Zoom Confidential

Document Version: 1.1

Configuration Guide

For anynode SBC

Zoom Confidential

2

Table of Contents

1. Overview 4

2. Topology 4

3. Configuration Steps - Zoom Web Portal 5

3.1 Check for BYOC readiness 5

3.2 Adding Phone users 5

3.3 Add Phone numbers 6

3.4 Provisioning Phones for Zoom Phone users 7

4. Configuration Steps – anynode SBC 8

4.1 Voice over IP Provider Node 10

4.2 Configuring PSTN SIP Trunk Provider 10

4.2.1 Network Controller 11

4.2.2 Ports 11

4.2.3 NAT Traversal 12

4.2.4 SIP Interconnection 12

4.2.5 Remote SIP Domain 13

4.2.6 Client Authentication 13

4.2.7 SIP Proxy 14

4.2.8 Asserted URI 14

4.2.9 Network Peer Whitelist 15

4.2.10 Incoming and Outgoing Manipulations 15

4.2.11 Node Name 16

4.3 Zoom Phone Premise Peering Node 18

4.3.1 PBX / System 19

4.3.2 Network Controller 20

4.3.3 Ports 21

4.3.4 Certificate & Private Key 22

4.3.5 Certificate Chain 24

4.3.6 Region 25

4.3.7 Incoming and Outgoing Manipulations 26

4.3.8 Node Name 27

4.3.9 Routing 28

4.3.10 Routing Domain 28

4.3.11 Dashboard Overview 29

5. References 30

Zoom Confidential

3

Revision History

Version Date Author Change

1.0 10-August-2020 Zoom Template design

1.1 25-August-2021 Rajkamal

Elango

Updated document for anynode SBC configurations

Zoom Confidential

4

1. Overview

This document provides instructions on how to configure and add your device to the Zoom web portal. This

document provides instructions on how to set up anynode Session Border Controller (hereafter, referred to as

SBC) for interoperability between Generic SIP Trunk and Zoom Phone environment.

2. Topology

Zoom Confidential

5

3. Configuration Steps - Zoom Web Portal

This section covers about checking the basic readiness, adding the external BYOC DID phone numbers and

mapping them to corresponding end point devices (such as IP phones and other SIP devices).

3.1 Check for BYOC readiness

Login to Zoom admin portal and check BYOC routing is in place. Provisioning your SBC to the Zoom phone

portal is done by Zoom team. Once this is added, BYOC Routing page will have an entry as shown in the below

screenshot. Navigate to Phone System Management >> Company Info>>Account Settings>>BYOC Routing

3.2 Adding Phone users

New users can be added under User Management with user type Licensed as shown in below screenshot.

Navigation: User Management>> Users>> Add Users

Zoom Confidential

6

Add Calling Plan and Zoom Phone licenses to users in the Zoom account. When Zoom Phone license is assigned

for a user, an extension number gets assigned to the user automatically. Navigation: Phone System Management

>> Users & Rooms.

3.3 Add Phone numbers

Add the BYOC phone numbers as shown below. Navigation: Phone System Management >> Phone Numbers>>

BYOC

Zoom Confidential

7

Assign the BYOC numbers to the Zoom phone users as shown below. Navigation: Phone System Management

>> Phone Numbers>> Assigned

3.4 Provisioning Phones for Zoom Phone users

Provision desk phones for Zoom Phone users. Zoom certified vendor phone models are used for this test and will

be available as shown below after provisioning. Navigation: Phone System Management >> Phones & Devices

Zoom Confidential

8

4. Configuration Steps – anynode SBC

anynode® is a Session Border Controller that is entirely a software-based solution for Windows and Linux-based

operating systems. It will work as an interface for numerous SIP Endpoints like SIP phones, SIP PBXs and SIP

carriers. It converts port and directory information, provides higher security, routes session traffic, and does

manipulation of call numbers. This document gives you the information you need to integrate and configure

anynode to leverage SIP trunking in a Zoom Phone Cloud PBX environment.

In order to establish a SIP communication via anynode, each instance has to be configured as a Node. Each Node

can handle several rules for incoming and outgoing numbering and dial string manipulations. Routing decisions are

made in a Routing Domain, based on source nodes, and defined filter rules with various matching dial string

conditions (Source, Destination, Asserted, First and Last Diversion, Transferrer, ELIN), and on a specific system

(primary/replica, maintenance, standby) or CPU load condition. Also, an additional routing task can be enabled via

the Route Supervision function. This function allows to submit and request routing information through external

interfaces (e.g., REST, LDAP, or a Database Connected Directory). If a call matches a filter rule in the routing

domain, it will be routed and processed to the configured destination Node.

Zoom Confidential

9

Click Wizard within anynode frontend to start with the configurations. Depending on which scenario is selected,

this wizard will assist you in configuring the Node. For this example, the entry ...a VoIP Provider and a PBX or

VoIP System is used. Please make your selection and push Start for running through the Node Interconnection

Zoom Confidential

10

4.1 Voice over IP Provider Node

Once selected, the assistant starts with the first Node configuration, the Voice over IP Provider Node. This Node contains

various default configurations which have to be adjusted. To set up the Node details press the Configure... button.

4.2 Configuring PSTN SIP Trunk Provider

Now the VoIP provider preset can be selected from the list. In this example, the generic Other VoIP Provider template is

used. Continue by clicking on the Next button.

Zoom Confidential

11

4.2.1 Network Controller

The assistant requests the network related settings used by this Node. For the Network Controller select Create new

network controller and set one of the Network options with its configurations. Also specify whether reverse DNS Lookup

should be enabled.

4.2.2 Ports

In this dialog, port values can be assigned for UDP, TCP and TLS. Ensure that those port values conform to the network and

remote configurations. You may define a UDP and SIP TCP port range which restricts the number of ports used by anynode.

