Yes. In this case the service is not used. Stiles
Tony Graziano wrote: > Does the cable modem provider offer a voice service? > ============================ > Tony Graziano, Manager > Telephone: 434.984.8430 > Fax: 434.984.8431 > > Email: tgrazi...@myitdepartment.net > > LAN/Telephony/Security and Control Systems Helpdesk: > Telephone: 434.984.8426 > Fax: 434.984.8427 > > Helpdesk Contract Customers: > http://www.myitdepartment.net/gethelp/ > > ----- Original Message ----- > From: sipx-users-boun...@list.sipfoundry.org > <sipx-users-boun...@list.sipfoundry.org> > To: Discussion list for users of sipXecs software > <sipx-users@list.sipfoundry.org> > Sent: Tue Sep 21 12:01:58 2010 > Subject: Re: [sipx-users] SRV records for ftp > > OK, I think I'm down to my last issue. > > What works: > * I can place incoming calls from the PSTN through flowroute > * From the PSTN, I can dial the remote extension from the auto attendant > and audio works in both directions > > What does not > * I can dial out to the PSTN from the remote extension and I have audio > from the person called, but no audio from the remote. > > The last problem exists regardless of what I physically do on the remote > end. I have tried the remote phone behind 3 different routers. I have > tried having the phone behind VPN and not behind VPN (outbound proxy on > phone was always set to the local WAN in both cases). I even tried > plugging the phone directly into the cable modem so no router/firewall > is involved and the phone's IP was the remote WAN. The same problem > exists regardless of what I do. > > This leads me to the conclusion that it is not a remote SIP ALG or > firewall issue. > > * The pubic IP setting under Server-->NAT is set to the local WAN > * Under Internet Calling-->NAT both boxes are checked > * Intranet Domains is set to the correct domain > * Intranet Subnets is set the company's LAN subnet in the following > format: xxx.xxx.xxx.0/24 > * SIP ALG is turned off on the local sonicwall > * firewall rules and NAT rules are in place > > Any clues? > > Stiles > > > Tony Graziano wrote: > >> On Mon, Sep 20, 2010 at 2:19 PM, Stiles Watson <wat...@datatek-net.com >> <mailto:wat...@datatek-net.com>> wrote: >> >> See response below: >> >> Tony Graziano wrote: >> > When you generate a profile, it creates the configuration files the >> > phone needs. >> > >> > When you get a 0x error on booting a polycom it is usually >> because the >> > profile is there or there is a firmware you are trying to send the >> > phone that is not compatible. then you see it constantly reboot and >> > repeat the cycle. >> > >> > YOU MUST send the profile (even if the phone is not plugged in) >> or the >> > phone cannot pick it up. That's how the configs are generated. >> (all of >> > this is in the book, btw). >> Thanks, understood. >> > >> > If you have no audio, you should ensure the registration is >> occurring >> > properly in sipxconfig >> > >> > it should give you the real IP address of the remote firewall with a >> > private contact address of the phone (phone internal ip address). >> I'm assuming when you say real IP you mean the remote WAN >> IP. If >> that is true then, yes that is how the registration appears under >> Diagnostics-->Registrations. >> > >> > if you are having audio issues, you must ENSURE the SPI (stateful >> > packet filtering) and SIP ALG is turned off on the remote firewall. >> > you must also ensure the server is set to behind nat, remote >> users are >> > enabled, and that your intranet subnets are properly defined. >> * Remote SPI is off >> * as far as I am aware DD-WRT (v24 (05/24/08) vpn -- not voip) >> has no SIP ALG >> * Server behind NAT is checked >> * remote users are enabled >> * For intranet subnets, does the remote user's subnet have >> to be >> added? I'm assuming so, but I just want to be sure. >> >> No. Only if it is on WAN or VPN (route to it without NAT) should it be >> added there. >> >> The sipx server page should also have your NAT setting with the public >> facing ip of sipx configured. >> >> Independently ddwrt may have sipxroxd or milkfish compiled with it, so >> you ought to check on that and make sure it is disabled... >> >> >> Still does not work, but I'll keep digging. >> >> Stiles >> > >> > On Mon, Sep 20, 2010 at 1:37 PM, Stiles Watson >> <wat...@datatek-net.com <mailto:wat...@datatek-net.com> >> > <mailto:wat...@datatek-net.com <mailto:wat...@datatek-net.com>>> >> wrote: >> > >> > you wrote, "Is it just this hard for you?" >> > >> > I'm not sure how to take that. >> > >> > Anyway, I did as you said and clicked "Send Profiles." The >> job failed >> > due to timeout, but it must have generated all the files, >> because >> > on the >> > next reboot, the phone registered - via tftp! >> > >> > I know you think it's easier to use FTP, but I have to work >> within the >> > resources and limitations I have. >> > >> > Thanks again for your help and insight. >> > >> > BTW, I can dial another extension, but I get no audio. I'll >> try do dig >> > that out on my own via the book, the wiki and the archives >> before I >> > bother anyone else. >> > >> > Stiles >> > >> > >> > Tony Graziano wrote: >> > > Go to the phone in sipxconfig and generate (push) profile >> to the >> > phone. A >> > > reboot of the phone is not necessary. >> > > >> > > Is it just this hard for you? >> > > >> > > Hopefully you don't have a version of firmware earlier than >> > 3.2.1. A 335 is >> > > a difficult phone to deploy remotely with a polycom r.e >> bug. If >> > I were you >> > > I'd turn off any device files (inactivate) so you aren't >> > mistakenly trying >> > > to push an ealier version. >> > > ============================ >> > > Tony Graziano, Manager >> > > Telephone: 434.984.8430 >> > > Fax: 434.984.8431 >> > > >> > > Email: tgrazi...@myitdepartment.net >> <mailto:tgrazi...@myitdepartment.net> >> > <mailto:tgrazi...@myitdepartment.net >> <mailto:tgrazi...@myitdepartment.net>> >> > > >> > > LAN/Telephony/Security and Control Systems Helpdesk: >> > > Telephone: 434.984.8426 >> > > Fax: 434.984.8427 >> > > >> > > Helpdesk Contract Customers: >> > > http://www.myitdepartment.net/gethelp/ >> > > >> > > ----- Original Message ----- >> > > From: sipx-users-boun...@list.sipfoundry.org >> <mailto:sipx-users-boun...@list.sipfoundry.org> >> > <mailto:sipx-users-boun...@list.sipfoundry.org >> <mailto:sipx-users-boun...@list.sipfoundry.org>> >> > > <sipx-users-boun...@list.sipfoundry.org >> <mailto:sipx-users-boun...@list.sipfoundry.org> >> > <mailto:sipx-users-boun...@list.sipfoundry.org >> <mailto:sipx-users-boun...@list.sipfoundry.org>>> >> > > To: Discussion list for users of sipXecs software >> > > <sipx-users@list.sipfoundry.org >> <mailto:sipx-users@list.sipfoundry.org> >> > <mailto:sipx-users@list.sipfoundry.org >> <mailto:sipx-users@list.sipfoundry.org>>> >> > > Sent: Mon Sep 20 13:06:57 2010 >> > > Subject: Re: [sipx-users] SRV records for ftp >> > > >> > > That is very true. >> > > >> > > Interesting development: I pulled down the polycom ip 335 >> admin >> > guide >> > > and on the top of page 41 (3-5) there is the following note: >> > > >> > > "Setting Option 66 to tftp://192.168.9.10 >> <http://192.168.9.10> <http://192.168.9.10> >> > has the effect of forcing a >> > > TFTP download. Using a TFTP URL (for example, >> > > tftp://provserver.polycom.com >> <http://provserver.polycom.com> <http://provserver.polycom.com>) >> > has the same effect." >> > > >> > > So, I manually configed the phone and set the "Server Type" to >> > > "TrivalFTP," and set the "Server Address" to >> > "tftp://24.106.178.178 <http://24.106.178.178> >> <http://24.106.178.178>" >> > > (the WAN), opened the firewall to allow tftp traffic to >> the sipxecs >> > > subnet, added appropriate NAT policies, rebooted the phone >> and ... >> > > >> > > I get "Config file error Error is 0x20" and the phone >> continuously >> > > reboots. On reboot, the phone displays "Updating Config," gets >> > an IP, >> > > displays the error and the process starts all over again. >> > > >> > > I'm assuming this means it actually tried to get a file >> from the >> > server >> > > and there is either something wrong with the file or no >> file was >> > found, >> > > but that is just a guess. Based on this assumption, I >> executed a >> > find >> > > for the MAC.cfg on the server, but nothing was found, >> which seems >> > > incorrect. >> > > >> > > Am I getting closer or just spinning my wheels? >> > > >> > > Stiles >> > > >> > > >> > > Tony Graziano wrote: >> > > >> > >> You changes the sip password in sipxconfig since the phone >> > loaded its >> > >> profile last. >> > >> ============================ >> > >> Tony Graziano, Manager >> > >> Telephone: 434.984.8430 >> > >> Fax: 434.984.8431 >> > >> >> > >> Email: tgrazi...@myitdepartment.net >> <mailto:tgrazi...@myitdepartment.net> >> > <mailto:tgrazi...@myitdepartment.net >> <mailto:tgrazi...@myitdepartment.net>> >> > >> >> > >> LAN/Telephony/Security and Control Systems Helpdesk: >> > >> Telephone: 434.984.8426 >> > >> Fax: 434.984.8427 >> > >> >> > >> Helpdesk Contract Customers: >> > >> http://www.myitdepartment.net/gethelp/ >> > >> >> > >> ----- Original Message ----- >> > >> From: sipx-users-boun...@list.sipfoundry.org >> <mailto:sipx-users-boun...@list.sipfoundry.org> >> > <mailto:sipx-users-boun...@list.sipfoundry.org >> <mailto:sipx-users-boun...