zoom is domain based zoom.us. works for webex as well webex.com.
I haven’t looked at teams yet since work has borked up our teams integration and will probably require that I use the work VM client rather than a native client. (Just tested, yes internal network only)
Tcpdump/Wireshark will usually give you the main DNS domains quickly.
It also depends on if you are using native Teams with servers on prem, or O365 integration.
Check on the " Skype for Business Online and Microsoft Teams" section. You can probably get by with using the domain names + your business domain.
I would assume that if it doesn’t say “ER Yes” that it isn’t really required. Express Route is the method that large businesses will peer internally to microsoft to provide the service. and If it doesn’t go via Express route it is blocked.
If you can’t get a set of rules to work, then I have often just set the IP address of the one computer I need for the SF tunnel in a rule. Which works for home networks.
Thank you so much! I will dig around and see what I can find.
I made some tweaks to my configuration based on your feedback, including an outbound rule which routes all traffic from my work laptop over SFC. Since I use Teams (O365) from another computer, I’d like to try to route that traffic if possible as well.
I have Starlink as well and was thinking about trying to find a used 20X for the same thing, do you have it configured to show stats from the dish? If I only want the hot failover option for LTE ( no bonding) do I need to subscribe to PrimeCare?
Thanks, totally new to all this and its a bit overwhelming
20X’s have only been sold for the past year, so there won’t be a thriving secondary market for them.
If you don’t have PrimeCare and the SpeedFusion ability then your failover will be of the quality listed in the earliest posts in this thread. 10-15 seconds of lost traffic until the health checks kick in and switch lines. Ok for streaming, not for zoom, VPN and other interactive work. I had my SF tunnels not enable yesterday and I wondered why my work remote access kept locking up.
Yes, you can reach the statistics page, but you have to also put in a switch and use one of the workarounds discussed this this thread:
If you aren’t going to use the SDWan capabilities, you would probably be better off with a generic PFsense or OPNsense system. Those support “up/down” on multiple WAN links and static routes on the WAN for the statistics.
Hi Paul, thanks for responding, I ended up purchasing a new Balance20X last night, as well as a GS105 switch for the work around - so I will have PrimeCare
That will be a solid investment.
I’m using the USB ethernet dongle WAN for my access to the statistics currently… you can use any of the 3-4 methods discussed in that thread depending on what hardware you have sitting around.
Got everything set up, a friend helped out with the settings, love the interface, its really intuitive! and I’m successfully using the USB to get the statistics page, working great, even saw some ostructions last night that I was not aware of, time to trim the trees. One issue, even with the LTE modem set to be always connected, im looking at the event log and have a ton of short outages which have been disconnecting Teams calls - can the Speedfusion in the cloud help with this?
Yes, that is what SpeedFusion tunnels will do. We talked about our tunnel settings on Mar 10th (up thread) I use a FusionHub endpoint rather than SFcloud because I need inbound access, not just outbound, but the SpeedFusion part is similar.
You then use an Outbound Policy to send the critical data via the tunnel. I have moved my WAN smoothing up to Medium since I could still get some issues on Zoom.
Thanks, I spent an hour trying to figure out how to activate it, the link in the announcement you included was the first time I saw anything about how to activate it, ( which I was able to) I wish that had been easier to find LOL - Im using Zoom and Teams O365 from a single computer , what do I change now that SF is activated?
We indicated above the settings for zoom: outbound policy, use destination domain name zoom.us. You must be using the 20X for DNS, not going directly to 8.8.8.8 or other DNS servers. I can’t use teams, so the summary from above is the best information I have.
You can set up a policy for a specific machine by IP, to simply route all of its traffic out the SFC if individual applications can’t be identified.
You can see under “Status: Active Sessions: Search” which route each TCP and UDP sessions are using…
I found these IPs for Teams, this is what I set up, is it required to add the domains shown in the MS link provided as well? thank you all for your help!
Thanks, so there for zoom and teams ( and any other similar platform ) you just put Cloud SFC in the “Highest Priority” and leave the "WAN(starlink) (and in my LTE) in the “Not in Use”
I don’t have a Teams rule, since I can’t run teams outside of the corporate network.
But I put the SFC at the highest priority, then the WAN’s below it, since there can be network scenarios where the SFC doesn’t establish.
the UDP rule would probably be just for the real time communication content. I don’t know how much a live teams meeting relies on 443 for other content during or before a session.
To be sure you have 100% of the rules needed for teams would be to put in a deny rule (throw away the traffic from the test IP) after all of the teams rules. If you can still run a complete cycle of a teams session without error, then you have found all of the necessary rules.
