Ribbon SBC Integration Guide

Ribbon SBC is a Session Border Controller (SBC) that can serve as part of an end-to-end SIP integration between Mindful and an on-premise telephony platform. This guide is intended as a supplement to the ACD integration guides for Mindful and only addresses configuration for the Ribbon SBC.

This article covers the following aspects of Ribbon SBC configuration:

• Option 1: Standard SIP & RTP
  • Create new configuration using the Easy Config Wizard (optional) or manually
  • Create new Mindful configuration or edit existing configuration:
    • Media List
    • SIP Server
    • SIP Profile
    • Call Routing Table (calls from Mindful)
    • Inbound Message Manipulation (SIP REFER from Mindful)
    • Contact center Call Routing Table (calls to Mindful)
    • Signaling Group
• Option 2: SIP over TLS with SRTP
  • Import the Entrust TLS certificates as Trusted CA certificates
  • Create a TLS Profile
  • Create an SDES-SRTP Profile
  • Modify the Media List
  • Modify the Signaling Group
  • Modify the SIP Server

Components and Call Flows

Before looking at configuration, you can review key terms and acronyms used throughout this guide and high-level call flows for the integration.

Definitions and acronyms

Inbound Call Flow

1. A customer calls into the contact center and the call lands on the SBC.
2. The SBC INVITEs the contact center (for example, a Genesys SIP Server or Avaya Session Manager instance).
3. A routing script sends the call back out to the SIP number provisioned in Mindful, either using a new SIP INVITE or REFER to the SBC.
4. The SBC sends an INVITE to Mindful and the customer hears the callback offer.

Choose Hold Call Flow

1. A caller declines a callback offer. Mindful sends a SIP REFER to the SBC with a Refer-To SIP header containing the Holding Number (typically a queueing DN) configured on the Call Target.
2. The SBC INVITEs the contact center.
3. The call queues at normal inbound priority for the next agent.

Return Call (Callback) Call Flow

1. Mindful sends an INVITE to the SBC using the customer callback number as the destination.
2. The SBC sends the call out to the customer over the PSTN via the carrier.
3. Once the customer answers the call, Mindful sends another INVITE to the SBC with the Call Center Number configured in Mindful. This is usually a contact center DN (such as a Genesys routing point DN).
4. The SBC INVITEs the contact center and the call queues at high priority for the next agent. As soon as an agent answers, the customer and agent are connected and Mindful steps out of the RTP media path.

Option 1: Standard SIP & RTP

This section details the standard configuration for SIP and RTP. These steps must be followed whether you will ultimately use standard SIP/RTP or opt for secure TLS over SRTP.

(Optional) Use the Easy Configuration Wizard

Navigating through the Ribbon Edge SBCs' web UI, you'll find the Easy Config Wizard, designed for swift setup of new trunk configurations. This tool can be employed to create the new Mindful SIP trunk, composed of various configuration elements within the SBC settings. Should you prefer manual configuration of these elements, you can skip this section.

Begin by clicking the Easy Config Wizard menu item:

The wizard will open at Step 1, where you'll input key details. Refer to the screenshot below:

• Application: Choose SIP Trunk.
• Scenario Description: Name the trunk, for instance, Mindful Callback.
• Telephone Country: Select the country where your Mindful Organization operates.
• SIP Sessions: Specify the maximum number of SIP sessions allowed for this trunk
• SIP Trunk/Name: Select Other SIP Trunk.

Once these are configured, click Next to proceed to Step 2. Enter the Mindful FQDN provided by the Mindful Solution Delivery Team, along with all other settings shown below:

• Border Element Server: Enter the SIP domain provided by the Mindful team.
• Protocol: Select UDP.
• Port Number: Enter the port associated with the Mindful SIP domain.
• Use Secondary Border Element Server: Keep this Disabled.

Confirm that the Ribbon SBC can resolve the Mindful FQDN, then click Next to advance to Step 3. This step will present an overview of the configuration entered in the previous steps. If everything looks accurate, click Finish to save the changes.