@list.sipfoundry.org>> >> > >> <sipx-users-boun...@list.sipfoundry.org >> <mailto:sipx-users-boun...@list.sipfoundry.org> >> > <mailto:sipx-users-boun...@list.sipfoundry.org >> <mailto:sipx-users-boun...@list.sipfoundry.org>>> >> > >> To: Discussion list for users of sipXecs software >> > >> <sipx-users@list.sipfoundry.org >> <mailto:sipx-users@list.sipfoundry.org> >> > <mailto:sipx-users@list.sipfoundry.org >> <mailto:sipx-users@list.sipfoundry.org>>> >> > >> Sent: Mon Sep 20 12:02:33 2010 >> > >> Subject: Re: [sipx-users] SRV records for ftp >> > >> >> > >> The registration request is getting to sipx. I turned the >> > logging level >> > >> to DEBUG, restarted the services and executed following: >> > >> >> > >> tail -f /var/log/sipxpbx/sipXproxy.log | grep "REGISTER >> sip" | grep >> > >> "1...@datatek-net.com <mailto:1...@datatek-net.com> >> <mailto:1...@datatek-net.com <mailto:1...@datatek-net.com>>" > >> > regdebug141.log >> > >> >> > >> After the polycom reboot completed, I executed >> > >> >> > >> wc -l regdebug141.log >> > >> >> > >> and received "17 regdebug141.log" as the result. I then >> executed >> > >> >> > >> grep -i received regdebug141.log | wc -l >> > >> >> > >> with a result of '9'. When I tail >> > /var/log/sipxpbx/sipregistrar.log I >> > >> see the following: >> > >> >> > >> >> > >> >> "2010-09-20T15:19:11.048702Z":33020:AUTH:DEBUG:sipx.datatek-net.com:SipRegistrarServer:B6C81B90:SipRegistrar:"SipRegistrarServer::isAuthorized >> > >> fromNameAddr='\"Stiles >> > >> Watson\"<sip:1...@datatek-net.com >> <mailto:sip%3a...@datatek-net.com> >> > <mailto:sip%3a...@datatek-net.com >> <mailto:sip%253a...@datatek-net.com>>>;tag=1F8AD21E-973871A1', >> > >> toUri='sip:1...@datatek-net.com >> <mailto:sip%3a...@datatek-net.com> >> > <mailto:sip%3a...@datatek-net.com >> <mailto:sip%253a...@datatek-net.com>>', realm='datatek-net.com >> <http://datatek-net.com> >> > <http://datatek-net.com>'" >> > >> >> > >> >> "2010-09-20T15:19:11.051052Z":33028:AUTH:ERR:sipx.datatek-net.com:SipRegistrarServer:B6C81B90:SipRegistrar:"Response >> > >> auth hash does not match (bad password?) >> > toUri='sip:1...@datatek-net.com >> <mailto:sip%3a...@datatek-net.com> >> <mailto:sip%3a...@datatek-net.com >> <mailto:sip%253a...@datatek-net.com>>' >> > >> requestUser='141/0004f22d79be' >> > >> requestNonce='473b74442d2dcf443a0823b9dbbdefaa4c977b6e' >> > >> uriParam='sip:datatek-net.com:5060 >> <http://datatek-net.com:5060> >> > <http://datatek-net.com:5060>' passTokenDB='6qk50suJ' >> > >> authTypeDB='DIGEST'" >> > >> >> > >> >> > >> >> "2010-09-20T15:19:11.052127Z":33030:SIP:DEBUG:sipx.datatek-net.com:SipRegistrarServer:B6C81B90:SipRegistrar:" >> > >> ---------------------------------- >> > >> Sending final response >> > >> SIP/2.0 401 Unauthorized >> > >> From: \"Stiles Watson\" <sip:1...@datatek-net.com >> <mailto:sip%3a...@datatek-net.com> >> > <mailto:sip%3a...@datatek-net.com >> <mailto:sip%253a...@datatek-net.com>>>;tag=1F8AD21E-973871A1 >> > >> To: <sip:1...@datatek-net.com >> <mailto:sip%3a...@datatek-net.com> >> > <mailto:sip%3a...@datatek-net.com >> <mailto:sip%253a...@datatek-net.com>>>;tag=50CQ8f >> > >> Call-Id: 653dce0e-9a15011-6ecf0...@192.168.16.102 >> <mailto:653dce0e-9a15011-6ecf0...@192.168.16.102> >> > <mailto:653dce0e-9a15011-6ecf0...@192.168.16.102 >> <mailto:653dce0e-9a15011-6ecf0...@192.168.16.102>> >> > >> Cseq: 2 REGISTER >> > >> Via: SIP/2.0/TCP >> > >> >> > >> >> 24.106.178.178:5060;branch=z9hG4bK-XX-131f715siA6jenamQxLO0Tevfg;received=192.168.25.11;rport=54527 >> > >> Via: SIP/2.0/UDP >> > >> >> > >> >> 192.168.16.102;branch=z9hG4bK6e5a416f288A684A;received=75.189.229.254;rport=5060 >> > >> Www-Authenticate: Digest realm=\"datatek-net.com >> <http://datatek-net.com> >> > <http://datatek-net.com>\", >> > >> nonce=\"9406c4cb79ee436c0cfd9b2082a412444c977b6f\", >> qop=\"auth\" >> > >> User-Agent: sipXecs/4.2.1 sipXecs/registry (Linux) >> > >> Content-Length: 0" >> > >> >> > >> >> > >> >> "2010-09-20T15:19:11.061815Z":33038:OUTGOING:INFO:sipx.datatek-net.com:SipRegistrarServer:B6C81B90:SipRegistrar:"SipUserAgent::sendTcp >> > >> TCP SIP User Agent sent message: >> > >> ----Local Host:192.168.25.11---- Port: -1---- >> > >> ----Remote Host:192.168.25.11---- Port: 54527---- >> > >> SIP/2.0 401 Unauthorized >> > >> From: \"Stiles Watson\" <sip:1...@datatek-net.com >> <mailto:sip%3a...@datatek-net.com> >> > <mailto:sip%3a...@datatek-net.com >> <mailto:sip%253a...@datatek-net.com>>>;tag=1F8AD21E-973871A1 >> > >> To: <sip:1...@datatek-net.com >> <mailto:sip%3a...@datatek-net.com> >> > <mailto:sip%3a...@datatek-net.com >> <mailto:sip%253a...@datatek-net.com>>>;tag=50CQ8f >> > >> Call-Id: 653dce0e-9a15011-6ecf0...