Microsoft Teams VoIP Traffic Bypass

  • 2 August 2023
  • 1 reply

Badge +2

I know it is not recommended to steer VoIP traffic to Netskope because it adds additional hops to reach the destination causing possible performance/audio drops.

I tried bypassing MS Teams in the past in our environment and experienced slower speeds and conditional access issues. What would be the best way to bypass VoIP traffic on ports 3478-3481 to the authentication URL with conditional access in mind?

1 reply

Userlevel 6
Badge +16


Are you utilizing Netskope's Web or Cloud Firewall steering?  Additionally, does Conditional Access occur on those UDP ports?  My understanding is Conditional Access is applied at authentication time and when the token is reevaluated but both of these operate over TLS on port 443.  If that's the case (I'd recommend confirming with Microsoft) then bypassing the UDP ports should not cause a change in Conditional Access as the auth and login traffic should still egress Netskope or your premises if your original configurations routes back to your premises.