As the configuration changes take effect, a popup window will appear. Click OK to exit the wizard.

Media List for Mindful

Quick access: Settings > Media > Media Profiles

Accessing the web interface of Ribbon Edge SBCs, you'll encounter the Mindful Media List, a profile outlining the audio setup for Mindful. This encompasses codecs and, when engaging secure SIP/RTP, the SDES/SRTP profile. If the trunk configuration was established via the Easy Config Wizard, a fresh Media List is generated for the new trunk. Conversely, if the wizard wasn't employed, you have the option to create a new Media List.

Within the Media List resides a compilation of Media Profiles - the codecs employed for audio exchange between the SBC and Mindful. In cases where the Easy Config Wizard was utilized, the Media List will house Media Profiles tailored for the trunk. If not, the default media profiles can be used. Regardless, the recommended media profiles are G711u and G711a - the only codecs supported by Mindful:

In the Digit Relay segment, ensure RFC2833 is chosen, with the suggested default payload of 101.

Mindful SIP Server

Quick access: Settings > SIP > SIP Server Tables

If using the Easy Config Wizard, a new SIP Server Table will be created - this should be modified to use an SRV entry as shown below (the Config Wizard doesn’t allow creating a trunk using SRV). Otherwise, a new SIP Server Table will need to be created. To create a new table, click the SIP Server Tables folder and then click the green plus (+) symbol at the top of the main window. 

Note that the Mindful SIP router supports DNS SRV records. Most versions of the Ribbon/Sonus SBC support SRV records, so the SBC will check for _sip._udp.fqdn or _sip._tls.fqdn when performing a DNS lookup against the SIP FQDN. 

Because the DNS Lookup type is determined when the SIP Server is created, and all SIP Servers within a SIP Server Table must have the same lookup type, if there is an existing SIP Server using IP/FQDN, this should be removed from the Mindful SIP Server table, and a new one created using DNS-SRV as shown:

Once this is selected, configure the new SIP Server similar to the screenshot below. Note that the FQDN shown is an example value - the Mindful Solution Delivery Team will provide the correct FQDN for your integration.

Mindful Callback SIP Profile

Quick Access: Settings > SIP > SIP Profiles

The SIP Profile defines some of the SIP parameters used for signaling. The Easy Config Wizard will create a new SIP Profile for the Mindful trunk, but if not using the wizard, it is recommended that a new profile should be created, even if there is an existing profile that may be suitable - just in case Mindful Support ever needs to recommend changing a parameter to avoid impacting any other SIP connections.

The following SIP Profile has been validated with Mindful. Note the Session Timer settings - by default the session timer is disabled, but it is recommended that a timer be used to expire any stale/stuck sessions that may occur due to network conditions.

The lower part of the SIP Profile configuration should look like this:

Call Routing - Transformation Table

Quick access: Settings > Call Routing > Transformation

The Call Routing section defines the route that calls take from one SIP entity to another. This section is split into two types of tables - the Call Routing Tables which list the possible routes out of the SBC, and the Transformation tables that are used by the Call Routing tables to match incoming calls.

The Call Routing section is not populated by the Easy Config Wizard, so the Call Routing entries will need to be created, starting with a new Transformation Table.

To create a new table, click the Transformation folder:

Then click the green plus (+) symbol in the Transformation tables window and create a new Transformation table named something like toMindful. Once the new table is created, click the new table under the Transformation folder. Add a new transformation entry in the table by clicking the green plus symbol.

The new transformation entry should be configured as shown:

Give the new entry a Description (such as Mindful Callback SIP Numbers) and leave the Match Type as Optional.

In the Input Field, set the type to Called Address/Number and for Value, add a regular expression that matches the pattern of the SIP numbers for your Mindful Organization. This example shows a regular expression that matches numbers that start with the prefix 28588, followed by four more digits. The Mindful Solution Delivery team will provide the SIP numbers used for your Organization.

For the Output Field, again set the Type to Called Address/Number and for Value, just set \1. This takes the value that is in the outer parenthesis in the matched Input field and uses the same value for the output field - so basically, the destination number is not changed.

Click Apply to save the new transformation.

Call Routing - Call Routing Tables (From Mindful Callback)

Quick Access: Settings > Call Routing > Call Routing Table

The Call Routing Tables are used to determine where to send calls once they arrive into the SBC, based on the Transformations used. For the Mindful integration, a new Call Routing Table will be created for calls arriving from Mindful, and an existing Call Routing table matching calls coming from the contact center is modified to also route calls that match the SIP number pattern in the new Transformation to Mindful.

This section describes the configuration of the new Call Routing Table for calls from Mindful. The modification of the Call Routing table for calls from the contact center will be described later as it requires the new Mindful Signaling Group to be created first.

To create the new Call Routing Table, select the Call Routing Tables folder, then click the green plus icon in the Call Routing Tables window.

Once the new table is created, click the new table under the Call Routing Table folder. Add a new Routing entry in the table by clicking the plus symbol. Two routing entries will be created, one to the contact center (Aura 7 in this example) that will be used to route agent-leg calls from Mindful to the contact center, and another that routes calls to the carrier/SIP provider (Twilio in this example), which will be used when calling the customer back during the callback. 

The first new entry will be the routing entry for the contact center - the Route Details section should look like the example shown here:

Give the new entry a name in the Description field (such as ToAvaya or ToGenesys). The route priority should be 1 and call priority normal. Select the existing Transformation Table that routes calls to your contact center (this would typically exist even before Mindful configuration is added to the SBC). 

In the Destination Information section, leave the destination type as Normal and add the destination signaling group(s) - in this example, the existing signaling group for the Avaya contact center has been added:

The Media section should be configured as shown:

Note that Audio Stream mode is DSP to facilitate different media between the endpoints. The Media List should be the list that is used by the Signaling Group used to direct calls to your contact center.

QoS settings have been left at defaults in this example.

Once the new Routing entry has been created, click Apply and then create a second Routing entry.

This second routing entry serves as a default/catch-all if the first routing entry is not matched (that is, the incoming calling number does not match any entries in the Transformation Table for the contact center). In that case, it is assumed that the call from Mindful is the customer leg call to be sent out through the SIP provider/carrier. 

The Route Details section for this entry should be configured as below. 

Note the Transformation Table used is a default table that is configured on installation of the SBC. The Passthrough Untouched Transformation Table simply passes through everything without matching or changing any values.

The Destination Information for this entry should be configured as shown:

The Destination Signaling Group will be the signaling group(s) used to send calls out to the PSTN from the SBC. In this example, a Signaling Group is configured for SIP provider Twilio.

The Media section should be configured as shown:

Note that Audio Stream mode is again configured with DSP to facilitate different media between the endpoints. The Media List should be the list that is used by the Signaling Group to direct calls to the PSTN, in this example the Twilio Media List.

QoS settings have been left at default settings in this example.

Once the new Routing entry has been created, click Apply.

Inbound Message Manipulation (REFER)

Quick access: Settings > SIP > Message Manipulation > Message Rule Tables

In order to correctly handle the SIP REFER from Mindful when a caller declines the callback offer and returns to the contact center queue, a message manipulation must be added. 

The message manipulation is configured as a message rule that applies the change to the Refer-To SIP header in all REFER messages. As this rule will only be configured within the Mindful signaling group as an inbound rule, it will only apply to SIP REFER messages from Mindful.

First create a new Message Rules Table by clicking the Message Rules Table folder:

Then add a new Message Rules Table by clicking the green plus icon in the Message Rules Table window. A new popup window will appear, and will be used to define the message rule criteria that will apply to the table. Give the new table a name - such as Refer-from-mindful.

For Applicable Messages, choose Selected Messages and then Add/Edit to add the Refer message type - a selection box will appear where the Refer message can be selected:

Click OK after selecting the Refer message and it will be added into the Message Selection list as shown:

Click OK to create the new Message Rule Table.

Once the table is created, click the new Message Rule Table under the Message Rule Tables folder, then click the Create Rule button and select Header Rule. The new message rule config window will pop up - configure as shown here:

Make sure the Header Action is set to Modify and the Refer-To Header name should be selected. To make sure this rule applies to all REFER messages, click the Add/Edit button next to Condition Expression. This will pop open a new Rule Condition Selection window:

Select Always Match, then click Apply.

For the Header value itself, it should be configured as shown:

The key parameters to set are the URI Host and URI Port which should be set to Remove. All other values should be set to Ignore.

When added as an inbound message manipulation in the Mindful signaling group, this will ensure that when Mindful sends a SIP REFER to the SBC, which will typically contain the SBC’s external IP and port in the Refer-To header value, the SBC will remove that host and port to avoid trying to turn that REFER into an INVITE back out to the SBC’s own external interface.

Outbound Message Manipulation (Routing Token)

Quick access: Settings > SIP > Message Manipulation > Message Rule Tables

The Mindful SIP Router validates and routes incoming SIP INVITEs using a dedicated custom SIP header called X-Mindful-Routing-Token. When your Mindful Organization is set up by the Solution Delivery Team, the routing token will be provided, and this needs to be sent as the value of the X-Mindful-Routing-Token SIP header in the INVITE to Mindful.

In the Ribbon SBC, this can be accomplished using a message rule which allows manipulation of the SIP/SDP headers at different stages of the call traversing through the SBC.

Create a new Message Manipulation Table. Next, select the Message Manipulation Table for calls to Mindful and add a new header rule as shown:

Note the Header Value to be added - the example value shown here should be replaced by the routing token provided by the Mindful Solution Delivery Team. To add it into the new rule, click Add/Edit next to the Header Value (Add), then enter the value as a literal, as seen below:

Click OK to save the value, and then OK again to save the new rule.

Signaling Group For Mindful

Quick access: Settings > Signaling Groups

The signaling group ties together all of the previous configuration in this guide, and if using the Easy Config Wizard, this is created automatically. If the wizard is used, it is still worth reading through the steps to configure a new signaling group below, to validate the configuration, as some changes will be necessary.

If not using the Easy Config Wizard, create the new Signaling Group by selecting the Signaling Groups folder and clicking the Add SIP SG button:

A new window will pop up into which the new Signaling Group configuration will be entered. The section at the top is where the name of the new signaling group is defined:

The SIP Channels and Routing section should be configured as seen below:

Key items in this section are:

• Call Routing Table - this will be the From Mindful Call Routing Table configured previously.
• No. of channels - this should be the max number of call sessions open at a time between Mindful and the Ribbon SBC. Remember that callbacks will use two channels - one for the agent leg, and one for the customer leg.
• SIP Profile - this will be the Mindful SIP profile created previously.
• SIP Mode - this should be set to Basic Call.
• Agent Type - Back-to-Back User Agent (B2BUA) 
• SIP Server Table - this will be the Mindful SIP Server table created previously.

In the Media Information section, the configuration should resemble the following:

The key items in this section are:

• Media List ID - the Mindful Media List created previously
• Tone Table - the default Tone Table can be used - the Easy Config Wizard, if used, will create a tone table for Mindful, but that is typically not necessary.

The Mapping Tables section can generally be left with the default values:

The SIP IP Details section contains some important configuration, and this will need to be configured regardless of whether the Signaling Group was created manually or by using the Easy Config Wizard:

Make sure the Signaling/Media Private IP has the public facing interface selected. If that interface is behind a NAT firewall, set the Outbound NAT Traversal to Static NAT and then enter the public IP for the interface into the NAT Public IP (Signaling/Media) field. This ensures that when the SBC sends a SIP message to Mindful, the interface’s internal IP is replaced with the public IP, so that the MIndful SIP proxy can send responses and requests back to the correct IP.

