The IM and Presence Service supports business to business interdomain federation with Office 365 via Expressway. With this deployment, Expressway sits between the two systems and relays traffic.
Expressway operates with a pair of servers: Expressway-C sits within the enterprise network and connects to the IM and Presence Service and Expressway-E sits at the edge of the enterprise domain and communicates with the Office 365 domain
Office 365 Interdomain Federation Task Flow
Complete these tasks on the IM and Presence Service to configure business to business interdomain federation with an Office 365 deployment.
Configure Expressway for interdomain federation with Office 365.
Add DNS SRV Record for the IM and Presence Service
Configure a public DNS SRV record for the IM and Presence Service. The record must resolve to the Expressway-E IP address. Skype for Business will use this record to route traffic to IM and Presence Service via Expressway.
where expwye is the domain for Expressway-E.
You can still configure interdomain federation without the DNS SRV record, but you will have to add the route manually in the Skype for Business server. If you choose to do this, you can skip this task.
After you add your SIP Federated domain, you must restart the Cisco XCP Router.
From Cisco Unified IM and Presence Serviceability, choose Tools > Control Center - Network Services.
As a shortcut, you can also get to the Control Center - Network Services window from the Cisco Unified Communications Manager Cisco Cloud Onboarding Configuration window by clicking the Control Center - Network Services link when that link appears in the Status message.
From the Server drop-down list box, choose the IM and Presence database publisher node and click Go.
Under IM and Presence Services, select the Cisco XCP Router service.
Repeat this procedure for all IM and Presence Service cluster nodes.
On the IM and Presence Service, add inbound access control list (ACL) entries for the Expressway-C server so that Expressway-C can access the IM and Presence Service without authentication. For multicluster deployments, complete this procedure on each cluster.
If you have an ACL that provides global access (Allow from all), or an ACL which provides access to the domain on which the Expressway-C server resides (for example, Allow from company.com) then you do not need to add ACL entries for the Expressway-C server.
Log in to the IM and Presence Service publisher node.
From Cisco Unified CM IM Administration, choose System > Security > Incoming ACL.
Create your ACL entries:
Click Add New.
Enter a Description for the new ACL entry. For example, Skype for Business Federation via Expressway-C.
Enter an Address Pattern that provides access to the Expressway-C IP address or FQDN. For example, Allow from 10.10.10.1 or Allow from expwyc.company.com.
Repeat this set of steps to create another ACL entry. To provide server access, you need two entries: an ACL with the server IP address, and an ACL with the server FQDN.
Configure Expressway for Federation with Office 365
After interdomain federation is configured on the IM and Presence Service, set up Cisco Expressway for business to business interdomain federation with Office 365. For Expressway configuration details, see Cisco Expressway Options with Cisco Meeting Server and/or Microsoft Infrastructure at: