10-26-2016 12:17 PM - edited 03-17-2019 08:29 AM
So we have configured a Cisco 4331 ISR router to connect to Office 365 for voice mail services. Accessing voice mail works fine, and we can leave voice mail messages, etc. We CANNOT transfer any calls via the Office 365 auto attendant. When we search for a user and ask Office 365 to dial, the SIP REFER causes the phone to ring....but there is no ringback and if you pickup the phone it gets a fast busy.
The cube connects to Microsoft using SIP TLS and converts the call from RTP to SRTP. I can also dial my extension from Office 365 to play the voicemail on the phone. The problem ONLY occurs when a SIP REFER or REFER-TO are involved. On the SIP trunk we have MTP Required turned on. I cannot dial the voice mail or auto attendant if this is turned off.
I'm not a strong voice person, so any help would be greatly appreciated :-)
The version of Call Manager is 8.6.2.25900-8 (Yes I know it is old)
The IOS version on the CUBE is: isr4300-universalk9.03.16.04a.S.155-3.S4a-ext.SPA.bin
Here is the call path:
TLS
PHONE <-->CUCM<--> CUBE<-->Office365
RTP SRTP
Solved! Go to Solution.
06-07-2017 01:07 PM
Thanks for your help! We solved our problem. What it was; was that we were using a Comodo certificate. Which is on Microsoft's Unified Communications Certificate Partner list:
https://support.microsoft.com/en-us/help/929395/unified-communications-certificate-partners
However thats not O365. I believe this link above is for prem based systems. As soon as we used a GoDaddy cert and put them in the correct order along with the GoDaddy Root and the Baltimore CyberTrust Root it worked just fine.
01-13-2017 06:55 AM
Can you provide the configuration for the CUBE? Is the REFER going to another number on CUCM? The output of debug ccsip message would also be helpful.
06-06-2017 12:20 PM
This actually had nothing to do with the SIP REFER. The problem (as TAC determined) was the version of IOS...we needed isr4300-universalk9.03.17.03.S.156-1.S3-std.SPA.bin to get it to work.
I have attached the config...but I removed the certificates and other sensitive information...let me know if you have any questions....also DO NOT NAT through a firewall. Have an interface directly on the outside. The certificates are key as well. You must have the certificate chain as well as the roots that Microsoft uses installed. We purchased ours through digicert. Microsoft uses: BaltimoreCT and GTECybertrust roots.
06-07-2017 12:34 AM
Hi,
Sorry if I sound irrelevant.
Problem seems to be with CUCM
Can you check Partition & CSS
Bye
06-07-2017 01:07 PM
Thanks for your help! We solved our problem. What it was; was that we were using a Comodo certificate. Which is on Microsoft's Unified Communications Certificate Partner list:
https://support.microsoft.com/en-us/help/929395/unified-communications-certificate-partners
However thats not O365. I believe this link above is for prem based systems. As soon as we used a GoDaddy cert and put them in the correct order along with the GoDaddy Root and the Baltimore CyberTrust Root it worked just fine.
06-07-2017 01:13 PM
No problem..yeah originally I had to run a lot of debugs and I had to do some research to figure out which certs were required...but yes, it's a simple solution. Glad I could help.
06-06-2017 11:30 AM
Can you help the community out here and post a sanitized config? I'm experiencing some issues with this (even getting the VM pilot in O365 to answer) and Microsoft is putting up a stonewall citing "not supported model". I've tried to show them multiple people in the community have this working. If you can do this for the rest of us out here, I'll in turn share my experience and pitfalls we ran into and how to get around them so everyone out here can benefit.
Thanks!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide