Deploy Cisco Spark Hybrid Call Service Aware and Connect

Document created by Cisco Documentation Team on Dec 11, 2015Last modified by Cisco Documentation Team on Sep 8, 2017
Version 90Show Document
  • View in full screen mode
 

Preface for Cisco Spark Hybrid Call Services Deployment

 

This document covers the end-to-end deployment steps for Cisco Spark Hybrid Call Services (Aware and Connect).

  
  •  

    If you want to deploy only Hybrid Call Service Aware, you can use the documentation link below or skip the Hybrid Call Service Connect section. If you want to deploy

      

  •  

    If you want to deploy Hybrid Call Service Connect, you must first deploy Hybrid Call Service Aware.

      

  

Hybrid Call Service Aware Overview

 

Follow these tasks to deploy Hybrid Call Service Aware:

  
 
Complete the Prerequisites for Hybrid Call Service Aware Add and Verify Domains Register the Expressway-C Connector Host to the Cisco Collaboration Cloud Prepare Cisco Unified Communications Manager Users for Hybrid Call Service Aware Configure an Application Account for Call Connector Start the Call Connector Connect Cisco Unified Communications Manager to the Cisco Collaboration Cloud Check Your User Configuration for Hybrid Call Services Verify the Call Connector Status Enable Hybrid Call Service Aware for Users Test Cisco Spark App Screen Sharing and Integrated Call History
 
  

Hybrid Call Service Aware provides the following benefits to you and your users:

  
  • Makes Cisco Spark "aware" of all calls across your existing unified communications system.

     

  •  

    Share your desktops in their Cisco Spark app during a call—no need to set up a formal meeting.

      

    • After the call is connected, a Cisco Spark message space for the callers is moved to the top of the list within the app. If they don't have a space, Cisco Spark instantly creates one.

       

    • Both users simply press a single button to share their desktop when the call is connected.

       

  •  

    View on-premises and Cisco Spark call status and duration.

      

  • Unlock on-premises call history—it is viewable not only from existing devices, but also the Cisco Spark app on any device.

     

        

We recommend that you read the Cisco Spark Hybrid Services Design Guide for a detailed overview of Cisco Spark Hybrid Services, including architectural and design information.

Refer to this diagram which shows the components of Hybrid Call Service Aware architecture and where the connectors integrate the on-premises components with the cloud.

  
 
Figure 1. Connector, On-Premises, and Cloud Components for Hybrid Call Service Aware

  

Management Connector

The management connector is included in the Expressway-C base. You use it to register an Expressway to the cloud and link the Expressway interface with Cisco Spark Control Hub. The management connector plays an important role as the coordinator of all connectors running on the Expressway server or cluster: It provides you with a single point of control for connector activities. The management connector enables cloud-based management of the on-premises connectors, handles initial registration with the cloud, manages the connector software lifecycle, and provides status and alarms.

For an HTTPS connection to be established between the management connector and the cloud, you must update the trust list on the Expressway-C connector host with certificates that were signed by certificate authorities in use by the Cisco Collaboration Cloud. You can allow the Cisco Collaboration Cloud to upload CA certificates to the Expressway-C trust store. Or, in the case where security policies prevent the Cisco Collaboration Cloud from uploading trusted certificate authority certificates on Expressway-C, you may upload them manually.

Call Connector

Hybrid Call Services use the Call Connector software that runs as a module within Cisco Expressway. Call Connector uses APIs to discover user devices configured in Cisco call control and monitors them for call activity. Call events are reported to Cisco Spark, which creates instant meetings and updates Cisco Spark spaces and call history. Call Connector also creates or updates a virtual remote device that represents Cisco Spark within Cisco call control. Call Service Connect uses this remote device to extend calls to Cisco Spark, and to allow calls from Cisco Spark to be identified with the calling user. In addition, Call Service Connect requires a Cisco Expressway firewall traversal solution to enable these calls between Cisco Spark and your existing call control.

The Call Connector is the on-premises component of Hybrid Call Service Aware. The connector runs on a dedicated or shared Expressway-C connector host that you register to the Cisco Collaboration Cloud.


Note


SIP traffic to and from the cloud does not need to be routed to the same Expressway-C on which Call Connector runs. The Call Connector monitors and provisions aspects of users and their devices, but does not handle the calls themselves.


The Call Connector acts like a broker between the cloud and your on-premises call control environment (Cisco Unified Communications Manager, Business Edition 6000/7000, or Hosted Collaboration Solution). In addition to connecting your on-premises environment to the cloud, the connector is used to:
  •      

    Discover users’ telephony devices and associated settings.

         

  •      

    Subscribe for call control event notifications when users are enabled for Hybrid Call Services.

         

  •      

    Resubscribe after an outage.

         

  •      

    Monitor call control activity in your Cisco Unified Communications Manager clusters.

         

  •      

    Hand off calls to the cloud where they are converted to a service-based call experience.

         

  •      

    Use the CTIManager service from your Cisco Unified Communications Manager to monitor your users' phones.

         

  •      

    Provide active/active redundancy if you configure the connector on a second Expressway-C.

         

  •      

    Provide automatic load balancing of users across different Expressway-C connector clusters (1 cluster with 2 nodes)—no manual administration is required.

         

  •      

    Create CTI remote devices with a basic configuration for users of Hybrid Call Service Connect.

         

  •      

    Configure users’ CTI-RDs (remote devices) with a Spark SIP address as remote destination (for Hybrid Call Service Connect).

         

  •      

    Retrieve users’ Directory URIs from Cisco Unified Communications Manager and makes them available to Cisco Spark for reaching users.

         

Requirements for Hybrid Call Services

 

To enable Hybrid Call Service (Aware and Connect), you must use one of the Cisco call controls listed in the table. Cisco Business Edition has Cisco Unified Communications Manager as part of all of its packages, so make sure you have the right version.

  

Hybrid Call Services are supported only with CTI-capable Cisco IP phones and Jabber clients that are registered to Unified CM. Third-party IP phones and clients registered to Unified CM are not supported, neither are IP phones and clients registered to other call control servers (such as Cisco VCS/Expressway, Cisco Meraki, Microsoft Lync/Skype for Business, BroadSoft/BroadWorks).

   
         
Table 1 Cisco Call Control Options
  On-Premises Call Control    Version 
Cisco Unified Communications Manager  

10.5(2) and later for Hybrid Call Service Aware

  
10.5(2)SU5 and later for Hybrid Call Service Aware and Hybrid Call Service Connect. Supported Cisco Spark-RD releases are:
  •  

    10.5(2)SU5

      

  •  

    11.0(1a)SU3

      

  •  

    11.5(1)SU3

      

  •  

    12.0(1)

      

  
Cisco Hosted Collaboration Solution (check to see if your provider is offering Cisco Spark Hybrid Services)  

10.6(1) and later

  
  

You must also obtain one or more of these Cisco Spark offers.

   
            
Table 2 Cisco Spark Offers
  Cisco Spark Applicable Offers    SKU 
Business Messaging  

A-SPK-NU-M1

  
Business Messaging and Basic Meetings  

A-SPK-NU-M2

  
Business Messaging, Basic Meetings, and Advanced Meetings  

A-SPK-NU-M3

  
  

You must deploy Expressway to host the connectors. Organizations using Cisco Hosted Collaboration Solution do not need Cisco Expressway on their premises. Instead, their Hosted Collaboration Solution partner will deploy it in the cloud as part of their Cisco Spark Hybrid Service offering.

   
         
Table 3 Cisco Expressway Details
  Requirements    Version 
 

Cisco Expressway Traversal Pair (Hybrid Call Service Connect)

  
 

X8.7.1 at minimum. For added security and toll fraud mitigation, we recommend X8.9.2 and later.

  
Hybrid Call Service Connect calls are classified the same as Mobile Remote Access (MRA), Business-To-Business (B2B) calls, and the calls traverse existing Expressway C and E pairs.
  •  

    Calls that involve *.ciscospark.com do not count towards the traversal license cost.

      

  •  

    Any B2B calls for a Cisco Spark app after anchoring on the CTI-RD and then routing back out through the Expressways will consume traversal licenses.

      

  
Hybrid Call Service Connect follows existing MRA and B2B preferred architecture planning recommendations.
  •  

    Determine the total number of concurrent MRA, B2B, and Call Service Connect calls

      

  •  

    Deploy the appropriate number of Expressway E/C pairs

      

  •  

    There is no net new Expressway C or E required for Call Service Connect

      

  
Cisco Expressway Connector Host 

You can download the software image from https://admin.ciscospark.com at no charge.

  

We recommend the latest released version of Expressway for connector host purposes. See the "Expressway Support for Cisco Spark Hybrid Services" section below.

  
  

Complete the Prerequisites for Hybrid Call Service Aware

 

Use this checklist to prepare your call control environment. Address these items in advance to ensure smooth set up of Hybrid Call Service Aware and activation of your Cisco Spark users.

  
         
1    Allow extra time to prepare these items first:
  1. Determine your certificate trust method. You can use manual or automatic upload; see "Supported Certificate Authorities" in the related links below for more information.
  2. Verify your identity by registering all the domains that are used to form your users' directory URIs and email addresses. Ensure that the subject alternative names (SANs) belong to the domains that are registered on your Cisco Spark organization.

    See " Why the Cloud Checks Domain Ownership" in the related links below to understand why domain checks are an important security measure.

2    Install or upgrade to supported version of Cisco Unified Communications Manager, as described in Requirements for Hybrid Call Services.
3    Configure one of the following, depending on your deployment:
4    For all SIP trunks between Cisco Unified Communications Manager clusters, go to Device > Trunk, open the trunks, and set the Calling and Connected Party Info Format to Deliver URI and DN in connected party.
5    Enable the following services on at least one node in the cluster (the bootstrap server, which can be the publisher or subscriber node of a cluster):
  • AXL Web Service
  • CTIManager Service
   

We recommend that you enable AXL Web Service and CTIManager Service on at least two nodes in the cluster.

  
6    Ensure that Cisco CallManager Serviceability is enabled on at least one node in the cluster. This service is enabled by default and is used to discover nodes where the AXL Web Service and the CTIManager Service are enabled.
What to Do Next

 

Complete the Expressway-C Connector Host Prerequisites for Cisco Spark Hybrid Services

    

Complete the Expressway-C Connector Host Prerequisites for Cisco Spark Hybrid Services

 

Use this checklist to configure a Expressway-C connector host for Cisco Spark Hybrid Services before you register it to the Cisco Collaboration Cloud to run hybrid services.

  
Before You Begin

 

We recommend that the Expressway-C be dedicated to hosting connectors for Cisco Spark Hybrid Services. You can use the Expressway-C connector host for other purposes, but that can change the supported number of users. See the capacity information below so that you can plan your deployment accordingly.

  
             
1    Obtain full organization administrator rights before you register your Expressway(s),and when you access https://admin.ciscospark.com to administer your organization services to Cisco Collaboration Cloud.
2    Plan your connector capacity and follow the supported Expressway scalability recommendations:
  • For Hybrid Call Services on a dedicated Expressway-C:
    •  

      Call Connector supports multiple Expressway clusters with no specific upper limit.

        

    •  

      Each cluster supports up to two Expressway-C nodes for active/active redundancy.

        

 
  
                     
Table 4 Dedicated Expressway-C
 

Function on the Expressway-C

  
 

Medium OVA

  
 

Notes

  
 

Calendar Connector (on-premises Exchange)

  
 

15000 users

  
 

Dedicated

  
 

Calendar Connector (On-premises Exchange)

  
 

5000 users

  
 

Coresident with call connector

  
 

Call Connector

  
 

5000 users

  
 

Dedicated

  
 

Call Connector

  
 

5000 users

  
 

Coresident with calendar connector

  
 
                     
Table 5 Shared Expressway-C

Function on the Expressway-C

Small OVA

Medium OVA

Notes

Calendar Connector

500 users

 

1000 users (normal operation); 2000 users (simplex failure)1

Coresident with call connector, and signaling and media

Call Connector

500 users

 

1000 users (normal operation); 2000 users (simplex failure)

Coresident with calendar connector, and signaling and media

SIP Signaling and Media for Hybrid Services

500 users

   

1000 users (normal operation); 2000 users (simplex failure)

Coresident with calendar connector and call connector

1 Simplex failure refers to a normally redundant deployment with 1000 users on each of two Expressways, but experiencing a temporary failure of one Expressway. The the remaining Expressway supports 2000 users until redundant operation is recovered.
3    Deploy the Expressway-C connector host in a cluster to account for redundancy.  

Cisco Spark Hybrid Services are highly available if Microsoft Exchange, Unified CM, and Cisco Expressways are deployed in a cluster. The same guidelines that apply to Cisco VCS and Expressway apply for the Expressway-C connector host clustering.

  
4    Follow these requirements for the Expressway-C connector host.
  • Install the minimum supported Expressway software version. See the "Management Connector Release Notes" in the related links below for more information.
  • Install the virtual Expressway OVA file according to the Cisco Expressway Virtual Machine Installation Guide (X8.7), after which you can access the user interface by browsing to its IP address. You can find the document in the list of Cisco Expressway Install and Upgrade Guides on cisco.com.
  • You do not require a release key, or an Expressway series key, to use the virtual Expressway-C for the Cisco Spark Hybrid Services. You may see an alarm about the release key. You can acknowledge to remove it from the interface.
  • Use the Expressway web interface in a supported browser: Internet Explorer 8 or 9 (not in compatibility mode), Firefox 3 or later, or Chrome.

    The interface may work in other browsers, but they are not officially supported. You must enable JavaScript and cookies to use the Expressway web interface.

5    If this is your first time running Expressway, you get a first-time setup wizard to help you configure it for Cisco Spark Hybrid Services. In some versions, if you check the Hybrid Services option in the wizard, you may see a note about the need for a dedicated service. To use the Expressway-C connector host for coresident connectors and SIP signaling and media for hybrid traffic, you may have to bypass the Cisco Spark Hybrid Services option in the configuration wizard.
  1. When the wizard starts, choose Proceed without selecting services. For a coresidence scenario, you may have to uncheck other services first before you can choose this option.
  2. Paste the text from your release key email.
  3. Continue with the configuration wizard.
6    Follow these configuration requirements for the Expressway-C connector host. See the Cisco Expressway Basic Configuration Deployment Guide, in the list of Cisco Expressway Configuration Guides on cisco.com, for details.
  • Basic IP configuration (System > Network interfaces > IP)
  • System name (System > Administration)
  • DNS settings (System > DNS)
  • NTP settings (System > Time)
  • New password for admin account (Users > Administrator accounts, click Admin user then Change password link)
  • New password for root account (Log on to CLI as root and run the passwd command)
7    Follow these master peer configuration steps:
  • Configure the Expressway as a cluster master peer before you register it, even if you do not currently intend to install an extra peer.
  • Register for and configure Cisco Spark Hybrid Services on the master peer of the Expressway-C cluster. However, each peer in the cluster independently downloads and install connectors, and independently connect to Cisco Cloud Collaboration Services using the cluster's shared configuration.
  • Follow the minimum settings required to configure a master peer, but see the Cisco Expressway Cluster Creation and Maintenance Deployment Guide (X8.7) at http://www.cisco.com/c/en/us/support/unified-communications/expressway-series/products-installation-and-configuration-guides-list.html for details:
    •  

      On System > Clustering > Cluster name, enter the FQDN that resolves in DNS to the FQDNs of the peers

        

    •  

      System > Clustering > Peer 1 IP address should be the IP address of this Expressway

        

    •  

      System > Clustering > Configuration master should be 1.

        

    •  

      System > Clustering > Cluster pre-shared key should be a memorable secret (you'll need to enter it on future peers).

        

8    If you have not already done so, open required ports on your firewall. All traffic between Expressway-C and the Cisco Collaboration Cloud is HTTPS or secure web sockets. TCP port 443 must be open outbound from the Expressway-C to *.ciscospark.com, *.wbx2.com, and *.webex.com.
9    Obtain the details of your HTTP proxy if your organization uses one to access the internet. The proxy must support either no authentication or basic authentication, because these are the only authentication types supported by the Expressway
  • We tested and verified Squid 3.1.19 on Ubuntu 12.04.5.
  • We have not tested auth-based proxies.
10    Review these points about certificate trust. You can choose the type of secure connection when you begin the main setup steps.  
 
  •  

    Cisco Spark Hybrid Services requires a secure connection between Expressway-C and Cisco Collaboration Cloud.

      

    You can let Cisco Collaboration Cloud manage the root CA certificates for you. However, if you choose to manage them yourself, be aware of certificate authorities and trust chains; you must also be authorized to make changes to the Expressway-C trust list.

      

  
  

Add and Verify Domains

Before You Begin

 

  •  

    You must own a domain for it to be verifiable.

      

  •  

    For Hybrid Call Service Aware and Hybrid Call Service Connect, verify domains that are contained in your on-premises email addresses and directory URIs.

      

  
         
1    From the customer view in https://admin.ciscospark.com/, go to Settings and under Domains click Add Domain.
2    Enter your domain name and click Add.
3    Click more beside your domain and choose Retrieve verification token.
4    Copy the verification token into your DNS TXT record and add the prefix: ciscocidomainverification=<token>    

If your DNS host supports only one TXT record, add the token on a separate line. If your DNS host supports multiple records, add your token on a single line in its own TXT record.

  
5    Add the DNS TXT record to your DNS server or if your DNS server is configured by an administrator, send the DNS TXT record to your administrator to add to your DNS server.
6    Click Verify next to each domain.  

If the verification fails, the error is cached by your DNS server. Your DNS server clears the cache after the specified length of time in the Time To Live (TTL) setting. You must wait to try again after the DNS server has cleared the cache. You can add the verification token again and request the verification for the domain.

  
If the verification token is found and matched, the domain status changes to verified.
  •  

    You can claim this domain by contacting support. This ensures that only users with this domain can join your organization.

      

  •  

    You can convert users to licensed users in your organization.

      

  
What to Do Next

 

After you claim a domain, other organizations may continue to have users with this domain. To exclusively claim the domain, contact support. Users with a different domain must change their email to join your organization. Users on this domain can't join other organizations.

  

You can convert users to licensed users in your organization.

  
Related Information

Register the Expressway-C Connector Host to the Cisco Collaboration Cloud

   

Cisco Spark Hybrid Services use software connectors to securely connect the Cisco Spark service to your organization's environment. Use this procedure to register your Expressway-C.

    

After you complete the registration steps, the connector software is automatically deployed on your on-premises Expressway-C (the software connector host).

   
Before You Begin

           

  •      

    Sign out of any existing Expressway-C connections that are open in other browser tabs.

         

  •      

    If you're registering a cluster, register the master peer. You don't need to register any other peers, because they register automatically when the master registers. If you start with one node set up as a master, subsequent additions do not require a system reboot.

         

  •      

    If your on-premises environment proxies the outbound traffic, you must first enter the details of the proxy server on Applications > Hybrid Services > Connector Proxy and then complete this procedure. Doing so is necessary for successful registration.

                

    If you enter proxy information for call connector, the call connector automatically detects this configuration.

         

  •      

    The Cisco Collaboration Cloud rejects any attempt at registration from the Expressway web interface. You must register your Expressway through Cisco Spark Control Hub.

         

  •      

    If the registration process times out, or fails for another reason (for example, you must fix certificate errors or enter proxy details), you can restart registration in Cisco Spark Control Hub.

         

         
1    From the customer view in https://admin.ciscospark.com, go to Services, click Set up on the card for the hybrid service you're deploying, and then click Next.
2    Choose a method to register the Expressway-C:
  • For a new connector host—choose the first radio button, click Next, and then enter your Expressway-C IP address or fully qualified domain name (FQDN) so that Cisco Collaboration Cloud creates a record of that Expressway-C and establishes trust. Specify a name, too.
  • For an existing connector host—choose the second radio button, and then choose the node or cluster from the drop-down that you previously registered. You can use it to run more than one hybrid service.
3    For new registrations, click Next, and then click the link to open your Expressway-C. You can then sign in to load the Connector Management window.
4    Decide how you want to update the Expressway-C trust list:          

A check box on the welcome page determines whether you will manually append the required CA certificates to the Expressway-C trust list, or whether you allow Cisco Collaboration Cloud to add those certificates for you.    

      

Choose one of the following options:

     
  • Check the box if you want Cisco Collaboration Cloud to add the required CA certificates to the Expressway-C trust list.
    When you register, the root certificates for the authorities that signed the Cisco Collaboration Cloud certificates are installed automatically on the Expressway-C. This means that the Expressway-C should automatically trust the certificates and be able to set up the secure connection.
    Note             

    If you change your mind, you can use the Connector Management window to remove the Cisco Collaboration Cloud CA root certificates and manually install root certificates.      

          
         
          
  • Uncheck the box if you want to manually update the Expressway-C trust list. See the Expressway-C online help for the procedure.     
    Caution      

    When you register, you will get certificate trust errors if the trust list does not currently have the correct CA certificates. See Certificate Authorities that Must be Trusted by Your Existing Environment for Cisco Spark Hybrid Services.          

          
5    Click Register. After you're redirected to Cisco Spark Control Hub, read the on-screen text to confirm that Cisco Collaboration Cloud identified the correct Expressway-C.
6    After you verify the information, click Allow to register the Expressway-C for Cisco Spark Hybrid Services.      
  •        

    After the Expressway-C registers successfully, the Cisco Spark Hybrid Services window on the Expressway-C shows the connectors downloading and installing. The management connector automatically upgrades itself if there is a newer version available, and then installs any other connectors that you selected for the Expressway-C connector host.

           

  •        

    Each connector installs any new interface windows. You can use these to configure and activate that connector. You can access them on the Applications > Hybrid Services menu on your Expressway-C connector host.

           

 

Troubleshooting Tips

If registration fails and your on-premises environment proxies the outbound traffic, review the Before You Begin section of this procedure.

Certificate Authorities that Must be Trusted by Your Existing Environment for Cisco Spark Hybrid Services

 

       

The table lists the Certificate Authorities that your on-premises or existing environment must trust when using Cisco Spark Hybrid Services.

    

If you opted to have Cisco Collaboration Cloud manage the required certificates, then you do not need to manually append CA certificates to the Expressway-C trust list.

    

Note


    

The issuers used to sign the Cisco Collaboration Cloud host certificates may change in future, and the table below may then be inaccurate. If you are manually managing the CA certificates, you must append the CA certificates of the issuing authorities that signed the currently valid certificates for the hosts listed below (and remove expired/revoked CA certificates).

    
    
 
                     
      

Cloud hosts signed by this CA

      
      

Issuing CA            

      
      

Must be trusted by

      
      

For this purpose

      

CDN

      
       O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root            

        Expressway-C            

      
      

To ensure Expressway downloads connectors from a trusted host      

      
      

Common Identity (CI) service

      
O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority            

Windows Server 2003 or Windows Server 2008 hosting the Directory Connector

       

Expressway-C            

      
      

To synchronize users from your Active Directory with Cisco Collaboration Cloud and to authenticate Cisco Spark Hybrid Services users

      
      

Cisco Spark      

      
O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority            

Expressway-C            

      
      

      

      

Prepare Cisco Unified Communications Manager Users for Hybrid Call Service Aware

Follow these steps and confirm these settings for each user that you want to configure for Hybrid Call Service Aware. You must prepare your on-premises user accounts and an associated CTI-enabled device for each user in Cisco Unified Communications Manager. This configuration is required before you enable Hybrid Call Service Aware for them.

Before You Begin

  •  

    Register the Expressway-C Connector Host to the Cisco Collaboration Cloud

      

  •  
    When you set up Hybrid Call Services, you cannot activate a user with only an Extension Mobility profile and no associated device. For a user who is associated to a device and has an Extension Mobility profile,
    •  

      Both Hybrid Call Service Aware and Hybrid Call Service Connect activate.

        

    •  

      Hybrid Call Service Connect should work.

        

    •  

      Hybrid Call Service Aware does not create a screen sharing session for calls that include Extension Mobility devices.

        

  • Your users must have the Cisco Spark app installed and be signed in to use screen sharing while on a call—Windows, Mac, and Web are supported on desktop; Android and iOS are supported on mobile for viewing screen shares.

      

           
1    From Cisco Unified CM Administration, go to User Management > End Users, choose any criteria, click Find, and then open the user account that you want to configure.
2    Verify that Mail ID contains the user's email address.
3    Verify that the user has a valid directory URI that contains the same domain as your organization.
4    Move any desk phones or other devices to Controlled Devices.  

Call Connector monitors the phone that you move to the control list. Users can control these devices from their Cisco Spark apps.

  
5    Set the primary extension to the user's directory number.
6    Click User Device Association, and then the device icon with the check mark.
7    For devices associated with the user, check the Allow Control of Device from CTI check box.
8    Save any changes you made.
What to Do Next

 

Configure an Application Account for Call Connector

  

Configure an Application Account for Call Connector

Configure an administrator account with the required AXL and CTI access permissions. Call Connector uses this account to communicate with Cisco Unified Communications Manager, monitor any user's phone, and validate user configuration.

      
1    From Cisco Unified CM Administration, go to User Management > Application User, and then choose one: .
  • Click Find and, from the list, choose the administrator account that the Call Connector will use to communicate with Cisco Unified Communications Manager.
  • Click Add New to create a new application user account.
2    Configure the account with the following roles:
  • Standard AXL API Access
  • Standard CTI Allow Control of all Devices
  • Standard CTI Allow Control of Phones supporting Connected Xfer and conf
  • Standard CTI Enabled
  • Standard CTI Allow Control of Phones supporting Rollover Mode
3    Click Save.
What to Do Next

 

Start the Call Connector

  

Start the Call Connector

Manually enable the Call Connector after you register your Expressway-C for Cisco Spark Hybrid Services.

      
1    From Cisco Expressway Base, go to Applications > Hybrid Services > Connector Management, and then click Call Connector.
2    Choose Enabled from the Active drop-down list.
3    Click Save.

The Call Connector starts and the status changes to Running on the Connector Management window.

What to Do Next

 

Connect Cisco Unified Communications Manager to the Cisco Collaboration Cloud

  

Connect Cisco Unified Communications Manager to the Cisco Collaboration Cloud

   

To enable Hybrid Call Service Aware, you must link Call Connector to your Cisco Unified Communications Manager environment by entering server information for a single node. This step provides a bridge between Cisco Unified Communications Manager and the Cisco Collaboration Cloud, with the connector acting as the broker between the two.

 
Before You Begin

           

  • Start the Call Connector

     

  •      

    For each cluster in your call environment, you must only enter server information in the call connector for a single Cisco Unified Communications Manager node. The node doesn't have to be primary, but enter one that is enabled for AXL Web Service and Cisco CallManager Serviceability.

         

  •      

    The call connector maintains a resilient connection between your cluster and the cloud. The connector is aware of all the server nodes in your cluster, so you only need to add one to the Expressway-C connector host. If a specific node goes down in the cluster, the connector will move to another server.

         

        
1    From Expressway-C, go to Applications > Hybrid Services > Call Service > Unified CM Servers, and then click New.
2    Enter the hostname or IP address of a single Cisco Unified Communications Manager node on which Cisco AXL Web Service and Cisco CallManager Serviceability are enabled.
3    Enter the credentials of the Call Connector account that you configured for Call Connector to connect to Cisco Unified Communications Manager.    

Enter a single node per cluster. The connector will automatically discover the other nodes in a cluster environment and identify those that can service CTI and AXL requests.

4    Click Verify  Credentials to test the connection and authentication  for the provided credentials.

After the page refreshes, a new Hybrid Call Service Connect Configuration section appears. You can disregard this section if you don't plan to configure Hybrid Call Service Connect or will do so later.

5    After the connection test is successful, click Add to store the Call Connector configuration on the Expressway-C.
What to Do Next

   

Check Your User Configuration for Hybrid Call Services

   

Check Your User Configuration for Hybrid Call Services

With the user validation check, you can check whether Cisco Unified Communications Manager users are properly configured for Hybrid Call Service Aware and Hybrid Call Service Connect. The test checks all the configuration prerequisites, such as email, directory URI, and Cisco Spark remote device settings. To assist with your configuration or troubleshooting, you can save any user errors or warnings as a CSV file.

  

To prevent activation errors, we recommend that you run this test and address any configuration issues before you activate users for Hybrid Call Services in Cisco Spark Control Hub.

       
1    From the Expressway-C connector host, choose Applications > Hybrid Services > Call Service > Unified CM Servers, and choose the registered Cisco Unified Communications Manager that you want to check.
2    Perform one of the following steps:
  • Upload a CSV file of a user list if you want to check the configuration of specific user accounts, and then click Run (Specific User List).
  • Click Run (All Users) to check the configuration of all the user accounts registered to the Cisco Unified Communications Manager.
 

A report appears with user accounts that contain configuration errors or warnings.

3    Save the information as a CSV file and use it as a checklist to fix user and system settings in Cisco Unified Communications Manager.
4    Address any configuration issues in the Cisco Unified Communications Manager device and user settings.
What to Do Next

 

Verify the Call Connector Status

  

Verify the Call Connector Status

Before you enable your users for Hybrid Call Service Aware, ensure that you correctly installed the Call Connector.

From Expressway-C, go to Applications > Hybrid Services > Call Service > Call Connector Status, and then verify the configuration items in the Status column.
What to Do Next

 

Enable Hybrid Call Service Aware for Users

  

Enable Hybrid Call Service Aware for Users

Use this procedure to enable individual Cisco Spark users for Hybrid Call Service Aware.

  

See the links below for alternative ways to enable services for your Cisco Spark users.

Before You Begin

 

  
      
1    From https://admin.ciscospark.com, go to Users.
2    Choose a specific user from the list, or use the search to narrow the list. Click the row to open an overview of the user.
3    Click Call Service, click the toggle for Aware to turn it on, and then save your changes.   

