Hello,
We are trying to connect our SBC, that is in our local network to Microsoft Teams Direct routing.
As far as we can tell the issue is with allowing the SBC to communicate with the Teams proxy servers.
Could anyone give me a short guide on allowing specific IP’s outgoing and incoming connections?
There is also a NAT rule for the SBC to be access from a public IP.
Thank you in advance.
A short guide would be “place an action=accept dst-address-list=somename rule at the proper position in chain forward of your /ip firewall filter, and then add as many list=somename address=x.x.x.x items as needed under /ip firewall address-list. The same address list would be used as src-address-list in the dst-nat rules, allowing connections initiated by those proxies to be forwarded to the SBC (it could be called a “selective DMZ”). And another rule in chain forward of /ip firewall filter must accept connections with connection-nat-state=dstnat.”
If this is not enough, you have to follow the hint in my automatic signature below, as more details can be provided only based on knowledge of your current configuration.
What I’m not sure about is how does the SBC communicate with the Teams proxies and what your actual “issue” is. Since there is NAT, there may be issues with setting up RTP streams even if the “selective DMZ” is in place.