This Document Is Intended for Systems Integrators with Significant Telephony Knowledge

Microsoft Exchange Server 2010Unified Messaging
PBX Configuration Note:
Direct SIP Connection with Cisco Unified Communications Manager7.0
By / : Microsoft
Updated Since / : 2010-05-13
READ THIS BEFORE YOU PROCEED
This document is for informational purposes only and is provided “AS IS”. Microsoft, its partners and vendors cannot verify the accuracy of this information and take no responsibility for the content of this document. MICROSOFT, ITS PARTNERS AND VENDORS MAKE NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS DOCUMENT.

Content

This document describes the configuration required to setup Cisco Unified Communications Manager7.0 with Exchange 2010 Unified Messaging using direct SIP connection. It also contains the results of the interoperability testing based on this setup.

Intended Audience

This document is intended for Systems Integrators with significant telephony knowledge.

Technical Support

The information contained within this document has been provided by Microsoft and is provided AS IS. This document contains information about how to modify the configuration of your PBX or VoIP gateway. Improper configuration may result in the loss of service of the PBX or gateway. Microsoft is unable to provide support or assistance with the configuration or troubleshooting of components described within. Microsoft recommends readers to engage the service of a Microsoft Exchange 2010 Unified Messaging Specialist or the manufacturers of the equipment(s) described within to assist with the planning and deployment of Exchange Unified Messaging.

Version Information

Date of Modification / Details of Modification
2010-03-17 / -

1.Components Information

1.1.PBX or IP-PBX

PBX Vendor / Cisco
Model / Cisco Unified Communications Manager 7.0
Software Version / 7.0.2.20000-5
Telephony Signaling / Direct SIP integration
Additional Notes / -
Also Applicable To / -

1.2.VoIP Gateway

Gateway Vendor / N/A
Model / N/A
Software Version / N/A
VoIP Protocol / N/A

1.3.Microsoft Exchange Server 2010Unified Messaging

Version / RTM

2.Prerequisites

2.1.Gateway Requirements

Not applicable since this is direct SIP connection.

2.2.PBX Requirements

No specific requirements.
No cabling Requirements.
No specific cabling requirements.

3.Summary and Limitations

Exchange 2010 Unified Messaging (UM) has the following functional limitations when operate with Cisco Unified Communications Manager (CUCM) 7.1:

CUCM 7.0 and Exchange UM support SRTP over SIP trunk. However, there are SRTP cipher suite mismatch issues which are causing interoperability to fail.
CUCM 7.0and Exchange UM support T.38 FAX. However, there are implementation issues which are causing interoperability to fail.
During Exchange 2007 → Exchange 2010 upgrade, users whose mailboxes are still on Exchange 2010 may be prompted twice for their phone extension when they attempt to dial the pilot number to logon to Outlook Voice Access. For more information, please refer to section 6.1.

4.Gateway Setup Notes

Not applicable since this is a direct SIP connection.

4.1.Configuration Files

Not applicable.

4.2.TLS Setup

Not applicable.

5.PBX Setup Notes

In general, the steps required to configure CUCM to work with Exchange UM can be summarized as:

Create A SIP trunk.
Define route pattern for Exchange UM.
Configure appropriate coverage paths for UM-enabled users.

In this section, we show how the configuration can be done via CUCM web-based administration interface. We shall use the convention“xy” to indicate “click on x followed by click on y”.

STEP 1: CHECK LICENSING

On the administration UI, go to “System  Licensing  License Unit Report”. Confirm that the license file is uploaded and the status indicatesReady.

Figure 1

STEP 2: CONFIGURING CISCO UNIFIED COMMUNICATIONS MANAGERS, COMMUNICATIONS MANAGER GROUP, REGION ANDDEVICE POOL

Go to“System  Cisco Unified CM”. Use the default configuration for the Cisco Unified Communications Manager (Figure 2).

Figure 2

Go to “System  Cisco Unified CM Group”. Use default configuration for the Cisco Communications Manager Group (Figure 3).

Figure 3

Go to “System  Region”. Use default configuration for the region (Figure 4).

Figure 4

Go to “System  Device Pool”. Use default configuration for the device pool (Figure 5).

Figure 5

STEP 3: CREATE A NEW SIP TRUNK

Go to “Device  Trunk  Add New” to create a new SIP trunk with the following parametersettings (Figure 6):

Trunk Type = SIP Trunk
Device Protocol = SIP

Figure 6

Configure the following parameters for the SIP trunk (Figure 7):

Device Pool = Default
Media Resource Group List =None
Media Termination Point =Checked. When this field is unchecked, the CUCM sends SIP INVITEs to the UM server with no SDP in the offer. When checked, the SIP INVITEs contain SDP in the offer. The UM server supports both, butChecked is required if there are Cisco SCCP phones connected to the PBX.

Figure 7

Continue: Configure the following parameters for the SIP trunk (Figure 8):

Redirecting Diversion Header Delivery – Inbound = Checked
Calling Party Selection = Originator
Redirecting Diversion Header Delivery – Outbound = Checked
Destination Address = IP Address of the UM Server
DestinationPort = 5060 when TLS is not used, or 5061 when TLS is used.
Preferred Originating Codec = 711uLaw (default)
SIP Profile = Standard SIP Profile (default)
DTMF Signaling Method: No Preference (default). Using RFC2833 for this field should also work.

Figure 8

The standard SIP Profile is shown in Figure 9 and 10:

Figure 9

Figure 10

STEP 4: CREATE A NEW ROUTE PATTERN

Go to “Call Routing Route/Hunt Route Pattern  Add New” to create a new route pattern for the Exchange UM pilot number. Configure the following parameters (Figure 11 and 12):

Route Pattern = Pilot number for Exchange UM.
Gateway or Route List =Select.
Route Option = Route this pattern.
Calling Line ID Presentation = Allowed.

Figure 11

Figure 12

STEP 5: CONFIGURE VOICEMAIL PROFILE

Go to “Voice Mail  Voice Mail Pilot  Add New” to create a new Voice Mail Pilot. The Voice Mail Pilot Number must correspond to the pilot number configured on the Exchange UM server (Figure 13).

Figure 13

Go to “Voice Mail  Voice Mail Profile”.Configure the Voice Mail Pilot fieldunder the Default Voice Mail profile to be the Voice Mail Pilot configured earlier (Figure 14 and 15).

Figure 14

Figure 15

STEP 6: CHECK THE PHONE CONFIGURATION

Go to “Device  Phone” and select the phone you want to configure (Figure 16).

Figure 16

Select the line you want to configure its voice mailsettings (Figure 17).

Figure 17

Confirm the “Voice Mail Profile” is set to the profile configured in Step 5, which contains the pilot number of Exchange UM (Figure 18).

Figure 18

Ensure the following are enabled (Figure 19):

Forward Busy Internal
Forward Busy External
Forward No Answer Internal
Forward No Answer External

Figure 19

Figure 20

OPTIONAL: MWI

In order to be able to implement MWI – Message Waiting Indicator Feature, one additional configuration is necessary:

Go to “System  Security Profile  Sip Trunk Security Profile” and click on the Profile assigned to your Sip Trunk. Check “Accept Unsolicited Notification” and click Save. (Figures 21 and 22)

Figure 21

Figure 22

OPTIONAL: CONFIGURING MRG & MRGL

Depending on actual deployment, you may observe that Exchange UM drops every call from CUCM. In addition, you may find Event ID 1079 in the system event log of the UM server with the following description:

“The VoIP platform encountered an exception Microsoft.SpeechServer.SpeechApplicationException: The requested DTMF payload type (101) has been refused by the remote end. ---> System.ArgumentException: The requested DTMF payload type (101) has been refused by the remote end……”

First, you need to make sure that the Default MTP Telephony Event Payload Type property under your SIP Profile Configuration has been correctly set to 101 (Figure 9).

If the problem persists, you may be required to use the following configuration on the CUCM:

-Create a Media Termination Point (MTP).

-Create a Media Resource Group (MRG) and add the above MTP to this MRG.

