We just moved to Teams. Calls/meeting inside our network have choppy video/voice quality. People outside the network have no issues. Only if the traffic traverses the UTM does it have issue.
Does anyone have a writeup on how to configure the UTM so it doesn't mess with Teams traffic?
We had a lot of customers with VoIP and Webconf issues (Teams, Skype for Business and Zoom). The magic trick for us was to disable SYN flood protection. The difference was huge.
I have IPS exceptions (from and to) for the Teams ports (UDP 3478-3481)
Helped a lot
Did you do all the 'skip these checks' check boxes?
Also, when you say 'in and out. you means source ports in that range and another line with destination ports in that range?
correct, I skip all checks here.
And I have two services in this rule: 1:65636 -> 3478:3481 and vice versa
Essential is to skip flood protection check
You might also take a look at https://docs.microsoft.com/en-us/office365/enterprise/urls-and-ip-address-ranges#skype-for-business-online-and-microsoft-teams.
At one of my clients, I determined that Teams caused a tremendous amount of virtual memory swapping in the UTM even after skipping both Web Filtering and Snort (IPS). What UTM do you have and what are your Internet speeds?
Cheers - Bob
Thanks for that. SG450.
Depending on the download speed of your internet connection, unless you have more than 8 internal users on a call, I would think you should be OK just excepting the UDP traffic as suggested by papa_.
We have gigabit internet. Only 8 internal? We have 20-25 people on calls.
If you have 20-25 people in the office on call(s) at the same time, you might want to watch top at the command line.
Let us know if you see high %sy when folks complain.
Cheers - Bob
Here are my Exceptions for Intrusion Prevention and Web Filtering:
Thanks a lot! I will try this and see what happens.