After you activate the service, the Cisco Spark user status changes from Pending Activation to Activated. The length of time for this change depends on the number of users that you're enabling for the service.

  
You can also view the following information from Call Service page on the user's overview under the Aware section:
  
What to Do Next

 

Test Cisco Spark App Screen Sharing and Integrated Call History

  

Test Cisco Spark App Screen Sharing and Integrated Call History

To verify that Hybrid Call Service Aware was deployed correctly, walk through a test call with your users to verify the expected behavior.

Before You Begin

 

  •  

    Enable Hybrid Call Service Aware for Users

      

  • Before a test call, users may have to do a combination of the following steps:
    • Start their Cisco Spark apps for Windows or OS X.

        

    • Bring their apps to the foreground.

        

    •  

      Instruct any users you call to answer the incoming call on their desk phones.

        

      
  
       
1    From an on-premises desk phone, call another user who you configured for Hybrid Call Service Aware.   

If the called user picked up on desk phone, in your Cisco Spark app for Windows or OS X, you both see updates in your space, indicating the duration of the active call. The call control window shows the button that you press to start an instant screen share.

  
2    Perform these steps to test that each user can start a screen share:
  1. Click to start an instant screen share from the app. Choose your monitor, if prompted.
  2. Instruct the other user to start a screen share while yours is running.  

    When the second share starts, the first share stops immediately.

      
3    End the call from the desk phone.

The call control window disappears, and any in-progress screen share ends immediately. The space shows the total duration of the call, but no longer indicate that the call is in progress.

4    From the Cisco Spark app, click Call to view the call history.
What to Do Next

 

  •  

    If you notice unexpected behavior from this test, see the known issues and limitations with Hybrid Call Services. You can also submit feedback in https://admin.ciscospark.com to open a ticket.

      

  •  

    To add more hybrid calling features, integrate your call control with Cisco Spark even further: you can set up Hybrid Call Service Connect to turn Cisco Spark app into a softphone. Your users can place and receive calls with the app the same way they would from their desk phones.

        

  

Hybrid Call Service Connect Overview

 

After you deploy Hybrid Call Service Aware, follow these tasks to deploy Hybrid Call Service Connect:

  
 
Complete the Prerequisites for Hybrid Call Service Connect Enable Hybrid Call Service Connect for Your Organization Configure Cisco Unified Communications Manager Settings for Hybrid Call Service Connect Configure Remote Devices Automatically from the Call Connector Create a Manual Remote Device to Associate with a Unified CM User https://help.webex.com/docs/DOC-5571 Configure an On-Premises User for Hybrid Call Service Connect Configure Call Processing Language Rules on Expressway-E (X8.9.1 and Later) Update the Expressway-E Trust List with Cisco Collaboration Cloud Certificates Configure Services and Mutual TLS Authentication Between a New Expressway-E and the Cisco Collaboration Cloud Create the DNS Zone (Expressway-E to Cisco Collaboration Cloud) Configure a Secure Traversal Server Zone from Expressway-E to Expressway-C Restart the Call Connector from the Expressway-C Configure a Secure Traversal Client Zone From Expressway-C to Expressway-E Create an Expressway-C Neighbor Zone for each Unified CM Cluster Configure Search Rules on Expressway-C https://help.webex.com/docs/DOC-5361 Enable Hybrid Call Service Connect for Cisco Spark Users Place Test Calls to Verify Hybrid Call Service Connect Configuration Create Inbound and Outbound Search Rules on Expressway-E
 
  
Hybrid Call Service Connect works on top of Hybrid Call Service Aware and provides the following benefits to you and your users:
  •  

    Connects Cisco Spark with Cisco Unified Communications Manager so that they work together.

      

  •  

    The Cisco Spark app can be used as a mobile soft client for voice and video calling and shares an extension with users Cisco desk phone. For global reachability, every call is presented to the users' Unified CM devices and the Cisco Spark app in a way similar to a shared line.

      

  •  

    Users can answer calls on their desk phone or on the Cisco Spark app, and use the app to make and receive calls as if they were in the office.

      

  •  

    Use Cisco Spark, Cisco Jabber, or your desk phone to call without worrying about which option you or the other person is using. The Cisco Spark app has the same PSTN restrictions as the associated Unified CM device.

      

  

We recommend that you read the Cisco Spark Hybrid Services Design Guide for a detailed overview of Cisco Spark Hybrid Services, including architectural and design information.

  
Refer to this diagram which shows the components of Hybrid Call Service Connect architecture and where the connectors integrate the on-premises components with the cloud. The architecture for Hybrid Call Service Aware must already be in place, and then you add an Expressway pair to it.
Figure 2. Connector, On-Premises, and Cloud Components for Hybrid Call Service Connect

  

Complete the Prerequisites for Hybrid Call Service Connect

Use this checklist to prepare your call control environment for Hybrid Call Service Connect. Address these items in advance to ensure smooth set up of Hybrid Call Service Connect and activation of your Cisco Spark users. Refer to the related links below for more information.

        
1    Deploy Hybrid Call Service Aware, which is a mandatory prerequisite for Hybrid Call Service Connect.

Deploy Hybrid Call Service Aware

2    Allow extra time to prepare these items:
  • Prepare your Expressway-E for the secure mutual TLS connection between Cisco Spark and your call control environment:
    • For an SRV record (multiple Expressway-Es for redundancy):
      •  

        If you have an existing SRV, allow the time to request a dedicated SRV for Hybrid Call Service Connect and use port 5062. The SRV record resolves into Expressway-E A-records; the hostname is the A-record for Expressway-E.

          

      •  

        Request that port 5062 be open on the enterprise firewall.

          

      •  

        Make sure the port is open to and from the Internet.

          

      •  

        Verify that the mutual MTLS port is reachable by using a ping utility—for example, telnet [domainname or ip] [port] in a command prompt.

          

    • If you don't have time to request a dedicated SRV domain or don't want to wait, you can use hostname:port to avoid blocking the rest of setup.

       

    See "TCP Port 5062 on Internet Firewall" below for more information.

  • Follow these Expressway pair requirements:

    The Call Connector can run on a standalone or shared Expressway-C connector host, not the C or E in the Expressway pair. See the links below for the version support statement for the Expressway-C connector host.

    You can use an Expressway pair that's already configured for B2B or MRA deployments. You cannot use a Jabber Guest Expressway pair to handle Hybrid Call Service Connect calls.

     

    See "Multiple Expressway Deployments" in the links below if you have a multi-region call control environment.

  • Determine your certificate trust method. You can use manual or automatic upload; see "Supported Certificate Authorities" in the links below for more information.
  • Verify your identity by registering all the domains that are used to form your users' directory URIs and email addresses. Ensure that the subject alternative names (SANs) belong to the domains that are registered on your Cisco Spark organization.

    See "Why the Cloud Checks Domain Ownership" in the links below to understand why domain checks are an important security measure.

3    Open ports for media traversal between phones, Expressways, and the Cisco Collaboration Cloud.
                

Client

Ports

Protocol

Function

Expressway pair

36000–59999

UDP

SIP media between phones and Expressways. Open these ports on the Expressways themselves.

Cisco Spark app

33434–33598

TCP/UDP

Cisco Spark Hybrid Services media.

4    (Optional)   Download the latest Directory Connector software from https://admin.ciscospark.com and use it to import user attributes from your Active Directory:
  • Enterprise work phone numbers
  • Email addresses—These must match the user's Cisco Spark user email address.
   

For more information about how to use Directory Connector, see the documentation below.

  
5    Follow these Cisco Unified Communications Manager requirements:
  • Install or upgrade your Cisco Unified Communications Manager to the minimum supported version, as described in Requirements for Hybrid Call Services.
  • Prepare your licensing:

    The CTI remote device counts as a device for Cisco Unified Communications Manager licensing purposes. We recommend that you request temporary licensing from Global Licensing Operations.

  • Configure Directory URIs in one of the following ways:
  • Check your codec configuration.
    Cisco Spark supports the following codecs:
    •  

      Audio—G.711, G.722, AAC-LD

        

    •  

      Video—H.264

        

  • Configure the following settings to be used for CTI remote device (CTI-RD) or Spark remote device (Spark-RD) creation:
    •  

      Device pools

        

    •  

      Locations

        

    •  

      Calling search spaces

        

      Note        

      The calling search space must be able to route to partition of the PSTN gateway or trunk, as well as any other destinations that you want Cisco Spark users to be able to reach (conference bridges, enterprise-to-enterprise trunks, and so on).

        
        

    •  

      Note these values. You will use them when you create CTI-RDs or Spark-RDs for your users.

        

  • If you're using CTI-RDs and video-capable endpoints, configure the endpoints to avoid audio-only calls by using "Configure and Register IOS-Based Media Termination Points (MTPs) for Hybrid Call Service Connect" below:

    Insertion of a Unified Communications Manager server-based MTP (media termination point) results in audio-only calls, when video-capable endpoints and CTI-RDs for hybrid calling are involved. Instead, use an IOS-based MTP for DTMF interworking.

   

To support user-friendly mobile and web dial plans, Cisco Spark performs digit manipulation before sending the dialed digit to enterprise call control. Cisco Spark transforms a national PSTN dial plan (for example, convert (214) 555-2121 into +12145552121), but does not transform a private extension dial plan. A valid national number is converted to E.164 format based on the locale of the Cisco Spark user. See the Dial Plans chapter in the Cisco Collaboration System Solution Reference Network Designs (SRND) guide for information about the role of dial plans and digit manipulation.

  
What to Do Next

 

Enable Hybrid Call Service Connect for Your Organization

  

Enable Hybrid Call Service Connect for Your Organization

Use this procedure to begin the initial setup in Cisco Spark Control Hub. These settings ensure that Hybrid Call Service Connect is first enabled for your organization before you do further configuration. You specify the desired subdomain for your company, and that setting create Spark SIP addresses to identify users in the Cisco Collaboration Cloud. Then, you toggle on Hybrid Call Service Connect. Last, you enter the SIP destination address which resolves to your Expressway-E in the call traversal pair.

Before You Begin

 

          
1    From the customer view in https://admin.ciscospark.com, perform one of the follow steps:
  • From the first-time setup wizard for a new organization, choose Enterprise Settings
  • For an existing Cisco Spark organization, go to Settings, and then scroll to Spark SIP Addresses.
2    Follow the on-screen instructions to configure a custom SIP subdomain for your organization.  

This subdomain value creates individual Cisco Spark SIP addresses for each user. The addresses are used to receive calls from any standards-based SIP calling service. See the link below for more information.

  
3    Go to Services, and then click Settings on the Hybrid Call card.
4    Toggle the Connect setting on to enable the service for your organization.  

If this setting is not available, you must first deploy Hybrid Call Service Aware before you can proceed. See the links below for guidance.

  
5    Scroll to the SIP Destination field on the same page, and then enter a network value that resolves to your Expressway-E and the SIP mutual TSL port.  

Choose one:

  
  • hostname:port
  • SRV domain
    •  

      As an example, enter the bold portion for the following SRV domain: _sips._tcp.sipmtls.example.com.

        

  • IP address:port
   
Tip        

The SRV record can take time to request. If you want to start a trial or pilot, you can use hostname:port so that you can proceed with the setup steps. You can modify this setting later and use the SRV record when that becomes available.

  
  
6    Save your changes.
7    (Optional)   Browse to and upload your self-signed custom certificates.

For more information about manual certificate management, see the link below.

What to Do Next

 

Configure Cisco Unified Communications Manager Settings for Hybrid Call Service Connect

  

Unified CM

Configure Cisco Unified Communications Manager Settings for Hybrid Call Service Connect

Configure Cisco Unified Communications Manager to receive calls directly from Expressway-E. This configuration enables cloud-to-enterprise URI routing.

Before You Begin

 

          
1    From Cisco Unified CM Administration on your publisher node, go to System > Enterprise Parameters, scroll to Clusterwide Domain Configuration, and then check the value for the Cluster Fully Qualified Domain Name field.
2    If the field is empty or the field contains domain entries with wildcards, enter a new value that is specific to Hybrid Call Service Connect that follows these guidelines:   
                   
 

FQDN Guideline

  
 

Description and Example

  
 

Multiple clusters

  
 

The entry must be unique for each cluster—For example, cluster1.example.com, cluster2.example.com, and so on.

  
 

No wildcards

  
 

Do not use entries such as *.example.com or example*.com.

  
 

First FQDN entry for Hybrid Calling

  
 

In a list of multiple entries, the Cisco Collaboration Cloud uses the first entry for Hybrid Call Service Connect, and that first entry must not contain a wildcard.

  

For example: cluster1.example.com *.example.com example*.com

  
 

Different from Expressway-E

  
 

Must be different from the Expressway-E system, DNS, and domain name. Otherwise, Expressway-E strips the route header.

  
 

New entry for Hybrid Calling

  
 

If your current FQDN entry in Unified CM doesn't meet the requirements listed above, you can add a new element to the beginning of the cluster FQDN setting for Hybrid Call Service Connect

  

For example, if your existing FQDN setting in Cisco Unified Communications Manager is *.example.com *.example.org, add a unique, non-wildcard entry at the beginning of the field: "cluster1.example.com *.example.com *.example.org"

  

You are not required to restart Cisco Unified Communications Manager or services for a cluster FQDN change to take effect.

3    Record or write down the name of the FQDN value that you want to use for Hybrid Call Service Connect. You need it for this procedure: Configure Search Rules on Expressway-C.
4    Go to Device > Device Settings > SIP Profile to create a new SIP profile that is based on the Standard SIP Profile For Cisco VCS template.
  1. Click Find, choose Standard SIP Profile For Cisco VCS, and then click Copy.
  2. Enter a name for the new profile—for example, Standard SIP Profile for Cisco Spark Hybrid Calling.
  3. Scroll to Trunk Specific Configuration, and then set Early Offer support for voice and video calls to Best Effort (no MTP inserted).

    You can apply this setting to a new SIP trunk to the Cisco Collaboration Cloud (routed by external domain ciscospark.com). The setting does not affect any existing SIP trunking or call routing.

  4. Leave all other fields with their default values and save your changes.
5    (Optional)   If your Expressway pair runs MRA or B2B, go to System > Security > SIP Trunk Security Profile and create a new SIP trunk security profile for Cisco Spark Hybrid Services.
  1. Enter a name for the new profile that is related to Cisco Spark or Hybrid Call Services—for example, SIP Trunk Security Profile for Cisco Spark Hybrid Calling.
  2. Leave the Enable Digest Authentication check box unchecked.
  3. Do not set the incoming port value to 5061. Instead, change to an appropriate alternative—We recommend 5561.
    We recommend that you use TLS. This setting doesn't require Unified CM to be in mixed mode. In this case, you must specify the following:
    • Transport type—TLS instead of TCP/UDP

       

    • X.509 Subject Name—Must match one of the Subject Alternative Names (SANs) of the Expressway-C.

       

     
  4. Leave all other fields with their default values and save your changes.
6    Go to Device > Trunk to create a new SIP trunk to the Expressway-C, and then link the Cisco Spark SIP profile to this trunk.
  1. Choose SIP Trunk as the trunk type; leave the other settings, and click Next.
  2. Configure these settings and leave the defaults for any settings not mentioned:
                       

    Field Name

    Value

    Name

    Hybrid_Calling_SIP_Trunk (for example)

    Device Pool

    Choose a device pool that contains the device-specific settings that you want the SIP trunk to inherit.

    Calling and Connected Party Info Format

    Deliver URI and DN in connected party, if available

    This setting enables blended identity. It allows the SIP trunk to transmit the enterprise-side party's directory URI to Cisco Spark.

    Destination Address

    Enter the Expressway-C node addresses in the fields.

    SIP Profile

    Standard SIP Profile for Cisco Spark Hybrid Calling (for example)

  3. Save your changes.
7    Go to Call Routing > SIP Route Pattern to create a pattern that matches the Cisco Spark SIP address IPv4 pattern.  
  
                   
 

Field Name

  
 

Value

  
 

IPv4 Pattern

  
 

*.ciscospark.com

  
 

Pattern Usage

  
 

Domain Routing

  
 

Description

  
 

Routing to Cisco Spark

  
 

SIP Trunk/Route List

  
 

Choose the trunk you created—Hybrid_Calling_SIP_Trunk (for example)

  
 

SIP Profile

  
 

Standard SIP Profile for Cisco Spark Hybrid Calling (for example)

  
  
  
Combine Cisco Spark Hybrid Call Services with other solutions, such as B2B and MRA
  •  

    You can run Cisco Spark hybrid calls, B2B calls, and MRA calls across the same Expressway.

      

  •  

    If MRA is set up on your Expressway: For the trunk that you create for Cisco Spark, use a port other than 5060/5061 on Cisco Unified Communications Manager. This setup avoid conflicts with MRA calls and device registrations. On Cisco Unified Communications Manager, set up the Device Security Profile for your Cisco Spark trunk to use a port other than 5060 or 5061.

      

  •  

    If B2B is set up on your Expressway: You can reuse your existing B2B trunks between Cisco Unified Communications Manager and Expressway for Cisco Spark hybrid calls. If you want to run B2B calls and Cisco Spark hybrid calls on separate trunks between the Expressway-C and Cisco Unified Communications Manager, you cannot run TLS on both trunks at the same time. See this bug overview for more information.

      

What to Do Next

 

Configure an On-Premises User for Hybrid Call Service Connect

Configure an On-Premises User for Hybrid Call Service Connect

Configure Unified CM users so that their corresponding Cisco Spark accounts in the cloud are activated with the correct call settings. Call Connector does not create the remote destination on the user's CTI remote device unless all settings are properly configured.

  

Alternatively, you can use the procedure in the links below to configure users and remote devices using the Bulk Administration Tool in Unified CM.

       
1    From Cisco Unified CM Administration, go to User Management > End User, and then open the user's account.
2    Under the user's service settings, check the Home Cluster checkbox.  

Configure this setting on the Cisco Unified Communications Manager where each user is homed and where their devices are registered.

  
3    Under the user's mobility information, check Enable Mobility—a requirement before you can associate a CTI or Spark remote device to this user.
4    Save your changes.
What to Do Next

 

Perform one of the following tasks to create remote devices to associate with each user:

     

Configure Remote Devices Automatically from the Call Connector

Every Hybrid Call Service Connect user requires a virtual device: a Cisco Spark remote device (recommended option) or a CTI remote device (interim option). This virtual device is attached to a user's work number and links the user's Cisco Spark account SIP identity to the enterprise SIP identity so that calls anchor on the Unified CM side or fork to the Cisco Spark cloud side. From a technical standpoint, the remote device masks outbound calls from Cisco Spark and displays the user's work number for calls from the Cisco Spark app. Incoming calls also ring both the user's Cisco Spark app and desk phone.

To automate your configuration, on the Expressway-C connector host you can create remote devices for all your users in one step. The connector shows the remote device field values from your Cisco Unified Communications Manager, and then you can choose the values specific to your deployment. After the connector creates the remote devices, they are automatically moved to the users' control lists and their Cisco Spark SIP addresses are automatically created as remote destinations.

Before You Begin

   

  • Configure Cisco Unified Communications Manager Settings for Hybrid Call Service Connect

     

  •  

    Cisco Spark remote devices (Spark-RDs) are strongly recommended for your hybrid deployment because they do not require a license or MTP insertion, and contain further bug fixes. To use this option, you must use Unified CM 10.5(2)SU5, 11.0(1a)SU3, 11.5(1)SU3, or 12.0(1). For unsupported releases, the CTI-RD is used instead, which requires a license and insertion of an MTP. For manual and automatic creation on a supported release, you must use Cisco Spark-RDs for new activations. CTI-RDs created with an earlier release will continue to work until they are migrated to Cisco Spark-RDs.

      

  •  

    If you choose automatic configuration, a new remote device (CTI or Cisco Spark) is created when the new user is activated in https://admin.ciscospark.com.

