365 for office productivity and Microsoft Teams for your video collaboration. Your phone system/PBX is hosted outside of Teams by a third party. In an effort to reduce the number of vendors and the cost in your network you have been charged with moving your phone system to Teams.

Note: We won’t be covering the Microsoft Calling Plans in this post as there is plenty of information out there on that offering.

Your options

  1. DIY, build a Direct Routing SBC from open source components:
    For some this is an interesting best option as it will be the least costly. Be forewarned, it requires good knowledge of the chosen open source project and is not for the faint of heart. This option also requires the most up-front work and ongoing support.
  2. Self-hosted with a certified Microsoft SBC vendor:
    This is a popular option for those who know 365 + Azure AD well and want a certified Microsoft SBC Direct Routing vendor where they can host and maintain the SBC servers along other their other network assets. It also offer the most flexibility as you will have complete control over the assets yourself.
  3. Select a complete solution, SBC as a Service + SIP Trunks:
    More for those who do not want the hassle of maintaining yet another system and are willing to pay a bit more for that peace of mind, this is a good option.

Option 1: DIY + SIP Trunks

We recently wrote a series on building a Microsoft Teams Direct Routing SBC from open source, so we won’t go into too much more detail on that here. Suffice it to say, you need to know your way around Linux and be comfortable with advanced Kamailio configuration in order for this to be a viable option.

Option 2: Certified SBC + SIP Trunks

This is by far the most popular option chosen by IT administrators when building out Direct Routing for Microsoft Teams. Most administrators are fine configuring + administrating their own SBC. There are several options to choose from:

  • Anynode SBC (TE-SYSTEMS)
  • Audiocodes
  • Cisco
  • Oracle (Acme Packet)
  • Ribbon (Sonus)
  • MetaSwitch
  • Thinktel

The full list is here.

Option 3: Turnkey Solution

Of all the options listed here, this is the most recent entrant for Direct Routing configuration. Very few SIP trunk providers provide or have enabled compatibility with Microsoft Teams, but that will surely change. Today there are a few Microsoft Teams SIP Providers that allow you to buy numbers from their carrier pool and associated those numbers with your 365 tenant users and use all the Phone Systems features available in Microsoft Teams.

Which SIP Trunks will work with Microsoft Teams?

For options DIY and Certified SBC, you will also need to find your own SIP Trunk supplier. A SIP Trunk, if you are not familiar, is just another way of saying, VoIP phone service for your phone system. It’s not difficult to find a supplier, in fact it can be a bit overwhelming as there are so many suppliers out there. A simple google search will yield an alarming number of choices. That said, not all SIP Trunk providers are built the same, some are better than others. Many have a free-trial so you can get a feel for the quality and capabilities before going whole hog. It may also be a good idea to join a few of the online forums and ask questions to a larger audience, the Microsoft Teams reddit community is also a good place to start.

Do you have questions? We are usually lurking in chat, found below, feel free to ask any questions you might have!

1 2 3 145 146
Recent Comments
    Privacy Settings
    We use cookies to enhance your experience while using our website. If you are using our Services via a browser you can restrict, block or remove cookies through your web browser settings. We also use content and scripts from third parties that may use tracking technologies. You can selectively provide your consent below to allow such third party embeds. For complete information about the cookies we use, data we collect and how we process them, please check our Privacy Policy
    Consent to display content from - Youtube
    Consent to display content from - Vimeo
    Google Maps
    Consent to display content from - Google
    Consent to display content from - Spotify
    Sound Cloud
    Consent to display content from - Sound