-Create a Media Resource Group List (MRGL) and add the MRG to this MRGL.

-Go to your existing Device Pool configuration page and update the Media Resource Group List entry to reflect the new MRGL you have created.

-Go to your existing SIP Trunk configuration page and update the Media Resource Group List entry to reflect the new MRGL you have created.

5.1.TLS Setup

The general steps for configuring TLS for a CUCM SIP Trunk can be summarized as follow:

Configure UM Server environment for TLS
Configure Mutual Certificate Authentication between CUCM and UM Server
Create a secure “SIP trunk security profile” on CUCM
Assign the “SIP trunk security profile” to UM SIP Trunk on CUCM

STEP1: Configure UM Server environment for TLS

UM Server and some associated objects must be configured for TLS. This is the summary of the configuration needed:

Set UMServer UMStartupMode = TLS or Dual
Enable a valid certificate for UM Service
Set UMDialPlan VoIPSecurityProfile = SipSecured
Set UMIPGateway Address = <CUCM FQDN>

Please refer to Microsoft TechNet documentation for further details on UM objects configuration:

Please refer to Microsoft TechNet documentation for further details on Exchange Certificate enabling:

STEP2: Configure Mutual Certificate Authentication between CUCM and UM Server

CUCM and UM Server must trust and be able to validate each other’s certificates exchanged during TLS negotiation.

The following requirements must be observed:

The CA root certificate must be imported CUCM’s Certificates List as CUCM-trust certificate. After the import, a restart of CUCM service is required for the list to be updated.
If using the CUCM self-signed certificate for CUCM Authentication, be sure to import it to UM Server’s Trusted Root Certificate Authorities Store.

Additionally:

Be sure that the UM Server’s FQDN present on the certificate is resolvable by CUCM.
Be sure that the CRL URL present on the certificate is accessible.

Please refer to Cisco documentation for further details on IPSec configuration and Certificate Management.

STEP3: Create a “SIP trunk security profile” on CUCM

On the administration UI, go to “System  Security Profile SIP Trunk Security Profile” and create a new SIP Trunk Security Profile with the following settings:

Device Security Mode: Encrypted
Incoming Transport Type: TLS
Outgoing Transport Type: TLS
X.509 Subject Name: <UM Server Certificate Subject Name
IncomingPort: 5061

Figure 23

STEP4: Assign the “SIP trunk security profile” to UM SIP Trunk

When creating the SIP Trunk, configure the following settings:

Destination Address: <UM Server FQDN>
DestinationPort: 5061
Sip Trunk Security Profile: <Previously created secure Sip Trunk Profile>

Figure 24

5.2.Exchange 2007 → Exchange 2010Upgrade Configuration

When upgrading from Exchange 2007 to Exchange 2010, where both versions of Exchange coexist in the same environment, CUCM needs to be able to route calls that are transferred from Exchange 2010 UM server to Exchange 2007 UM server. For the routing to work, you need to:

Create an additional SIP Trunk for Exchange 2007 UM server
Create a SIP Route Pattern which points the FQDN of the Exchange 2007 UM server to the Exchange 2007 UM SIP Trunk
Ensure CUCM can resolve the FQDN of the Exchange 2007 UM server

STEP1: Create an additional SIP Trunk for Exchange 2007 UM server

Follow the same steps provided above to create a new trunk Exchange 2007 UM server. In addition, configure the following parameters:

For“Device Information” →“Device Name”, set a different trunk name for Exchange 2007 trunk (Figure 25)
For “SIP Information”→“Destination Address”, set your Exchange 2007 Server FQDN (Figure 26).

Figure 25

Figure 26

STEP2: Create“SIP Route Pattern” for Exchange 2007 UM Server

Go to “Call Routing” → “SIP Route Pattern” and click “Add New” (Figure 27).

Figure 27

Configure the following parameters for the new “SIP Route Pattern”and click “Save” (Figure 28):

IPv4 Pattern: Select Domain Routing
SIP Trunk: Select Exchange 2007 Server “SIP Trunk” created on STEP1.

Figure 28

Note: For CUCM users, there is a known limitation when upgrading from Exchange 2007 to Exchange 2010.For more details on the limitation, please refer to section 6.1.

5.3.Fail Over Configuration

Did not perform fail-over setup.

5.4.Tested Phones

Cisco IP Phones SIP – G.711 A Law.

Cisco IP Phones Skinny - G.711 A Law.

5.5.Other Comments

Please note that the configuration provided in this document does not include the configuration for Media Resource Groups (MRGs) and Media Resource Group Lists (MRGLs) in the CUCM admin, which may be required if the PBX deployment involves the use of .

6.Exchange 2010UM Validation Test Matrix

The following table contains a set of tests for assessing thefunctionality of the UM core feature set. The results are recorded as either:

Pass (P)
ConditionalPass (CP)
Fail (F)
Not Tested (NT)
Not Applicable (NA)

Refer to:

Appendix for a more detailed description of how to perform each call scenario.
Section 6.1 for detailed descriptions of call scenario failures, if any.

No. / Call Scenarios (see appendix for more detailed instructions) / (P/CP/F/NT) / Reason for Failure (see 6.1 formore detailed descriptions)
1 / Dial the pilot number from a phone extension that is NOT enabled for Unified Messaging and logon to a user’s mailbox.
Confirm hearing the prompt: “Welcome, you are connected to Microsoft Exchange. To access your mailbox, enter your extension…” / P
2 / Navigate mailbox using the Voice User Interface (VUI). / P
3 / Navigate mailbox using the Telephony User Interface (TUI). / P
4 / Dial user extension and leave a voicemail.
4a / Dial user extension and leave a voicemail from an internal extension.
Confirm the Active Directory name of the calling party is displayed in the sender field of the voicemail message. / P
4b / Dial user extension and leave a voicemail from an external phone.
Confirm the correct phone number of the calling party is displayed in the sender field of the voicemail message. / P
5 / Dial Auto Attendant (AA).
Dial the extension for the AA and confirm the AA answers the call. / P
6 / Call Transfer by Directory Search.
6a / Call Transfer by Directory Search and have the called party answer.
Confirm the correct called party answers the phone. / P
6b / Call Transfer by Directory Search when the called party’s phone is busy.
Confirm the call is routed to the called party’s voicemail. / P
6c / Call Transfer by Directory Search when the called party does not answer.
Confirm the call is routed to the called party’s voicemail. / P
6d / Setup an invalid extension number for a particular user. Call Transfer by Directory Search to this user.
Confirm the number is reported as invalid. / P
7 / Outlook Web Access (OWA) Play-On-Phone Feature.
7a / Listen to voicemail using OWA’s Play-On-Phone feature to a user’s extension. / P
7b / Listen to voicemail using OWA’s Play-On-Phone feature to an external number. / P
8 / Find Me Feature.
8a / Call an UMEnabled user and Select Find Me option when called party’s phone does not answer.
Confirm the call is routed to the called party’s first Find Me extension and that the call is connected. / P
8b / Call an UMEnabled user and Select Find Me option when called party’s phone does not answer and the first Find Me extension also does not answer.
Confirm the call is routed to the called party’s second Find Me extension and that the call is connected. / P
9 / Configure a button on the phone of a UM-enabled user to forward the user to the pilot number. Press the voicemail button.
Confirm you are sent to the prompt: “Welcome, you are connected to Microsoft Exchange. <User>. Please enter your pin and press the pound key.” / P
10 / Send a test FAX message to user extension.
Confirm the FAX is received in the user’s inbox. / F / Please refer to section 6.1 for more details.
11 / Setup TLS and SRTP between gateway/IP-PBX and Exchange UM.
Replace this italicized text with your TLS configuration: self-signed certificates or Windows Certificate Authority (CA).
11a / Dial the pilot number and logon to a user’s mailbox.
Confirm UM answers the call and confirm UM responds to DTMF input. / CP / Only TLS + RTP work correctly. SRTP is not working correctly due to SRTP cipher suite mismatch between CuCM and UM.
11b / Dial a user extension and leave a voicemail.
Confirm the user receives the voicemail. / CP / Only TLS + RTP work correctly. SRTP is not working correctly due to SRTP cipher suite mismatch between CuCM and UM.
11c / Send a test FAX message to user extension.
Confirm the FAX is received in the user’s inbox. / NT / Fax interoperability is currently pending.
12 / Setup G.723.1 on the gateway. (If already using G.723.1, setup G.711 A Law or G.711 Mu Law for this step).
Dial the pilot number and confirm the UM system answers the call. / NT
13 / Setup Message Waiting Indicator (MWI).
Check section “OPTIONAL:MWI” for steps.
13a / Leave a voicemail for test user and verify that the Message Waiting Indicator on the phone displays a new message. / P
13b / Mark a test user voicemail as Read and verify that the Message Waiting Indicator on the phone displays one less new message. / P
14 / Execute Test-UMConnectivity. / NT
15 / Setup and test fail-over configuration on the IP-PBX to work with two UM servers. / NT