The port range should be a least three times higher than the number of maximum concurrent sessions in this Node.

Zoom Confidential

12

4.2.3 NAT Traversal

Depending on local network requirements and routing, appropriate NAT settings must be specified. There is no NAT

Traversal configuration required here.

4.2.4 SIP Interconnection

The SIP Interconnection method is here used with Node Interconnection via SIP Trunking.

Zoom Confidential

13

4.2.5 Remote SIP Domain

Here the SIP domain of the SIP provider is entered.

4.2.6 Client Authentication

As no Client Authentication credentials are required for this setup and SIP provider binding, the option will be disabled.

Zoom Confidential

14

4.2.7 SIP Proxy

If required, a SIP Proxy Server (URI) can be entered. As none is used here, we proceed with Next.

4.2.8 Asserted URI

The user part of Asserted-URI has to set up with the SIP provider requirements. The complete generated Asserted-URI

string will be updated automatically and shown in the assistant’s dialog. As it is not required in this environment, the option

will be disabled for this example.

Zoom Confidential

15

4.2.9 Network Peer Whitelist

The Network Peer List for the provider Node is by default enabled for the set SIP domain and

proxy and also for IP’s that will be negotiated for RTP/RTCP. Hostnames or IP addresses can be added or changed as

needed. Ensure that everything is reachable through the IP network.

4.2.10 Incoming and Outgoing Manipulations

The incoming and outgoing manipulations are not set here.

Zoom Confidential

16

4.2.11 Node Name

The default Node name is set, but can be modified for your needs.

When completed, the Node Interconnection Assistant gives an overview of the configuration. If everything is correct go

ahead with Next to start with the second Node configuration.

Zoom Confidential

17

Zoom Confidential

18

4.3 Zoom Phone Premise Peering Node

Now, click the Configure button to start with the configurations for the Zoom Phone Premise Peering Node.

Zoom Confidential

19

4.3.1 PBX / System

Select Zoom Phone Premise Peering and follow up with the Next button.

Zoom Confidential

20

4.3.2 Network Controller

For the Network Controller select Create new network controller. If none is available and a new one must be created, select

and set one of the Network options with its configurations and specify whether reverse DNS Lookup is enabled. For the

Zoom Phone Premise Peering and the BYOC connectivity the corresponding Ethernet interface will be selected. In this

example, this is the Ethernet interface that is listening to the public IP address which is set as Trunk Group

in Zoom.

Zoom Confidential

21

4.3.3 Ports

In this dialog the port values can be assigned. The SIP/TLS port is by default set to 5061. The unrestricted UDP/TCP port

range must be set to the local requirements.

Zoom Confidential

22

4.3.4 Certificate & Private Key

The Certificate and Privacy Key and Certificate Chain are imported and used. Ensure that the certificates include the correct

information and all the required FQDN’s as SAN’s (Subject Alternative Names). Please note that Zoom only allows TLS

connections from SBC devices with a certificate signed by one of the trusted Certificate Authorities. The currently supported

Certification Authorities are listed in the document Zoom Phone Premise Peering Solution Reference Guide.pdf.

To start click the Configure… button.

The required certificate and the private key will be imported via the Import of the certificate and/or private key option.

Zoom Confidential

23

Both certificates have to be imported in single files. You must browse to both files, select and import one at a time. If the

import and subject validation is fine and nothing is highlighted red, you can proceed with Finish.

If everything is set for the Certificate & Private Key dialog, proceed with Next.

Zoom Confidential

24

4.3.5 Certificate Chain

Next, the certificate chain is properly displayed as anynode provides some default validation certificates. If there are no valid

chains available, or some are missed, the corresponding certificate has to be imported via the Add… and the invalid ones

should be deleted with the Remote button.

Zoom Confidential

25

4.3.6 Region

The required and selected Region for this configuration example is North America. This region is resolved to the North

America Datacenters for the Zoom Premise Peering. The anynode wizard will automatically set the recent valid FQDNS.

us01peer01.sj.zoom.us, us01peer01.dv.zoom.us and us01peer01.ny.zoom.us which are resolved to the IP addresses

162.12.233.59, 162.12.232.59 and 162.12.235.85.

Zoom Confidential

26

4.3.7 Incoming and Outgoing Manipulations

No incoming or outgoing dial string manipulations are required in this example

Zoom Confidential

27

4.3.8 Node Name

A default Node name is set which can be modified for your needs. Click Finish to proceed with the next dialog.

In the Node Interconnection Assistant you now get an overview of the completed configuration. Proceed with Next for

determining anynode’s Routing behavior between both Nodes.

Zoom Confidential

28

4.3.9 Routing

For the Routing it is strongly recommended selecting Use direct routing with prefix filter. This option ensures that only calls

with the matching dial string information of the SIP Provider will be established to VoIP System, the Zoom Phone Node. If

everything is set, click Finish to exit the configuration tasks and to get back to the main configuration view of anynode’s

fronted.

Commit the new configurations and changes to save them.

Please note that the route selection through the Routing Domain occurs after the incoming dial string manipulations of a

Source Node, and before the outgoing dial string manipulations of the Destination Node.

4.3.10 Routing Domain

The routing domain has been created as follows.

Zoom Confidential

29

4.3.11 Dashboard Overview

To check the Node states, switch the view to the Dashboard of anynode’s frontend Monitor Mode. Clicking onto a Node

entry opens a new dialog with further details. The screenshot below shows the Zoom Phone Premise Peering details and that

both Node states are okay.

Zoom Confidential

30

s

5. References

Reference used in this document:

https://zoom.us/phonesystem

https://zoom.us/zoom-phone-features

Zoom Phone – Zoom Help Center