@192.168.16.102 >> <mailto:653dce0e-9a15011-6ecf0...@192.168.16.102> >> > <mailto:653dce0e-9a15011-6ecf0...@192.168.16.102 >> <mailto:653dce0e-9a15011-6ecf0...@192.168.16.102>> >> > >> Cseq: 2 REGISTER >> > >> Via: SIP/2.0/TCP >> > >> >> > >> >> 24.106.178.178:5060;branch=z9hG4bK-XX-131f715siA6jenamQxLO0Tevfg;received=192.168.25.11;rport=54527 >> > >> Via: SIP/2.0/UDP >> > >> >> > >> >> 192.168.16.102;branch=z9hG4bK6e5a416f288A684A;received=75.189.229.254;rport=5060 >> > >> Www-Authenticate: Digest realm=\"datatek-net.com >> <http://datatek-net.com> >> > <http://datatek-net.com>\", >> > >> nonce=\"9406c4cb79ee436c0cfd9b2082a412444c977b6f\", >> qop=\"auth\" >> > >> User-Agent: sipXecs/4.2.1 sipXecs/registry (Linux) >> > >> Date: Mon, 20 Sep 2010 15:19:11 GMT >> > >> Allow: INVITE, ACK, CANCEL, BYE, REFER, OPTIONS, REGISTER, >> > SUBSCRIBE >> > >> Accept-Language: en >> > >> Supported: gruu, path >> > >> Content-Length: 0 >> > >> >> > >> --------------------END--------------------" >> > >> >> > >> I've tripple-checked the SIP pasword and it is correct. >> So I'm >> > guessing >> > >> "Response auth hash does not match (bad password?)" from >> the debug >> > >> statement is referring to something else. >> > >> >> > >> Stiles >> > >> >> > >> Tony Graziano wrote: >> > >> >> > >> >> > >>> If it has a valid config file and the remoe firewall has spi >> > and sip alg >> > >>> off >> > >>> and your sonicwall is not getting in thje way, yes. >> > >>> ============================ >> > >>> Tony Graziano, Manager >> > >>> Telephone: 434.984.8430 >> > >>> Fax: 434.984.8431 >> > >>> >> > >>> Email: tgrazi...@myitdepartment.net >> <mailto:tgrazi...@myitdepartment.net> >> > <mailto:tgrazi...@myitdepartment.net >> <mailto:tgrazi...@myitdepartment.net>> >> > >>> >> > >>> LAN/Telephony/Security and Control Systems Helpdesk: >> > >>> Telephone: 434.984.8426 >> > >>> Fax: 434.984.8427 >> > >>> >> > >>> Helpdesk Contract Customers: >> > >>> http://www.myitdepartment.net/gethelp/ >> > >>> >> > >>> ----- Original Message ----- >> > >>> From: sipx-users-boun...@list.sipfoundry.org >> <mailto:sipx-users-boun...@list.sipfoundry.org> >> > <mailto:sipx-users-boun...@list.sipfoundry.org >> <mailto:sipx-users-boun...@list.sipfoundry.org>> >> > >>> <sipx-users-boun...@list.sipfoundry.org >> <mailto:sipx-users-boun...@list.sipfoundry.org> >> > <mailto:sipx-users-boun...@list.sipfoundry.org >> <mailto:sipx-users-boun...@list.sipfoundry.org>>> >> > >>> To: Discussion list for users of sipXecs software >> > >>> <sipx-users@list.sipfoundry.org >> <mailto:sipx-users@list.sipfoundry.org> >> > <mailto:sipx-users@list.sipfoundry.org >> <mailto:sipx-users@list.sipfoundry.org>>> >> > >>> Sent: Mon Sep 20 07:50:59 2010 >> > >>> Subject: Re: [sipx-users] SRV records for ftp >> > >>> >> > >>> Still working through the options you've given me, but the >> > Polysom should >> > >>> be able to register remotely without ftp if everything >> is configed >> > >>> correctly, right? >> > >>> >> > >>> Stiles >> > >>> >> > >>> On Fri, 17 Sep 2010 20:43:24 -0400, Tony Graziano >> > >>> <tgrazi...@myitdepartment.net >> <mailto:tgrazi...@myitdepartment.net> >> > <mailto:tgrazi...@myitdepartment.net >> <mailto:tgrazi...@myitdepartment.net>>> wrote: >> > >>> >> > >>> >> > >>> >> > >>>> By the way... the first sentence in this thread is: >> > >>>> "OK Tony, shoot me down:" >> > >>>> >> > >>>> It's actually the IETF and Polycom who did the shooting >> here... >> > >>>> IETF should write two papers on an RFC. Once for engineers, >> > and one for >> > >>>> everyone else instead of trying to deciper what they mean >> > with loosely >> > >>>> selected verbs. >> > >>>> Polycom (like a lot of hardware manufacturers) should >> state, >> > this works >> > >>>> for this, that works for that, and not you can't mix and >> > match ip's and >> > >>>> ports, we like it this way... it wouldn't be that hard. >> > >>>> On Fri, Sep 17, 2010 at 7:02 PM, Tony Graziano wrote: >> > >>>> Realize the Aastra is a different client, and "how" the >> > manufacturer >> > >>>> implements a protocol is VERY different from another one... >> > >>>> FTP is the way to do it, and these days PASV FTP is pretty >> > much needed >> > >>>> >> > >>>> >> > >>>> >> > >>> to >> > >>> >> > >>> >> > >>> >> > >>>> do bootrom updates with Polycom. Even in their http/https >> > provisioning >> > >>>> they won't do bootrom and firmware over https, only >> http. So >> > it's not as >> > >>>> simple as "just make sipx use https", it would have to do >> > both. Add to >> > >>>> that Polycom is constantly changing their config file >> format, >> > >>>> >> > >>>> >> > >>>> >> > >>> parameters, >> > >>> >> > >>> >> > >>> >> > >>>> arguments, etc. FTP