This article describes how to how to integrate your StarLeaf Cloud account with a Microsoft Skype for Business 2015 Server deployment.

Pre-requisites

To be able to call outside of your Skype for Business deployment, the Skype for Business server requires certain ports to be open on the firewall. Your Edge Server needs to conform to the requirements in Microsoft’s Port summary for the Edge Server .

Step One: Federate between the Skype for Business Server and StarLeaf

If your Skype for Business deployment is configured as open federation, skip this step and go directly to Step two: Configure your firewall.

If your Skype for Business deployment is not configured as open federation, you need to add your organization’s call.sl subdomain (<your organization name>.call.sl ) among your list of federated partners. You also need to add the call.sl domain for any other StarLeaf organization that you want to communicate with. This is described here:

  1. Log in to the Skype for Business Front End or Standard Edition Server and open the Skype for Business Control Panel.
  2. Go to Federation and External Access > External Access Policy and ensure that Federated User Access is checked. If not, enable it by clicking on Edit > Show Details and check Enable Communications with Federated users.
  3. To enable federation at a system level, select Access Edge Configuration from the top navigation.
  4. Under Edit Access Edge Configuration: Select Enable federation.
  5. To add the StarLeaf Skype for Business domain, go to SIP Federated Domains from top navigation.
  6. Now add a new domain pointing to <organization name>.call.sl and edge server pointing to <organization name>.call.sl.

Step two: Configure your firewall

For each StarLeaf domain you wish to call, ensure your firewall allows traffic to/from the organization’s <organization name>.call.sl domain in the following tables. This assumes you have a deployment where the ports 50,000 – 59,999 are used for media. If your firewall requires you to use IP addresses rather than DNS names, contact StarLeaf Support for the IP addresses. These port requirements are for connections, not for packet data.

Inbound port requirements

Type StarLeaf side (source) Edge server (destination) Reason
TCP Ephemeral (1024-65535) 5061 Call signaling

Outbound port requirements

Type Edge server (source) StarLeaf side (destination) Reason
TCP Ephemeral (1024-65535) 5061 Call signaling
UDP* 50000-59999 50000-59999 Audio/video media
TCP 50000-59999 50000-59999 Audio/video and screen-share media

*Recommended for best user experience, but not strictly necessary.

Step three: Update SRV record

Ensure you have an up-to-date federation SRV record for your Skype for Business domain (Skype for Business server domain). For example, where a domain is example.com, the SRV record would be:

_sipfederationtls._tcp.example.com

Note: encryption

StarLeaf supports encrypted media for calls between StarLeaf and Skype for Business using best effort encryption (meaning if encryption can be used, it will be).