      

       
1    From the Expressway-C connector host, go to Applications > Hybrid Services > Call Service > Unified CM Servers, and then the Cisco Unified Communications Manager node that you configured.
2    For Cisco Spark Remote Device Configuration Type, choose Automatic.  
Caution        

When using automatic remote device configuration, do not manually create a remote device and add the Cisco Spark SIP address as a remote destination.

  
  
3    Choose values from the prepopulated lists for the Device Pool, Location, Calling Search Space, and Reroute Calling Search Space.
If you use the automatic creation, these settings are shared across all of the Spark-RDs. Read these documents to understand the settings:
  •  

    Device pools

      

  •  

    Locations

      

  •  

    Calling search spaces

      

    Note        

    The calling search space must be able to route to the partition of the PSTN gateway or trunk, and any other destinations that you want your Cisco Spark users to be able to reach (conference bridges, enterprise-to-enterprise trunks, and so on).

      
      

4    Click Add to automatically create the Spark-RDs.
What to Do Next

 

Begin configuration of Expressway-E for Hybrid Call Service Connect.

  

Enterprise calls are securely routed over the Expressway pair. If you want to reuse an existing pair, some of the required traversal configuration for Hybrid Call Service Connect may already be in place. However, read the procedures that follow to ensure that Expressway-E and Expressway-C are correctly configured.

     

Create a Manual Remote Device to Associate with a Unified CM User

Every Hybrid Call Service Connect user requires a virtual device: a Cisco Spark remote device (recommended option) or a CTI remote device (interim option). This virtual device is attached to a user's work number and links the user's Cisco Spark account SIP identity to the enterprise SIP identity so that calls anchor on the Unified CM side or fork to the Cisco Spark cloud side. From a technical standpoint, the remote device masks outbound calls from Cisco Spark and displays the user's work number for calls from the Cisco Spark app. Incoming calls also ring both the user's Cisco Spark app and desk phone.

  

Alternatively, you can use the procedure in the links below to configure users and remote devices using the Bulk Administration Tool in Unified CM.

Before You Begin

 

  •  

    Configure an On-Premises User for Hybrid Call Service Connect

      

  •  

    Follow the remote device creation steps only if you didn't automatically create remote devices from the connector on the Expressway-C connector host.

      

  •  

    A user can have multiple CTI remote devices, but only one can be in the list of controlled devices. Call Connector will automatically create the remote destination, which contains the user's Cisco Spark SIP address.

      

  
             
1    From Cisco Unified CM Administration, go to Device > Phone, then Add New, and then choose one:
  • Cisco Spark Remote Device
  • CTI Remote Device
2    For Owner User ID, specify the user who you are configuring.
3    Enter a meaningful Device Name.
4    For line association, specify the user’s primary extension (the user’s shared line).
5    Ensure that the partition used by the SIP route pattern is listed in the remote device's rerouting calling search space (CSS). The route from the remote device to the SIP trunk happens through the rerouting CSS.  
Use these documents to understand the settings that the remote device uses:
  

The calling search space must be able to route to the partition of the PSTN gateway or trunk, as well as any other destinations that you want Cisco Spark users to be able to reach (conference bridges, enterprise-to-enterprise trunks, and so on).

  
6    Save your changes.
7    From Cisco Unified CM Administration, go to User Management > End User, and then open the user's account.
8    Under Device Information, click Device Association.
9    Specify any search criteria and click Find.
10    Check the remote device that you created, and then save your changes.  

The remote device is associated to the user and is added to the controlled devices list. The Cisco Spark SIP address is automatically created as the remote destination.

  
What to Do Next

 

Begin configuration of Expressway-E for Hybrid Call Service Connect.

  

Enterprise calls are securely routed over the Expressway pair. If you want to reuse an existing pair, some of the required traversal configuration for Hybrid Call Service Connect may already be in place. However, read the procedures that follow to ensure that Expressway-E and Expressway-C are correctly configured.

     

Expressway-E

Update the Expressway-E Trust List with Cisco Collaboration Cloud Certificates

Your Expressway-E must trust the certificate issuer of the server certificates that are passed by the server during the client/server SSL handshake with the Cisco Collaboration Cloud. To establish this trust, you must add these certificates to the trusted CA list on your Expressway-E.

Before You Begin

 

If you don't have an existing Expressway pair deployed, read the following documents (Release X8.7 and later) to design your new Expressway pair to work together:

  • If you're on release X8.7.1 or X8.9 and later:

    1. From Expressway-E, go to Applications > Cloud Certificate management.
    2. Click Get certificates for the cloud to automatically add and manage the certificates.
  • If you're on a different release and don't see the Cloud Certificate management menu option:

    1. Sign into your Expressway-E.
    2. Add /fusioncerts to the end of the URL.
    3. Click Get certificates for the cloud to automatically add and manage the certificates.
  • To verify the added certificates, go to Maintenance > Security certs > Trusted CA certificate to view the entries that were added.

Configure Services and Mutual TLS Authentication Between a New Expressway-E and the Cisco Collaboration Cloud

If Expressway-C and Expressway-E are dedicated to Hybrid Call Service Connect, or more generally to Cloud services using Mutual TLS only (such as Hybrid services and CMR Hybrid), you don't require H.323, SIP UDP, SIP TCP and SIP TLS on Expressway-E.

Before You Begin

 

         
1    From Expressway-E, go to Configuration > Protocols > H.323, and then set H.323 mode to Off, and then save your changes.
2    Go to Configuration > Protocols > SIP, and then configure these settings:
                                                                                         

Field Name

Value

 

Configuration

  

SIP mode

On

UDP mode

Off

 

UDP port

  
 

5060

  

TCP mode

Off

 

TCP port

  
 

5060

  

TLS mode

On

 

TLS port

  
 

5061

  

Mutual TLS mode

On

Mutual TLS port

5062

 

TCP outbound port start

  
 

25000

  
 

TCP outbound port end

  
 

29999

  
 

Session refresh interval (seconds)

  
 

1800

  
 

Minimum session refresh interval (seconds)

  
 

500

  
 

TLS handshake timeout (seconds)

  
 

5

  
 

Certificate revocation checking

  
 

Certificate revocation checking mode

  
 

Off

  
 

Registration controls

  
 

Standard registration refresh strategy

  
 

Maximum

  
 

Standard registration refresh minimum (seconds)

  
 

45

  
 

Standard registration refresh maximum (seconds)

  
 

60

  
 

Outbound registration refresh strategy

  
 

Variable

  
 

Outbound registration refresh minimum (seconds)

  
 

300

  
 

Outbound registration refresh maximum (seconds)

  
 

3600

  
 

SIP registration proxy mode

  
 

Off

  
 

Authentication

  
 

Delegated credential checking

  
 

Off

  
 

Advanced

  
 

SDP max size

  
 

32768

  
 

SIP TCP connect timeout

  
 

10

  
3    Click Save.
4    Go to Configuration > Zones > Zones, and then click DefaultZone.
5    Configure the following fields:   
                       
 

Field Name

  
 

Value

  
 

Policy

  
 

Authentication mode

  
 

Do not check credentials

  
 

SIP

  
 

Media encryption mode

  
 

Auto

  
 

ICE support

  
 

Off

  
 

Multistream mode

  
 

On

  
 

Enable Mutual TLS on Default Zone

  
 

On

  

This setting enables mutual TLS (Mutual Transport Layer Security) on the dedicated mutual TLS port 5062 on incoming connections through the Default Zone.

  
  
6    Click Save.
What to Do Next

 

Create the DNS Zone (Expressway-E to Cisco Collaboration Cloud)

  

Configure Services and Mutual TLS Authentication Between an Existing Expressway-E and the Cisco Collaboration Cloud

Expressway-E can be shared between mobile and remote access, business-to-business (B2B), and Cisco Spark hybrid media traffic. If Expressway is used for B2B traffic, turn off those services that are not needed. H.323 is a signaling protocol that doesn't allow for encryption and should be switched off if it's not critical for the company. SIP UDP must be switched off for security reasons. This change won't affect the calling scenarios, because only SIP endpoints with IP dialing use SIP UDP. Endpoints that are involved with IP dialing are typically H.323-based. SIP TCP should be switched off if it's not critical for the company.
Before You Begin

 

  
         
1    From Expressway-E, go to Configuration > Protocols > H.323, and then set H.323 mode to Off, unless this setting is critical for your organization.
2    Go to Configuration > Protocols > SIP, and then configure these settings:
                      

Field Name

Value

SIP mode

On

UDP mode

Off

TCP mode

Off, if possible. If this breaks services such as B2B, set it back to On.

TLS mode

On

Mutual TLS mode

On

Mutual TLS port

5062

3    Click Save.
4    Go to Configuration > Zones, and then click Default zone.
5    Set Enable Mutual TLS on Default Zone to Off.
6    Click Save.
What to Do Next

 

Create the DNS Zone (Expressway-E to Cisco Collaboration Cloud)

  

Create the DNS Zone (Expressway-E to Cisco Collaboration Cloud)

The DNS zone allows your Expressway-E to identify and route calls between Cisco Unified Communications Manager and the Cisco Collaboration Cloud.

  
      
1    From Expressway-E, navigate to Configuration > Zones > Zones and click New.
2    Configure the following settings and leave the defaults for any settings not mentioned:
                                                                 

Field Name

Value

 

Configuration

  

Name

 

Enter Spark hybrid DNS Zone, for example.

    
 

Type

  
 

DNS

  
 

Hop count

  
 

15 (Default)

    
 

H.323

  

Mode

Off

 

SIP

  

Mode

 

On

  

TLS verify mode

On

TLS verify subject name

Enter callservice.ciscospark.com (This value matches the content of the security certificate presented by Cisco Collaboration Cloud during TLS negotiation.)

  
Hybrid Call Service Connect calls are classified the same as Mobile Remote Access (MRA), Business-To-Business (B2B) calls, and the calls traverse existing Expressway C and E pairs.
  •  

    Calls that involve *.ciscospark.com do not count towards the traversal license cost.

      

  •  

    Any B2B calls for a Cisco Spark app after anchoring on the CTI-RD and then routing back out through the Expressways will consume traversal licenses.

