Requirements for Business-to-Business (B2B) Calls To and From Cisco Spark

Document created by Cisco Documentation Team on Feb 7, 2017Last modified by Cisco Documentation Team on Sep 5, 2017
Version 8Show Document
  • View in full screen mode

These requirements are for business-to-business (B2B) SIP calls to and from Cisco Spark. They apply if your users want to make or receive calls between their Cisco Spark apps and third-party enterprises or services that use SIP

These requirements also apply to calling in to Cisco Spark space meeting URIs. Use these requirements if your users are not enabled for Cisco Spark Hybrid Call Services or Cisco Spark Calling.

DNS SRV Test

If you have a Cisco account or are a guest without a support contract, you can test your organization's DNS SRV records and firewall port openings by using the Collaboration Solutions Analyzer tool.

Outbound from Cisco Spark

For Cisco Spark Hybrid Call Service-enabled users, B2B calls happen through their organization's Session Border Controller (SBC), the route patterns, and other configurations in Unified CM for their CTI-RD or Spark-RD.

Cisco Spark Call-enabled users have their SIP B2B calls routed through the shared Cisco Spark-and-WebEx infrastructure. This infrastructure can also connect to destinations that only have a _sip._tcp SRV record.

  • The destination domain must have a SIPS (_sips._tcp) DNS SRV record which points to a Session Border Controller (SBC) and network port that can receive SIP over TLS. For example, by default Expressway-E on port 5061 or a third-party equivalent.

  • The destination address must support SIP URI dialing. Other call protocols or methods are unsupported, such as H.323, IP dialing, ISDN, and Microsoft Lync or Skype for Business.

Mandatory requirements for the destination SBC are:

  • Have a valid fully qualified domain name (FQDN) and points to an IP address of the SBC. The SRV record must reference the FQDN.

  • Present a valid certificate—the current time must be between the not-before and not-after times on the certificate.

Recommended requirements for the destination SBC are:

  • Present a complete certificate chain—server certificate, and signing certificates, including root certificate authority.

  • Present a certificate with a CN or SAN entry that matches the SBC's FQDN, as advertised by the SRV record.

  • Have an appropriate DNS PTR record for its IP address that points back to an FQDN listed in its certificate's CN or SAN fields.

Inbound to Cisco Spark

The calling device must support SIP URI dialing. Other call protocols or methods such as H.323, IP dialing, ISDN, and Microsoft Lync or Skype for Business are unsupported.

Mandatory requirements for the originating SBC are:

  • Support DNS SRV record lookups and can follow them to a Cisco Spark SIP server.

  • Support SIPS as advertised by any SRV records and can negotiate SIP over TLS.

  • Present a valid certificate (current time is between the not-before and not-after times on the certificate) at the Contact field advertised in their SIP headers.

  • Have an appropriate DNS A record that points its FQDN as noted in its Contact field to its originating IP address, if an FQDN is specified in the Contact field.

  • Use a SIP INVITE to initiate the call to Cisco Spark and not an Options ping.

    Note


    If you use a Cisco VCS or Expressway to interwork the call from H.323, you must create a DNS zone for Cisco Spark with the Zone profile set to Custom and Automatically respond to SIP searches set to On.


Recommended requirements for the originating SBC are:

  • Have an appropriate DNS PTR record for the IP address that the FQDN references, and also references back to the FQDN (reverse DNS).

  • Present a certificate with a CN or SAN entry that matches the SBC's FQDN or IP address that is advertised in the Contact field.

  • Present a complete certificate chain—server certificate and signing certificates, including root certificate authority.

Required Firewall and Network Ports

Do not filter on the Cisco Spark-side IP addresses or ports. These are subject to change without notice, depending on demand and other cloud requirements.

  • Signaling to Cisco Spark: TCP 5061–5062

  • Signaling from Cisco Spark: TCP ephemeral port range of 1024–61000

  • Media to Cisco Spark: UDP 5004, 8000–8100, 33434–44598

  • Media from Cisco Spark: UDP 5004, 8000–8100, 33434–44598




Attachments

    Outcomes