6.1.Detailed Description of Limitations

Failure Point 1 / Fax Media transfer
Phone type (if phone-specific) / -
Call scenarios(s) associated with this failure point / 10
List of UM features affected by this failure point / Fax Interoperability
Additional Comments
Before reading on, it is important to note that Exchange 2010 UM only handles FAX tone detection. Once the FAX call has been determined, Exchange 2010 UM hands off the call to 3rd party FAX solution. Exchange 2010 UM no longer handles FAX calls natively. For more information, please read this article (
Scenario:
[Fax Machine] <---> [Cisco 2801 G/W] <---> [CUCM7] <---> [Exchange 2010 UM]

Sip Trunk for Exchange UM configured on CUCM7
Outgoing T.38 INVITE Include Audio mline is set on trunk's SIP Profile
Voicemail profile is configured for Exchange UM Sip Trunk
Test extension's DN is associated to Voicemail profile

Problem:
When we try to make a fax call to the test extension from fax machine, the following happens:

We manually start the call as a phone call (Original INVITE is sent)
Once the voicemail prompts are played, we manually start the fax transfer
Through traces, we verify that UM successfully recognized the fax tone and switched to T38 by sending a new INVITE with the following lines on SDP:

a=T38FaxRateManagement:transferredTCF
a=T38FaxUdpEC:t38UDPFEC

CUCM7 answers with "488 Not Acceptable Media".

Failure Point 2 / Exchange 2007 → Exchange 2010 upgrade
Phone type (if phone-specific) / -
Call scenarios(s) associated with this failure point / Not included in the call scenarios listed
List of UM features affected by this failure point / Subscriber Access for Exchange 2007 users during Exchange 2007 → Exchange 2010 upgrade
Additional Comments
Firstly, it is important to note that this issue impact Exchange 2007 → Exchange 2010 upgrading only, where Exchange 2007 users may be prompted to enter their extension twice before they can logon to Outlook Voice Access.
During Exchange 2007 → Exchange 2010 upgrade, there will be both 2007 UM servers and 2010 UM servers in the Exchange environment until all UM-enabled mailboxes have been upgraded successfully. During this “co-existence” period, CuCM must be configured to send all calls to 2010 UM servers (see section 5.2). If an inbound call is for an Exchange 2007 user, the call will be redirected/transferred by 2010 UM server to an existing 2007 UM server. For more information on how this works, please refer to this article (
When an Exchange 2007 user calls the pilot number to logon to Outlook Voice Access, the call is first sent to an 2010 UM server. If UM is unable to resolve the caller ID to the user’s mailbox, UM will prompt the caller for his/her mailbox extension. Once the extension is provided and UM figures out that this is for an Exchange 2007 mailbox, UM will send a SIP REFER to CuCM, requesting CuCM to transfer the call to an arbitrary 2007 UM server. As part of SIP REFER, UM includes a REFERRED-BY header containing the extension of the mailbox provided by the caller. However, CuCM does not propagate the REFERRED-BY header when it tries to establish a SIP connection with the 2007 UM server. As a result, the caller is prompted again to enter his/her extension by the 2007 UM server.

7.Troubleshooting

No troubleshooting information available.