The Listen Ports section is where the listen port(s) and protocol(s) are defined. For non-TLS integration with Mindful, this should be set to UDP and the listening port set. This listening port should be configured in any firewall in front of the SBC, to allow incoming traffic from Mindful using that port. If the port is set to something other than the default 5060, pass that to the Mindful Solution Delivery Team so that the correct port is configured in the Mindful Organization and Call Targets.

The Federated IP/FQDN section defines the IPs and/or FQDNs that the SBC will use to match incoming SIP requests. This example shows a Mindful FQDN (this will be the same used in the Mindful SIP Server config, as well the /24 range of the Mindful public SIP IPs. The Mindful Solution Delivery team will provide these IP addresses.

The final sections to configure in the Signaling Group are the Message Manipulation sections - this will typically comprise of one inbound and one outbound entry:

Set the Message Manipulation to Enabled and then under Inbound Message Manipulation, use the Add/Edit button to add the Message Manipulation Table that was created previously. 

Outbound Message Manipulation - in here make sure the Message Manipulation table, in which the new Message Rule resides, is added to the Message Table List:

The Signaling group is now complete and can be applied.

Modify the Call Routing Table from the Contact Center

Quick access: Settings > Call Routing > Call Routing Tables

The final piece of configuration is to modify the Call Routing Tables used for calls coming from the contact center, so that it will route calls matching the Mindful transformation table properly.

The Call Routing Table from the contact center will already exist:

The example shows the default route table (not used) and three call routing tables used in the Mindful call flows:

• From Twilio PSTN - this is the Routing Table used for calls coming from the SIP Provider/Carrier.
• From Mindful - this is the Routing Table created previously to determine how to route calls coming from Mindful.
• From Avaya Aura 7 - this Routing Table is used to determine how to route calls coming from the contact center (in this example an Avaya Aura 7 contact center) and this is the one we want to modify.

Click the Call Routing Table to open the table. It will have one or more call routes already set up - in this example, just one call route is configured:

This determines that all calls coming from the contact center (Avaya Aura 7) will be routed out to the PSTN using the SIP provider (Twilio). In this example, this route will be expanded to show all route configuration, and the priority will be changed to 2 (lower priority).

Click the green plus icon to create a new routing entry. A new window will pop up - configure the Route Details section like so:

Note the Route Priority, which should be higher than the existing Routing entries (priority can be set to 1-10, with 1 being the highest priority and 10 being the lowest). The Transformation Table should be set to use the Mindful Transformation Table created previously.

The Destination Information section is configured with a Destination Type of Normal and using the Add/Edit button by Destination Signaling Group, add the newly created Mindful Signaling Group, as shown here:

In the Media section, select DSP as the Audio Stream Mode, and select the Mindful media list created previously.

The new routing entry can now be saved by clicking Apply. The Routing Table should now look more like this (note the two priorities):

Monitoring

You can see here that the new Mindful Signaling Group is shown with 10 channels as configured in the example Mindful Signaling Group. If monitoring via SIP Options was enabled in the Transport section of the Mindful SIP Server configuration, this will turn red if there is an issue with the signaling between Mindful and the SBC.

Option 2) SIP over TLS with SRTP

To secure the SIP and RTP traffic between the SBC and Mindful, some additional configuration needs to be performed on the SBC. These steps must be performed after the configuration in the previous section. If you have not already completed the steps in the previous section, we recommend going back to make sure the initial configuration is in place before proceeding.

Ensure that the Ribbon SBC has a valid server certificate.

This section describes the SBC server, Trusted CA certificates, and creating a TLS profile that will be used in both the Mindful SIP Server table and the Mindful Signaling Group.

To enable TLS for the connection to Mindful, a valid server certificate needs to be present in the Ribbon SBC. The SBC typically comes with a built-in certificate, but this did not work during Mindful testing and validation, so a new certificate signed by an external CA was imported into the SBC Primary Certificate table. Obtaining a signed certificate for your SBC is not covered in this guide - consult the documentation for your SBC for further details.

Download Entrust Root CA and Intermediate Root CA certificates

Mindful uses certificates signed by the Certificate Authority Entrust to provide secure SIP. As the Ribbon SBC requires both the Root and Intermediate Root CA certificates in the certificate chain, both must be downloaded before importing into the SBC’s Trusted Root Certificate table.

These can be downloaded at https://www.entrust.com/resources/certificate-solutions/tools/root-certificate-downloads.

Note that the G2 certificates are used with Mindful, so download both the Root Certificate and the (Non-EV SSL) CA – L1K Chain/Intermediate certificates as highlighted here:

Import Mindful Callback TLS Certificates

Quick access: Settings > Security > SBC Certificates > Trusted CA Certificates

Once the Entrust certificates are downloaded, select the Trusted CA Certificates table:

Next, click the small icon with the green arrow inside the Trusted CA Certificate table window. A window will pop up where the trusted certificate can be imported. Import one of the two certificates downloaded from Entrust - here the intermediate certificate has been selected:

Click OK, then repeat the Import step to import the other Entrust certificate. Once both Entrust certificates are imported, they will be listed in the Trusted CA Certificates table:

You can expand each certificate to view further details:

Create a New TLS Profile

Quick access: Settings > Security > TLS Profiles

Now that the Trusted CA Certificates are imported, a TLS profile needs to be created. Select the TLS Profiles folder, then click the green plus icon to create a new profile. A new window will pop up and the new profile should be configured as shown below:

All of the items shown with a blue border here should be set - note the certificate field, in which the SBC’s active server certificate should be selected. It is important to note that the Mutual Authentication and Validate Server FQDN parameters are set to Disabled.

Create a New SDES-SRTP Profile

Quick access: Settings > Media > SDES-SRTP Profiles

This section describes creating a new SDES/SRTP profile that will then be added to the Mindful Media List configuration.

The SDES-SRTP Profile defines the configuration used for secure media (SRTP in this case) between Mindful and the SBC. If an SDES-SRTP profile already exists, it may be possible to use that profile, if it matches the configuration shown below. Otherwise, a new profile should be created.

To create a new SDES-SRTP profile, select the SDES-SRTP Profiles folder, and in the SDES-SRTP Profiles window, click the green plus icon to create a new profile:

Modify the Mindful Media List

Quick access: Settings > Media > Media List 

Open the previously created Mindful Media List:

Set the SDES-SRTP Profile to the newly created Mindful SDES-SRTP Profile and click Apply to save the changes.

Update the Mindful Signaling Group

Quick access: Settings > Signaling Groups

Now that the TLS Profile and Media List have been updated, the Mindful Signaling Group can be updated.

Open the Mindful Signaling Group and make the following changes.

Firstly, only if the defect noted earlier required the outbound proxy/FQDN and port workaround, in the SIP Channels and Routing section, change the Outbound Proxy Port to match the TLS port of the Mindful SIP Proxy (typically 5061). Next, move down to the Listen Ports section and add a new listening port. Set the SBC listening port for TLS signaling, the Protocol to TLS, and select the Mindful TLS Profile created previously - you should now have two listening ports listed. 

Note that the UDP port cannot be removed yet, as the SIP Server associated with the Signaling Group is not yet configured to use TLS.

Update the Mindful SIP Server Table

Quick access: Settings > SIP > SIP Server Tables

Select the previously created Mindful SIP Server table and expand the SIP Server entry:

The port should be changed to the same TLS port recently updated in the Listen Ports section of the Signaling Group, and the Protocol should be changed to TLS. When TLS is selected, the TLS Profile parameter will appear and the newly created Mindful TLS profile should be selected. Click OK to apply.

Update the Mindful Signaling Group to Remove the UDP Listening Port

Quick access: Settings > Signaling Groups

The final piece of configuration is to remove the UDP listening port from the Mindful Signaling Group. Open the Mindful Signaling Group and move down to the Listen Ports section. Check the box by the UDP listening port entry:

Once the UDP entry is deleted, the Listen Ports section will now only show the TLS listening port:

The configuration is now complete and ready for testing.