This topic describes how to how to integrate your StarLeaf Cloud account with a Microsoft Lync Server deployment.

Pre-requisites

To be able to call outside of your Lync deployment, the Lync server requires certain ports to be open on the firewall. Your Edge Server needs to conform to the requirements in Microsoft’s Port summary for the Edge Server .

Step One: Federate between the Lync Server and StarLeaf

If your Lync deployment is configured as open federation, skip this step and go directly to Step two: Configure your firewall.

If your Lync deployment is not configured as open federation, you need to add your organization’s call.sl subdomain (<your organization name>.call.sl) among your list of federated partners. You also need to add the call.sl domain for any other StarLeaf organization that you want to communicate with. This is described here:

  1. Log in to the Lync Front End or Standard Edition Server and open the Lync Control Panel.
  2. Go to Federation and External Access > External Access Policy and ensure that Federated User Access is checked. If not, enable it by clicking on Edit > Show Details and check Enable Communications with Federated users.
  3. To enable federation at a system level, select Access Edge Configuration from the top navigation.
  4. Under Edit Access Edge Configuration: Select Enable federation.
  5. To add the StarLeaf Lync domain, go to SIP Federated Domains from top navigation.
  6. Now add a new domain pointing to <organization name>.call.sl and edge server pointing to <organization name>.call.sl.

Step two: Configure your firewall

For each StarLeaf domain you wish to call, ensure your firewall allows traffic to/from the organization’s <organization name>.call.sl domain in the following tables. This assumes you have a deployment where the ports 50,000 – 59,999 are used for media. If your firewall requires you to use IP addresses rather than DNS names, contact StarLeaf Support for the IP addresses. These port requirements are for connections, not for packet data.

Inbound port requirements

Type StarLeaf side (source) Edge server (destination) Reason
TCP Ephemeral (1024-65535) 5061 Call signaling

Outbound port requirements

Type Edge server (source) StarLeaf side (destination) Reason
TCP Ephemeral (1024-65535) 5061 Call signaling
UDP* 50000-59999 50000-59999 Audio/video media
TCP 50000-59999 50000-59999 Audio/video and screen-share media

*Recommended for best user experience, but not strictly necessary.

Step three: Update SRV record

Ensure you have an up-to-date federation SRV record for your Lync domain (Lync server domain). For example, where a domain is example.com, the SRV record would be:

_sipfederationtls._tcp.example.com

Note: encryption

StarLeaf supports encrypted media for calls between StarLeaf and Skype for Business using best effort encryption (meaning if encryption can be used, it will be).