Got everything set up, a friend helped out with the settings, love the interface, its really intuitive! and I’m successfully using the USB to get the statistics page, working great, even saw some ostructions last night that I was not aware of, time to trim the trees. One issue, even with the LTE modem set to be always connected, im looking at the event log and have a ton of short outages which have been disconnecting Teams calls - can the Speedfusion in the cloud help with this?
Yes, that is what SpeedFusion tunnels will do. We talked about our tunnel settings on Mar 10th (up thread) I use a FusionHub endpoint rather than SFcloud because I need inbound access, not just outbound, but the SpeedFusion part is similar.
You then use an Outbound Policy to send the critical data via the tunnel. I have moved my WAN smoothing up to Medium since I could still get some issues on Zoom.
Thanks, I spent an hour trying to figure out how to activate it, the link in the announcement you included was the first time I saw anything about how to activate it, ( which I was able to) I wish that had been easier to find LOL - Im using Zoom and Teams O365 from a single computer , what do I change now that SF is activated?
We indicated above the settings for zoom: outbound policy, use destination domain name zoom.us. You must be using the 20X for DNS, not going directly to 8.8.8.8 or other DNS servers. I can’t use teams, so the summary from above is the best information I have.
You can set up a policy for a specific machine by IP, to simply route all of its traffic out the SFC if individual applications can’t be identified.
You can see under “Status: Active Sessions: Search” which route each TCP and UDP sessions are using…
I found these IPs for Teams, this is what I set up, is it required to add the domains shown in the MS link provided as well? thank you all for your help!
Thanks, so there for zoom and teams ( and any other similar platform ) you just put Cloud SFC in the “Highest Priority” and leave the "WAN(starlink) (and in my LTE) in the “Not in Use”
I don’t have a Teams rule, since I can’t run teams outside of the corporate network.
But I put the SFC at the highest priority, then the WAN’s below it, since there can be network scenarios where the SFC doesn’t establish.
the UDP rule would probably be just for the real time communication content. I don’t know how much a live teams meeting relies on 443 for other content during or before a session.
To be sure you have 100% of the rules needed for teams would be to put in a deny rule (throw away the traffic from the test IP) after all of the teams rules. If you can still run a complete cycle of a teams session without error, then you have found all of the necessary rules.
What I see there is that there is a number of teams “https” sessions that all are going via Starlink… 52.113.205.224:443 for example. They are teams related. Are they core to the application? Is the slower fail over good enough?.. The UDP voice and video packets might be good enough… might not… Just realize that it isn’t all of it.
Great observation! Maybe the configuration could stand some additional tweaking. I will say that as I noted initially, my Teams calls have been going great with no drop outs. So maybe those https sessions aren’t as critical.
That is the phone app trying to get statistics from the Starlink router. Do you actually use the provided router? (saw that you do…)
If you don’t then just deny them via Firewall rules and they will disappear.
I didn’t notice it because I actually have a 192.168.1.0/24 network route to a DSL modem, that goes via a Juniper SRX that I assume is blocking all of those.
Yes, just set them to log->deny, and they show up in the firewall Log.
yes I found that too, but the specific rules actually needed to add to the outbound policy - like for teams there was no need to add IPs or domains, just the UDP port range,