CLI Suppression, Federated Lync Calls, and SimRing

Here’s something interesting I saw recently.

It’s a little involved, I’ll do my best to explain (there will be diagrams)… so, imagine this situation…

CLI Suppression in PSTN Calls

For security, secrecy, or customer engagement / marketing reasons – users are not supposed to give out their personal numbers… Therefore BigCorp have voice routes that hides the DDI of all their staff. All outbound calls present their main office number, lets say 0845 111 1111 (+448451111111).

Which is fine. Everyday standard stuff…



What about federated or forwarded calls?

BigCorp and LittleOrg both use Lync Enterprise Voice. Now lets say Mr Smith, BigCorp’s boss calls me in LittleOrg via Lync, and I’ve got Call Forwarding, or Simultaneous Ringing configured… I now see BigCorp’s boss’s PSTN DDI ringing my mobile.

And I can sell this to hundreds of marketing companies and retire 🙂

Lets have a look at the call flow in this situation…


The important piece of information to allow this comes from the P-Asserted-Identity header of the SIP INVITE message that leaves BigOrg. This includes the display name, SIP URI, as well as the Line URI of the caller, which gets used on the final leg of the call to my mobile.


Well, none really. If Mr Smith wants to make a Federated Lync call, he should be aware that it’s not anonymous. However, he may not realise that there is an unexpected side effect which discloses his DDI.

Tweet about this on TwitterShare on LinkedInShare on Facebook
Pin on PinterestShare on Google+Digg thisShare on RedditShare on StumbleUponEmail this to someone

About Graham Cropley

Working as a Senior Consultant for Skype for Business, Exchange, and Office 365.


  1. Would an sbc be able to be inserted in edge path the modify the p-assert info to be the listed directory number?

    • Unfortunately an SBC wouldn’t sit in front of the Edge, SBCs are used between Lync Mediation and PSTN.

      But after I wrote this article I was wondering what options we’d have. The first thing I played with was to assign a DDI to the users PrivateLine, and blank out the LineURI, then the DDI doesn’t get passed on in the PAI… but would very likely cause more issues for the user than it would be helpful. So, I wouldn’t go down that route, but it was interesting to see what happened.

      The other would be to look at using MSPL to strip or replace SIP Headers, but it’s probably not recommended to mess with the PAI unless you’re sure it can’t be abused or miss-used. But you would still need to break out to managed code to remove/update SIP Headers, you’re limited to what you can do with MSPL directly.

Leave a Reply

Your email address will not be published. Required fields are marked *