      

  

TLS verify inbound mapping

On

Fallback transport protocol

TLS

Media encryption mode

Force Encrypted

ICE support

Off

Preloaded SIP routes support

On

  

Modify DNS Request

On

Domain to search for

 

Enter callservice.ciscospark.com

    
 

Authentication

  

SIP authentication trust mode

On

 

Advanced

  
 

Include address record

  
 

Off (Default)

  
 

Zone profile

  
 

Default (Default)

  
3    Click Create zone.
What to Do Next

 

Configure a Secure Traversal Server Zone from Expressway-E to Expressway-C

  

Configure a Secure Traversal Server Zone from Expressway-E to Expressway-C

Though Cisco Spark traffic can coexist on the same traversal zone with MRA or B2B, we recommend that you create separate zones: a traversal server zone on Expressway-E (specifically for handling Hybrid Call and MRA signaling and media) and a separate zone (for B2B only). That way, any settings between the three services won't affect each other.

 

We recommend that you use the Unified Communications Traversal zone for B2B traffic only, and use a single traversal zone to share hybrid and MRA traffic. If traversal zone optimization is not required, you can create three different traversal zones, one per traffic type.

  
       
1    From Expressway-E, go to Configuration > Zones > Zones, and then click New.
2    Configure these settings:     
                                                                        

Field

Value

 

Configuration

  
 

Name

  
 

Spark hybrid traversal server

    
 

Type

  
 

Traversal server

  
 

Hop count

  
 

15 (Default)

  
 

Connection credentials

  
 

Username

  
 

Enter traversal, for example.

  
 

Password

  
 

Go to Add/Edit Local authentication database, click New, enter traversal as the username, and then set a password. Click Create Credentials, and then close the window.

  
 

H.323

  

Mode

Off

 

Protocol

  
 

Assent (Default)

  
 

Port

  
 

6006 (Default)

  
 

H.460.19 demultiplexing mode

  
 

Off (Default)

  
 

SIP

  

Mode

On

Port

7004 or any value in 7XXX range. (This value must match the port number that is configured on Expressway-C.)

Transport

TLS

TLS verify mode

On

 

TLS verify subject name

Enter one of the SANs of an Expressway-C certificate. For a cluster, enter at least a common SAN shared between all Expressway-C cluster peers.

Media encryption mode

Force encrypted

 

ICE support

  
 

Off (Default)

  
 

Multistream mode

  
 

On (Default)

  
 

SIP poison mode

  
 

Off (Default)

  

Preloaded SIP routes support

On

SIP parameter preservation

On
3    Do not change settings under Authentication or UDP/TCP Probes.
4    Click Create zone.
What to Do Next

 

Create Inbound and Outbound Search Rules on Expressway-E

  

Create Inbound and Outbound Search Rules on Expressway-E

Search rules define how the Expressway routes calls (to destination zones) in specific call scenarios. When a search rule is matched, the destination alias can be modified according to the conditions defined in the search rule. Create search rules on Expressway-E to:
  •         

    Identify calls from the Cisco Collaboration Cloud and route down the traversal zone to Expressway-C.

            

  •         

    Identify calls from Cisco Unified Communications Manager and route through the DNS zone to Cisco Collaboration Cloud.

            

      
          
1    From Expressway-E, go to Configuration > Dial Plan > Search rules, and then click New.
2    Click New.

We're creating a rule to identify calls coming from Cisco Collaboration Cloud (through the DNS zone) and route them inwards (through the traversal zone) to Expressway-C.

3    Configure the following settings:   
                                  
 

Field

  
 

Value

  
 

Rule Name

  
 

Enter Spark Hybrid inbound calls, for example.

  
 

Description

  
 

Enter Route traffic from Spark Hybrid Cloud to UCM via Expressway-C, for example.

  
 

Priority

  
 

100 (Default)

  
 

Protocol

  
 

SIP

  
 

Source

  
 

Named

  
 

Source name

  
 

Spark hybrid DNS zone, for example. Choose the Cisco Collaboration Cloud DNS zone from the drop-down list.

  
 

Request must be authenticated

  
 

No (Default)

  
 

On successful match

  
 

Stop

  
 

Target

  
 

Spark hybrid traversal server, for example. Choose the traversal server zone (or Unified Communications traversal zone) that you modified in the previous section.

  
 

State

  
 

Enabled (Default)

  
  
4    Click Create search rule.
5    Click New.

We're creating a rule to identify calls coming from Cisco Unified Communications Manager (through the traversal zone) and route them outwards (through the DNS zone) to Cisco Collaboration Cloud.

6    Configure the following settings:   
                                              
 

Field

  
 

Value

  
 

Name

  
 

Enter Spark Hybrid outbound calls, for example.

  
 

Description

  
 

Enter Route traffic from Expressway-E to Spark Hybrid Cloud, for example.

  
 

Priority

  
 

100 (Default)

  
 

Protocol

  
 

SIP

  
 

Source

  
 

Named

  
 

Source name

  
 

Spark hybrid traversal server, for example. Choose the traversal server zone (or Unified Communications traversal zone) that you modified in the previous section.

  
 

Request must be authenticated

  
 

No (Default)

  
 

Mode

  
 

Alias pattern match

  
 

Pattern Type

  
 

Regex

  
 

Pattern string

  
 

  .*@.*\.ciscospark\.com

  
 

Pattern behavior

  
 

Leave

  
 

On successful match

  
 

Stop  (Default)

  
 

Target

  
 

Spark hybrid DNS zone, for example. Choose the Cisco Collaboration Cloud DNS zone from the drop-down list.

  
 

State

  
 

Enabled (Default)

  
  
7    Click Create search rule.
What to Do Next

 

Configure a Secure Traversal Client Zone From Expressway-C to Expressway-E

  

Configure Call Processing Language Rules on Expressway-E (X8.9.1 and Later)

If Expressway-C and Expressway-E run both Cisco Spark Hybrid Services and mobile and remote access (MRA) traffic, but no business-to-business traffic, the system must reject any SIP message not generated by MRA endpoints or Cisco Spark Hybrid Services.

 

Expressway X8.9.1 and later let you create Call Processing Language (CPL) rules to mitigate fraudulent call attempts. We recommend deploying Expressway 8.9.1 or a later release for toll fraud mitigation.

 

If business-to-business traffic is not included in the same Expressway, and because this traffic enters from the default zone, the following CPL rule will prevent any fraudulent access to Expressway-E.

  
        
1    From Expressway-E, go to Configuration > Call Policy > Configuration, set Call Policy mode to Local CPL, and then click Save.
2    Go to Configuration > Call Policy > Rules, click New, and then Add Call Policy Rule.
3    Configure the following settings:
                   

Field

Setting

Source Type

From address

Rule applies to

Unauthenticated callers

Source pattern

.*@example\.call\.ciscospark\.com.*, where example is your company's subdomain.

Destination pattern

.*

Action

Reject

4    Save your changes.
5    (Optional)   In case TLS must be set to On, or B2BUA must be engaged on Expressway-E for some unknown reason, create the following CPL rule to block any TLS call from the Default Zone.

This step is not needed if TLS is switched off.

  1. From Expressway-E, go to Configuration > Call Policy > Configuration, set Call Policy mode to Local CPL, and then click Save.
  2. From related tasks, go to Edit Call Policy rules.
  3. Configure the following settings:
                    

    Field

    Setting

    Source Type

    Zone

    Originating Zone

    Default Zone

    Destination Pattern

    .*

    Action

    Reject

  4. Save your changes.

Expressway-C

Configure a Secure Traversal Client Zone From Expressway-C to Expressway-E

Create a dedicated traversal client zone on Expressway-C. Though Cisco Spark traffic can coexist on the same traversal zone with MRA or B2B, we recommend that you create a dedicated traversal client zone on Expressway-C, specifically for handling Hybrid Call signaling and media. That way, any settings for B2B or MRA won't affect Cisco Spark traffic, and the other direction won't be affected either.

      
1    From Expressway-C, go to Configuration > Zones > Zones, and then click New.
2    Configure these settings:     
                                                                                 

Field

Value

 

Configuration

  
 

Name

  
 

Spark Hybrid traversal client (for example)

    
 

Type

  
 

Traversal client

  
 

Hop Count

  
 

15

  
 

Connection credentials

  
 

Username

  
 

traversal

  
 

Password

  
 

Enter the password that you created on the Expressway-E for the traversal account.

  
 

H.323

  

Mode

Off

 

SIP

  

Mode

On

Port

7004 or any value in 7XXX range. (This value must match the port number that is configured on Expressway-E.)

  

Transport

TLS

TLS verify mode

On

 

Accept proxied registrations

Deny

Media encryption mode

Force encrypted

ICE support

Off

Multistream mode

On

SIP poison mode

Off

Preloaded SIP routes support

On

  

SIP parameter preservation

On (Enables this zone to process SIP INVITE requests that contain the route header.)

  
 

Authentication

  

Authentication policy

Check credentials

 

Accept delegated credential checks

  
 

Off

  
 

Client settings

  
 

Retry Interval

  
 

120

  
 

Location

  
 

Peer 1-6 address

  
 

Enter the Fully Qualified Domain Name (FQDN) of the traversal server. If you are using secure traversal, then this value must be either the Common Name or one of the Subject Alternate Names on the traversal server's certificate. IP addresses or hostnames are not recommended. If the traversal server is a cluster of VCS Expressways, this is the FQDN of one of the peers in that cluster.

  
3    Click Create Zone.
What to Do Next

 

Create an Expressway-C Neighbor Zone for each Unified CM Cluster

  

Create an Expressway-C Neighbor Zone for each Unified CM Cluster

Configure neighbor zones for each Cisco Unified Communications Manager cluster to which you want to route:
  •  

    Each zone can accommodate 6 peer addresses, which supports a Cisco Unified Communications Manager cluster with 6 nodes.

      

  •  

    This neighbor zone must route to a Cisco Unified Communications Manager home cluster—the zone can route to an SME if the SME is Unified CM 12.0(1).

      

  •  

    The exact port to use for each zone depends on the SIP trunk security profile that you configured on Cisco Unified Communications Manager. If you have B2B or MRA configured, we recommend that you use 5561 for SIP TLS and 5560 for SIP TCP so that the new configuration doesn't interfere with your existing setup.

      

  •  

    Do not reuse any existing neighbor zones to Cisco Unified Communications Manager for MRA.

      

       
1    From Expressway-C, go to Configuration > Zones > Zones, and then click New. Create a zone for each cluster.
2    Configure these settings:  
  
                                                         
 

Field

  
 

Value

  
 

Configuration

  
 

Name

  
 

UCM Neighbor for Cisco Spark (for example)

    
 

Type

  
 

Neighbor

  
 

Hop Count

  
 

15

    
 

H.323

  
 

Mode

  
 

Off

  
 

SIP

  
 

Mode

  
 

On

  
 

Port

  
 

Enter the Cisco Unified Communications Manager listening port number, such as 5561.

  

If MRA is deployed, standard 5060 and 5061 ports are used as line-side registration. The configured port (5561) must match the listening port configured in the Communications Manager SIP Trunk Security Profile. Ports 5060 and 5061 can be used if MRA is not enabled.

  
 

Transport

  
 

TCP is the default, but we recommend TLS for connecting Expressway-C to Unified CM. For a trunk that is enabled for SIP TLS, Unified CM does not need to be in mixed mode.

  

If you want to use TLS, see "Connecting Expressway to Unified CM Using TLS" in the Cisco Expressway and CUCM via SIP Trunk Deployment Guide for your Expressway and Unified CM version.

  
 

Accept proxied registrations

  
 

Allow

  
 

Media encryption mode

  
 

Auto

    
 

ICE support

  
 

Off

  
 

Multistream mode

  
 

On

  
 

Preloaded SIP routes support

  
 

Off

  
 

Authentication

  
 

Authentication policy

  
 

Do not check credentials

  
 

SIP authentication trust mode

  
 

Off

  
 

Peer 1-6 addresses

  
 

Enter IP addresses or hostnames for each server in the 6 peer address entries.

  

For TLS negotation, the peer address must match the CN name that is used in the Unified CM certificates; otherwise, TLS negotiation fails.

  
  
  
3    Configure these fields for the zone profile:  
  
                                                         
 

Field

  
 

Value

  
 

Advanced

  
 

Zone profile

  
 

  Custom, the zone profile to use for the supported version of Unified CM for hybrid calling.

  
 

Monitor peer status

  
 

Yes

  
 

Call signaling routed mode

  
 

Always

  
 

Automatically respond to H.323 searches

  
 

Off

  
 

Automatically respond to SIP searches

  
 

Off

  
 

Send empty INVITE for interworked calls

  
 

On

  
 

SIP Parameter Preservation

  
 

On

  
 

SIP poison mode

  
 

Off

  
 

SIP encryption mode

  
 

Auto

  
 

SIP REFER mode

  
 

Forward

  
 

SIP multipart MIME strip mode

  
 

Off

  
 

SIP UPDATE strip mode

  
 

Off

  
 

Internetworking SIP search strategy

  
 

Options

  
 

SIP UDP/BFCP filter mode

  
 

Off

  
 

SIP UDP/IX filter mode

  
 

Off

  
 

SIP record route address type

  
 

IP

  
 

SIP Proxy-Require header strip list

  
 

Leave this field blank.

  
  
  
4    Click Create Zone.
What to Do Next

 

Configure Search Rules on Expressway-C

  

Configure Search Rules on Expressway-C 

Search rules define how the Expressway routes calls (to destination zones) in specific call scenarios. When a search rule is matched, the destination alias can be modified according to the conditions defined in the search rule. Configure search rules on Expressway-C to route calls to the correct Unified Communications Manager cluster based on the route header.

Before You Begin

 

For the Expressway-E to Unified CM search rule, you need the cluster fully qualified domain name (FQDN) value that you configured in this procedure: Configure Cisco Unified Communications Manager Settings for Hybrid Call Service Connect.

  
          
1    Go to Configuration > Dial plan > Search rules .
2    Click New.

We're going to create a rule to identify calls coming from the Expressway-E (through the traversal zone) and route them inwards (through the neighbor zone) to Cisco Unified Communications Manager.

  

You'll need a rule for each Unified CM cluster that is trunked to the Expressway-C.

3    Configure the following settings: 
                                           

Field

Value

Rule Name

  From Spark Hybrid Cloud to Unified CM via Expressway-E, for example.

  

Description

  Route traffic from Expressway-C to Unified CM, for example.

Priority

60

  

Protocol

SIP

Source

Named

Source name

Choose Spark Hybrid Traversal client.

  
 

Request must be authenticated

  
 

No

  
 

Mode

  
 

Alias pattern match

    
 

Pattern type

  
 

Prefix

  
 

Pattern string

  
 

cluster1.example.com, for example. This is the Cluster Fully Qualified Domain Name enterprise parameter value for the Cisco Unified Communications Manager cluster.

  

Add the other cluster FQDNs (cluster2.example.com, cluster3.example.com, and so on) for the corresponding Cisco Unified Communications Manager neighbor zones that you need to create on the Expressway-C.

  
 

Pattern behavior

  
 

Leave (The alias is not modified.)

  

On successful match

Stop

Target

Choose the Cisco Unified Communications Manager neighbor zone—for example, UCM Neighbor for Cisco Spark.

This setting will be different for each cluster; each cluster should have its own neighbor zone.

  

NeighborZoneExpCtoUnifiedCM

4    Click Create search rule.
5    Click New.  

We're going to create one rule to identify any calls arriving at Expressway-C that are destined for Cisco Spark, and route them outwards (through the traversal client zone) to the Expressway-E.

  
6    Configure the following settings:   
                                              
 

Field

  
 

Value

  
 

Rule Name

  
 

  From Unified CM to Spark Hybrid Cloud via Expressway-E, for example.

  
 

Description

  
 

Enter Route traffic from Unified CM to Expressway-E, for example.

  
 

Priority

  
 

70

  
 

Protocol

  
 

SIP

  
 

Source

  
 

Named

  
 

Source name

  
 

UCM Neighbor for Cisco Spark, for example.

  
 

Request must be authenticated

  
 

No

  
 

Mode

  
 

Alias pattern match

  
 

Pattern type

  
 

Regex  (The string is treated as a regular expression.)

  
 

Pattern string

  
 

.*@.*\.call\.ciscospark\.com.*

  
 

Pattern behavior

  
 

Leave (The alias is not modified.)

  
 

On successful match

  
 

Stop

  
 

Target

  
 

  Spark Hybrid traversal client 

  
 

State

  
 

Enabled

  
  
7    Click Create search rule.

Enable Hybrid Call Service Connect for Cisco Spark Users

Use this procedure to enable individual Cisco Spark users for Hybrid Call Service Connect.

  

See the links below for alternative ways to enable services for your Cisco Spark users.

Before You Begin

 

  
      
1    From https://admin.ciscospark.com, go to Users and then choose a user.
2    In the user's overview, click Call Service, and then click the the Connect toggle ot turn it on.
3    Click Save.

You can also view the following information from Call Service page on the user's overview:

  •  

    Directory URI (under the Aware section): user1@example.com

      

  •  

    Direct Line (under the Connect section): (800) 555-0199

      

What to Do Next

 

Restart the Call Connector from the Expressway-C

  

Restart the Call Connector from the Expressway-C

Disable and reenable the Call Connector, so that the connector captures Unified CM user and device configuration changes that you made while deploying Hybrid Call Services. During this restart cycle, the connector creates a remote destination with the Spark SIP address on the Cisco Spark remote device. This address is associated with end user accounts and the corresponding Cisco Spark accounts. Toggle this setting as a troubleshooting step if you experience any issues, too.

     
1    From Expressway-C, go to Applications > Hybrid Services > Call Service > Call Service Overview, change the call connector status to Disabled, and then click Save.
2    Change the status back to Enabled, and then save again.  

 

Troubleshooting Tips

Later, you may need to make a change to Unified CM end users or devices. If you do this to fix a configuration error, even if the call connector's "user validation test" passes for that user, you must restart call connector so that it picks up the configuration change.  

Place Test Calls to Verify Hybrid Call Service Connect Configuration

 

Use this procedure to test Hybrid Call Service Connect call scenarios. These steps verify whether you correctly configured Hybrid Call Service Connect and can help isolate any potential issues.

  

Calls are anchored through the caller's Unified Communications Manager. Any transformations and routing rules are applied exactly as if the call had been placed from a desk phone.

  

When dialing from Cisco Spark, use the same dial strings or prefixes as you do on your desk phone; Cisco Spark functions like any other desk phone registered to your Unified Communications Manager.

  
Before You Begin

 

  
      
1    Place a call from your primary desk phone to another hybrid user's desk phone.  

If you configured the service correctly:

  
  •  

    For the called party, both the Cisco Spark app and desk phone ring.

      

  •  

    A space appears at the top of both of your lists in Cisco Spark.

      

  •  

    During the call, the screen sharing option (for desktop apps) and call duration appear.

      

  •  

    After the call ends, a record of the call appears under in your apps.

      

  
2    Place a call from your Cisco Spark app to another hybrid user in one of the following ways.
  • Search for the user in Cisco Spark, and from the space with that user, go to the activity menu , and then choose Call  .
  • From , enter the user's primary directory number or directory URI.
   

In all of these cases, the called party is notified on both the app and desk phone.

  
3    Place a call from your desk phone to a user who is not configured for Hybrid Call Service Connect.  
  •  

    If you configured the service correctly, a notice of the active call appears in the called party's app and disappears when the call ends.

      

  •  

    If you call using a directory URI, the called user will see the on-premises directory URI, not the Cisco Spark SIP address.

      

  
What to Do Next

 

  •  

    If any of the above calls fail, double-check the configuration steps in the deployment documentation and see troubleshooting documentation for further guidance.

      

  •  

    If your configuration seems correct but you encounter unexpected behavior, see the known issues documentation.

      

  
 

Attachments

    Outcomes