I’m trying to help a customer with their Yealink phones. Their provider is Zoom.
I’m 99% sure this is not my problem, but I’m chronically too nice to people so I’m helping anyway. So apparently when they go to dial out they’ll get a message on the screen saying “Forbidden”. I’m not sure if there’s more to the message because I only know what they’re telling me. When this starts happening their IT guy says the phones show up as “offline” in whatever management portal they’re using. They factory reset the phone, it reprovisions, shows up as “online” in their portal and works again for some period of minutes or hours and then does the same thing again. I asked if a simple reboot works, but the IT guy says they factory reset instead of reboot because it’s so easy to do 🙄. They point at me because the phone is “offline”, and they’re tying it to network maintenance that was done on Monday morning, but their story is not totally consistent about what day it started. May have been Monday, may have been last week, depends who you ask. I’ve taken packet captures and I can see the supposedly “offline” phone talking on port 443 to an AWS server (I assume provisioning server) and talking to Zoom on port 5091. That’s all TLS/SSL so I can’t see the messages, but they’re definitely still talking to the mothership when they’re reported as “offline”. They also do other normal stuff like DNS queries, NTP sync, and normal LAN chatter like CDP, ARP, etc. I also checked for packet loss to the phones and there’s none/negligible loss. So I’m telling these guys your phones are 100% definitely not offline. I told them they need to check with Zoom to see what application layer messages are happening, because due to the encryption I don’t have a clue, but I’d wager the carrier is sending back a 403 Forbidden for some reason. Below is a screenshot of his management tool (customer name blocked out). I don’t recognize it, maybe one of you all does. In the meantime I’m wondering if the collective has seen something like this with Yealink and/or Zoom. Any wild-ass guesses?
-- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com
