AVAYA DOCUMENTATION CENTER
Find answers to your technical questions and learn how to use our products
Administering Avaya Session Border Controller
Remote worker overview
Remote Worker
Avaya SBC delivers security to a SIP-based enterprise network. This chapter describes how to configure Avaya SBC for Avaya Aura® remote worker.
The remote worker feature supports SIP deployments and extends access to the features of an internal enterprise Unified Communications (UC) and Call Center (CC) network. Therefore, a remote worker can also be a CC agent. The extended features include firewall/Network Address Translation (NAT) traversal, encryption, user authentication, and enforcement of session-endpoint call policies.
When a remote worker outside the enterprise network calls a user inside the core enterprise network, Avaya SBC decrypts the SRTP media, if present, coming to the enterprise from the external IP network, that is the internet. The SBC performs any required NAT, analyzes traffic for anomalous behavior, applies the relevant Unified Communications media policies, and then passes the RTP/SRTP stream to the intended recipient.
The following diagram shows a typical remote worker topology:
To configure IPv6 support for Remote Worker, you must have:
IPv6 address provisioned in signaling address interface.
Media interface must have primary and secondary interface publishing both IPv4 and IPv6 addresses.
Tolerant field must be enabled in the server flow.
Remote Worker best practices
Download the settings and firmware files using a proxy server, which requires a different external IP address.
Configure the firewall on Avaya Aura® Session Manager to whitelist the Avaya SBC internal IP.
Configure Media or Signaling QoS on Avaya SBC. Enable SIP Video specifically on Avaya SBC, if required.
Add emergency numbers in the Emergency URI Group.
Forward video/audio signaling and media ports for customer firewall configuration.
Disable SIP Application Layer Gateway (ALG) on firewalls. As part of SIP ALG functionality, firewalls actively interpret SIP messages and modify them.
For basic debugging of Avaya SBC, take a packet capture or run the traceSBC command to determine whether the issue is with Avaya SBC. If further debugging is required, enable debug logs and get the appropriate logs. For troubleshooting, see Viewing current system incidents and Viewing current system alarms.
Review the Avaya SBC, Avaya Aura® Session Manager, and endpoint release notes for fixes, limitations, and workarounds.
Note:Avaya SBC supports maximum 512 active IPs. Avaya SBC can accept connections from 512 IP addresses simultaneously.