Here’s how to troubleshoot your encrypted Microsoft Teams environment
Microsoft Teams has had many major outages, for example on November 25 and December 9 of 2024. In addition, many features don’t work depending on which Endpoint you are working from: Windows, Apple Mac, web browser or Teams App. Microphones don’t activate; configurations disappear; lines go out of service; etc, etc.
- Teams does not produce advanced early ringtone and many problems exist relating to from where the ringing is generated. In addition, voicemails are not received and there are frequent problems with wireless networks, sometimes involving one-way audio.
- Service providers offering Microsoft Teams through a Direct Routing connection with Microsoft, can add value by offering service assurance. This article explains how you can build-in troubleshooting capabilities, providing a service to your customers to troubleshoot issues End-to-End from their client through the Microsoft Teams cloud to the PSTN.
How to Distinguish Your Microsoft Teams Service Offering
- You can provide detailed specific accurate root cause analysis of problems with a Teams service when discussing with your Microsoft rep.
- And you can monitor continuous KPI’s.
- Alerting to you problems to advise your client businesses to work around. For example, if there is a major Stake Holder conference call scheduled, you could offer an alternative service.
- You can use this to compare performance with alternative UCaaS solutions.
Below you can see the topologies for the different configurations.
What to do?
If you have a problem with Microsoft Teams, what do you do? Try logging a Trouble ticket with a large bureaucracy and expect an answer within the normal response time that you like to provide your customers?
Which vendor do you focus on for help?
Microsoft, your SIP trunking vendor connecting you to the PSTN, or your SBC>, which if correctly configured, can fix interoperability and ameliorate other problems?
Teraquant has found over the years that if you present the big vendor with the root cause of the problem and the evidence to back it up, you can normally guide them to fixing the problem they are causing you.
Monitoring Your Network
Microsoft Teams is encrypted End-to-End from your Customers’ laptop and Teams user client, through the Teams cloud to your Direct Routing SBC which terminates the encrypted link from the cloud
The type of encryption used for the connection is TLS 1.2 or TLS 1.3 and ensures protection against man in the middle interception and Perfect Forward Secrecy. In order to troubleshoot this, it is necessary to terminate the TLS connection in your network and route the packets to the analyzer.
This is done using an in-line device which ensures availability and fail-safe connection for your mission critical at work operations. It’s used in many of the biggest banks world-wide with zero down-time.
Capturing packets directly from the Direct Routing link provides answers in real time and has zero impact on the performance of the SBC.
Methods to Analyze Teams Call Flows Involving EOM
In-line ETO device to decrypt and send north-bound cleartext to OCOM Probe for analysis
- TLS 1.3 requires exclusively Diffie Hellman Deployment Architecture.
- TLS 1.2 offers Diffie Hellman.
- E.g. TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384.
- Must be in-line and implement the TLS negotiation.
- No private keys exist out-of band to be manually exchanged.
- Allows for PFS.
Teams Analysis Call Flow Including Client Leg
Requires a connection to the Microsoft Graph Service (see below), but provides end-to-end visibility in Message Flow for Direct Routing.
Only Teraquant can provide you with comprehensive end-to-end monitoring of a Microsoft Teams service, troubleshooting on user traffic.
Teraquant’s distinct solution for encrypted TEAMS calls on Direct Routing is totally vendor agnostic, does not require any specific vendor SBC and allows you to record, review and analyze audio in detail to determine all voice quality and service impacting problems, including one-way audio and other call quality defects.