works, so that's what I suggest to do. >> > >>>> Can you get another IP and add it to the firewall (even if >> > just for >> > >>>> ftp)...? >> > >>>> >> > >>>> On Fri, Sep 17, 2010 at 6:26 PM, Stiles Watson wrote: >> > >>>> Thanks, you are a wealth of info! I'll try the several >> > options you've >> > >>>> given me. >> > >>>> >> > >>>> FYI, I had an Aastra 67301i auto provisioning with trixbox >> > CE via TFTP. >> > >>>> The phone made its request to the public IP and all I >> had to >> > do on the >> > >>>> local firewall was open the port for WAN to trixbox subnet >> > and create >> > >>>> the NAT rules to send the request to the trixbox >> server. No >> > remote >> > >>>> firewall config had to be done. >> > >>>> >> > >>>> Stiles >> > >>>> >> > >>>> Tony Graziano wrote: >> > >>>> > Crap. That's a loaded question. >> > >>>> > >> > >>>> > It all in the protocol, and ANY nat translation. >> > >>>> > >> > >>>> > TFTP (nothing to do with sipx, its the nature of tftp) >> > must use a >> > >>>> > pseudo random port or your remote firewall must have >> a way >> > to punch >> > >>>> > through udp in NAT mode, which is not the same as >> ANY NAT >> > >>>> >> > >>>> >> > >>>> >> > >>> translation, >> > >>> >> > >>> >> > >>> >> > >>>> > which means it is inherently PASV, but the typical tftpd >> > in linux >> > >>>> >> > >>>> >> > >>>> >> > >>> does >> > >>> >> > >>> >> > >>> >> > >>>> > not have the ability to specify PORTS. It's like >> PASV FTP, >> > where port >> > >>>> > 21 is the control channel, but in vsftpd you specify the >> > ports where >> > >>>> > the requests for data is coming from. It is more likely >> > the remote >> > >>>> > firewall (try putting the phone IP as a DMZ host just to >> > see if tftp >> > >>>> > works). I don't fiddle much with home based routers, >> > they're a pain. >> > >>>> > >> > >>>> > http://www.rfc-editor.org/rfc/rfc3489.txt [3] >> > >>>> > >> > >>>> > It makes me need a drink, and its why I use FTP for >> remote >> > phones. >> > >>>> > >> > >>>> > There is a way to get that to work, but you must >> have the >> > required >> > >>>> > items (port translation, and that pattern is full). >> > >>>> > >> > >>>> > >> > >>>> > On Fri, Sep 17, 2010 at 5:55 PM, Stiles Watson > wrote: >> > >>>> > >> > >>>> > Well, not so happy about that. >> > >>>> > >> > >>>> > Thanks for the explanation though. >> > >>>> > >> > >>>> > So ... why can I not use TFTP? >> > >>>> > >> > >>>> > Stiles >> > >>>> > >> > >>>> > Tony Graziano wrote: >> > >>>> >> Er.. Bang? >> > >>>> >> >> > >>>> >> I could assume the FTP NAT/PAT (NAT with port >> > translation) from >> > >>>> >> 21 to 844 would work... >> > >>>> >> >> > >>>> >> PHONE--(grab file at >> > >>>> >> ftp://1.2.3.4:8444 [6])INTERNET >> 192.168.2.2:21 <http://192.168.2.2:21> >> > <http://192.168.2.2:21> [7] , >> > >>>> sending it on>>--vsftpd >> > >>>> >> >> > >>>> >> 1. I don't think the polycom is sophisticated >> enough >> > to do any >> > >>>> >> type of DNS lookup other than hostname or IP >> for ftp, >> > so the >> > >>>> SRV >> > >>>> >> record is not useful, you're better off >> removing it. >> > >>>> >> 2. The remote phone must be hardcoded >> > >>>> >> (menu>advanced>servermenu>ftp ftp port BUT the >> > >>>> >> polycom doesn't allow you to change the PORT. >> > >>>> >> >> > >>>> >> If the SRV records do work, you should alter vsftpd >> > to run on >> > >>>> >> that port anyway, but I am doubtful that is >> functional. >> > >>>> >> >> > >>>> >> >> > >>>> >> > >>>> >> > >>>> >> > >>>> >> > >>> >> > >> >> http://www.polycom.com/global/documents/support/setup_maintenance/products/voice/spip_ssip_Admin_Guide_SIP_3_1.pdf >> > >>> >> > >>> >> > >>> >> > >>>> [9] >> > >>>> >> >> > >>>> >> 3-9 and 3-10 pretty much tell me a hostname or >> IP is >> > all they >> > >>>> >> accept. The protocols are perhaps >> non-negotiable for >> > >>>> provisioning >> > >>>> >> to alter the port with the exception of the "120" >> > option, which >> > >>>> >> is a string, though the polycom may not handle >> > parsing the >> > >>>> >> ip:port part of it as it has very limited logic at >> > bootup. >> > >>>> >> >> > >>>> >> Don't assume when they say ftps they mean ftp over >> > ssh, its >> > >>>> not, >> > >>>> >> it means ssl is configured and running on your ftp >> > server, but >> > >>>> >> still running on port 21. So you either need to >> > "change" the >> > >>>> NAT >> > >>>> >> on your firewall and see if the PASV config setting >> > work and >> > >>>> the >> > >>>> >> phone provisions remotely, then decide how you want >> > to proceed. >> > >>>> >> >> > >>>> >> Bootrom changes pretty much force a >> "non-active" FTP >> > server to >> > >>>> be >> > >>>> >> out of the picture (really, in the document link >> > above, go >> > >>>> >> figure), which means you can upgrade firmware and >> > config but >> > >>>> not >> > >>>> >> bootrom after a certain version is loaded. So >> thanks >> > Doug for >> > >>>> >> pushing on this one. >> > >>>> >> >> > >>>> >> I think Polycom is REAL FUZZY on this, because >> they don't >> > >>>> >> EXPLICITLY state the following: >> > >>>> >> >> > >>>> >> FTP or FTPS means PORT 21, no exceptions! (etc. for >> > ftfp, http >> > >>>> on >> > >>>> >> port 80 https on 443, etc. >> > >>>> >> PASV FTP requires the following commands to be >> > available on the >> > >>>> >> FTP server (and provide the fracking list!). >> > >>>> >> >> > >>>> >> I am real doubtful you can put in a "120" >> string and do >> > >>>> >> "ftp://1.2.3.4:8444 [10]", but heck maybe you >> can and >> > I'm just >> > >>>> too >> > >>>> >> lazy to try? >> > >>>> >> >> > >>>> >> So this means you can test with what you got but >> > rearrange the >> > >>>> >> firewall, push your configs, and then change it >> > back... or get >> > >>>> >> another public IP on your firewall for this... >> > >>>> >> >> > >>>> >> >> > >>>> >> >> > >>>> >> >> > >>>> >> >> > >>>> >> On Fri, Sep 17, 2010 at 5:19 PM, Stiles Watson >> > >>>> >> wrote: >> > >>>> >> >> > >>>> >> OK Tony, shoot me down: >> > >>>> >> >> > >>>> >> I'm attempting to do what you suggested and >> use FTP >> > >>>> instead >> > >>>> >> of TFTP for >> > >>>> >> remote provisioning the Polycom IP 335. The >> > problem is >> > >>>> that >> > >>>> >> we already >> > >>>> >> use FTP and we can not move our customer facing >> > FTP to >> > >>>> >> another port. I >> > >>>> >> figured I could just configure the phone to use >> > ftp on >> > >>>> >> another port - >> > >>>> >> but i was wrong (at least I could not find an >> > place to do >> > >>>> it). >> > >>>> >> >> > >>>> >> Therefore, my solution: >> > >>>> >> >> > >>>> >> * setup an SRV record to point to the >> > non-standard ftp >> > >>>> port >> > >>>> >> (8444) >> > >>>> >> >> > >>>> >> ** _ftp._tcp.datatek-net.com >> <http://tcp.datatek-net.com> >> > <http://tcp.datatek-net.com> [13] . >> > >>>> >> 7200 IN SRV 0 0 8444 >> datatek-net.com <http://datatek-net.com> >> > <http://datatek-net.com> [15] >> > >>>> >> . >> > >>>> >> >> > >>>> >> ** this SRV record was created on the >> primary DNS >> > for our >> > >>>> >> domain and not >> > >>>> >> on the DNS server running on the sipX box as it >> > is behind >> > >>>> NAT. >> > >>>> >> >> > >>>> >> * configured the phone to use FTP and use >> the SRV >> > url as >> > >>>> the >> > >>>> >> server ( >> > >>>> >> _ftp._tcp.datatek-net.com >> <http://tcp.datatek-net.com> >> > <http://tcp.datatek-net.com> [17] ) >> > >>>> >> >> > >>>> >> * configured the firewall to allow (8444) >> traffic >> > from >> > >>>> WAN to >> > >>>> >> the sipX >> > >>>> >> subdomain >> > >>>> >> >> > >>>> >> * created a PAT policy to translate port 8444 >> > coming into >> > >>>> the >> > >>>> >> WAN to >> > >>>> >> port 21 and forwarded it to the sipX server. >> > >>>> >> >> > >>>> >> I also configed vsftp.conf via your xx-8904 >> > ticket as you >> > >>>> >> suggested. >> > >>>> >> >> > >>>> >> But ... it still does not work. >> > >>>> >> >> > >>>> >> By the way, I bought the e-book yesterday >> and am >> > finding >> > >>>> it >> > >>>> >> very helpful. >> > >>>> >> >> > >>>> >> Stiles >> > >>>> >> _______________________________________________ >> > >>>> >> sipx-users mailing list >> > >>>> >> sipx-users@list.sipfoundry.org >> <mailto:sipx-users@list.sipfoundry.org> >> > <mailto:sipx-users@list.sipfoundry.org >> <mailto:sipx-users@list.sipfoundry.org>> [19] >> > >>>> >> >> > >>>> >> List Archive: >> > >>>> http://list.sipfoundry.org/archive/sipx-users/ [21] >> > >>>> >> >> > >>>> >> >> > >>>> >> >> > >>>> >> >> > >>>> >> -- >> > >>>> >> ====================== >> > >>>> >> Tony Graziano, Manager >> > >>>> >> Telephone: 434.984.8430 >> > >>>> >> > >>>> >> > >>>> >> > >>> begin_of_the_skype_highlighting 434.984.8430 >> > >>> end_of_the_skype_highlighting >> > >>> >> > >>> >> > >>> >> > >>>> >> sip: tgrazi...@voice.myitdepartment.net >> <mailto:tgrazi...@voice.myitdepartment.net> >> > <mailto:tgrazi...@voice.myitdepartment.net >> <mailto:tgrazi...@voice.myitdepartment.net>> [22] >> > >>>> >> >> > >>>> >> Fax: 434.984.8431 >> > >>>> >> >> > >>>> >> Email: tgrazi...@myitdepartment.net >> <mailto:tgrazi...@myitdepartment.net> >> > <mailto:tgrazi...@myitdepartment.net >> <mailto:tgrazi...@myitdepartment.net>> [24] >> > >>>> >> >> > >>>> >> >> > >>>> >> LAN/Telephony/Security and Control Systems >> Helpdesk: >> > >>>> >> Telephone: 434.984.8426 >> > >>>> >> sip: helpd...@voice.myitdepartment.net >> <mailto:helpd...@voice.myitdepartment.net> >> > <mailto:helpd...@voice.myitdepartment.net >> <mailto:helpd...@voice.myitdepartment.net>> [26] >> > >>>> >> >> > >>>> >> Fax: 434.984.8427 >> > >>>> >> >> > >>>> >> Helpdesk Contract Customers: >> > >>>> >> http://www.myitdepartment.net/gethelp/ [28] >> > >>>> >> >> > >>>> >> Why do mathematicians always confuse Halloween and >> > Christmas? >> > >>>> >> Because 31 Oct = 25 Dec. >> > >>>> >> >> > >>>> >> >> > >>>> >> > >> ------------------------------------------------------------------------ >> > >>>> >> _______________________________________________ >> > sipx-users >> > >>>> >> mailing list sipx-users@list.sipfoundry.org >> <mailto:sipx-users@list.sipfoundry.org> >> > <mailto:sipx-users@list.sipfoundry.org >> <mailto:sipx-users@list.sipfoundry.org>> [29] >> > >>>> >> List Archive: >> > >>>> >> http://list.sipfoundry.org/archive/sipx-users/ [31] >> > >>>> > >> > >>>> > >> > >>>> > _______________________________________________ >> > >>>> > sipx-users mailing list >> > >>>> > sipx-users@list.sipfoundry.org >> <mailto:sipx-users@list.sipfoundry.org> >> > <mailto:sipx-users@list.sipfoundry.org >> <mailto:sipx-users@list.sipfoundry.org>> [32] >> > >>>> > List Archive: >> > http://list.sipfoundry.org/archive/sipx-users/ >> > >>>> [34] >> > >>>> > >> > >>>> > >> > >>>> > >> > >>>> > >> > >>>> > -- >> > >>>> > ====================== >> > >>>> > Tony Graziano, Manager >> > >>>> > Telephone: 434.984.8430 >> > >>>> > sip: tgrazi...@voice.myitdepartment.net >> <mailto:tgrazi...@voice.myitdepartment.net> >> > <mailto:tgrazi...@voice.myitdepartment.net >> <mailto:tgrazi...@voice.myitdepartment.net>> [35] >> > >>>> > >> > >>>> > Fax: 434.984.8431 >> > >>>> > >> > >>>> > Email: tgrazi...@myitdepartment.net >> <mailto:tgrazi...@myitdepartment.net> >> > <mailto:tgrazi...@myitdepartment.net >> <mailto:tgrazi...@myitdepartment.net>> [37] >> > >>>> > >> > >>>> > LAN/Telephony/Security and Control Systems Helpdesk: >> > >>>> > Telephone: 434.984.8426 >> > >>>> > sip: helpd...@voice.myitdepartment.net >> <mailto:helpd...@voice.myitdepartment.net> >> > <mailto:helpd...@voice.myitdepartment.net >> <mailto:helpd...@voice.myitdepartment.net>> [39] >> > >>>> > >> > >>>> > Fax: 434.984.8427 >> > >>>> > >> > >>>> > Helpdesk Contract Customers: >> > >>>> > http://www.myitdepartment.net/gethelp/ [41] >> > >>>> > >> > >>>> > Why do mathematicians always confuse Halloween and >> Christmas? >> > >>>> > Because 31 Oct = 25 Dec. >> > >>>> > >> > >>>> > >> > >>>> >> > >> ------------------------------------------------------------------------ >> > >>>> > >> > >>>> > _______________________________________________ >> > >>>> > sipx-users mailing list >> > >>>> > sipx-users@list.sipfoundry.org >> <mailto:sipx-users@list.sipfoundry.org> >> > <mailto:sipx-users@list.sipfoundry.org >> <mailto:sipx-users@list.sipfoundry.org>> [42] >> > >>>> > List Archive: >> > http://list.sipfoundry.org/archive/sipx-users/ [43] >> > >>>> >> > >>>> _______________________________________________ >> > >>>> sipx-users mailing list >> > >>>> sipx-users@list.sipfoundry.org >> <mailto:sipx-users@list.sipfoundry.org> >> > <mailto:sipx-users@list.sipfoundry.org >> <mailto:sipx-users@list.sipfoundry.org>> [44] >> > >>>> List Archive: >> http://list.sipfoundry.org/archive/sipx-users/ >> > [45] >> > >>>> >> > >>>> -- >> > >>>> ====================== >> > >>>> Tony Graziano, Manager >> > >>>> Telephone: 434.984.8430 >> > >>>> sip: tgrazi...@voice.myitdepartment.net >> <mailto:tgrazi...@voice.myitdepartment.net> >> > <mailto:tgrazi...@voice.myitdepartment.net >> <mailto:tgrazi...@voice.myitdepartment.net>> [46] >> > >>>> Fax: 434.984.8431 >> > >>>> >> > >>>> Email: tgrazi...@myitdepartment.net >> <mailto:tgrazi...@myitdepartment.net> >> > <mailto:tgrazi...@myitdepartment.net >> <mailto:tgrazi...@myitdepartment.net>> [47] >> > >>>> >> > >>>> LAN/Telephony/Security and Control Systems Helpdesk: >> > >>>> Telephone: 434.984.8426 >> > >>>> sip: helpd...@voice.myitdepartment.net >> <mailto:helpd...@voice.myitdepartment.net> >> > <mailto:helpd...@voice.myitdepartment.net >> <mailto:helpd...@voice.myitdepartment.net>> [48] >> > >>>> Fax: 434.984.8427 >> > >>>> >> > >>>> Helpdesk Contract Customers: >> > >>>> http://www.myitdepartment.net/gethelp/ [49] >> > >>>> >> > >>>> Why do mathematicians always confuse Halloween and >> Christmas? >> > >>>> Because 31 Oct = 25 Dec. >> > >>>> >> > >>>> >> > >>>> >> > >>> _______________________________________________ >> > >>> sipx-users mailing list >> > >>> sipx-users@list.sipfoundry.org >> <mailto:sipx-users@list.sipfoundry.org> >> > <mailto:sipx-users@list.sipfoundry.org >> <mailto:sipx-users@list.sipfoundry.org>> >> > >>> List Archive: http://list.sipfoundry.org/archive/sipx-users/ >> > >>> _______________________________________________ >> > >>> sipx-users mailing list >> > >>> sipx-users@list.sipfoundry.org >> <mailto:sipx-users@list.sipfoundry.org> >> > <mailto:sipx-users@list.sipfoundry.org >> <mailto:sipx-users@list.sipfoundry.org>> >> > >>> List Archive: http://list.sipfoundry.org/archive/sipx-users/ >> > >>> >> > >>> >> > >>> >> > >>> >> > >>> >> > >> _______________________________________________ >> > >> sipx-users mailing list >> > >> sipx-users@list.sipfoundry.org >> <mailto:sipx-users@list.sipfoundry.org> >> > <mailto:sipx-users@list.sipfoundry.org >> <mailto:sipx-users@list.sipfoundry.org>> >> > >> List Archive: http://list.sipfoundry.org/archive/sipx-users/ >> > >> _______________________________________________ >> > >> sipx-users mailing list >> > >> sipx-users@list.sipfoundry.org >> <mailto:sipx-users@list.sipfoundry.org> >> > <mailto:sipx-users@list.sipfoundry.org >> <mailto:sipx-users@list.sipfoundry.org>> >> > >> List Archive: http://list.sipfoundry.org/archive/sipx-users/ >> > >> >> > >> >> > >> >> > >> >> > > >> > > _______________________________________________ >> > > sipx-users mailing list >> > > sipx-users@list.sipfoundry.org >> <mailto:sipx-users@list.sipfoundry.org> >> > <mailto:sipx-users@list.sipfoundry.org >> <mailto:sipx-users@list.sipfoundry.org>> >> > > List Archive: http://list.sipfoundry.org/archive/sipx-users/ >> > > _______________________________________________ >> > > sipx-users mailing list >> > > sipx-users@list.sipfoundry.org >> <mailto:sipx-users@list.sipfoundry.org> >> > <mailto:sipx-users@list.sipfoundry.org >> <mailto:sipx-users@list.sipfoundry.org>> >> > > List Archive: http://list.sipfoundry.org/archive/sipx-users/ >> > > >> > > >> > > >> > >> > _______________________________________________ >> > sipx-users mailing list >> > sipx-users@list.sipfoundry.org >> <mailto:sipx-users@list.sipfoundry.org> >> <mailto:sipx-users@list.sipfoundry.org >> <mailto:sipx-users@list.sipfoundry.org>> >> > List Archive: http://list.sipfoundry.org/archive/sipx-users/ >> > >> > >> > >> > >> > -- >> > ====================== >> > Tony Graziano, Manager >> > Telephone: 434.984.8430 >> > sip: tgrazi...@voice.myitdepartment.net >> <mailto:tgrazi...@voice.myitdepartment.net> >> > <mailto:tgrazi...@voice.myitdepartment.net >> <mailto:tgrazi...@voice.myitdepartment.net>> >> > Fax: 434.984.8431 >> > >> > Email: tgrazi...@myitdepartment.net >> <mailto:tgrazi...@myitdepartment.net> >> <mailto:tgrazi...@myitdepartment.net >> <mailto:tgrazi...@myitdepartment.net>> >> > >> > LAN/Telephony/Security and Control Systems Helpdesk: >> > Telephone: 434.984.8426 >> > sip: helpd...@voice.myitdepartment.net >> <mailto:helpd...@voice.myitdepartment.net> >> > <mailto:helpd...@voice.myitdepartment.net >> <mailto:helpd...@voice.myitdepartment.net>> >> > Fax: 434.984.8427 >> > >> > Helpdesk Contract Customers: >> > http://www.myitdepartment.net/gethelp/ >> > >> > Why do mathematicians always confuse Halloween and Christmas? >> > Because 31 Oct = 25 Dec. >> > >> > >> ------------------------------------------------------------------------ >> > >> > _______________________________________________ >> > sipx-users mailing list >> > sipx-users@list.sipfoundry.org >> <mailto:sipx-users@list.sipfoundry.org> >> > List Archive: http://list.sipfoundry.org/archive/sipx-users/ >> >> _______________________________________________ >> sipx-users mailing list >> sipx-users@list.sipfoundry.org <mailto:sipx-users@list.sipfoundry.org> >> List Archive: http://list.sipfoundry.org/archive/sipx-users/ >> >> >> >> >> -- >> ====================== >> Tony Graziano, Manager >> Telephone: 434.984.8430 >> sip: tgrazi...@voice.myitdepartment.net >> <mailto:tgrazi...@voice.myitdepartment.net> >> Fax: 434.984.8431 >> >> Email: tgrazi...@myitdepartment.net <mailto:tgrazi...@myitdepartment.net> >> >> LAN/Telephony/Security and Control Systems Helpdesk: >> Telephone: 434.984.8426 >> sip: helpd...@voice.myitdepartment.net >> <mailto:helpd...@voice.myitdepartment.net> >> Fax: 434.984.8427 >> >> Helpdesk Contract Customers: >> http://www.myitdepartment.net/gethelp/ >> >> Why do mathematicians always confuse Halloween and Christmas? >> Because 31 Oct = 25 Dec. >> >> ------------------------------------------------------------------------ >> >> _______________________________________________ >> sipx-users mailing list >> sipx-users@list.sipfoundry.org >> List Archive: http://list.sipfoundry.org/archive/sipx-users/ >> > _______________________________________________ > sipx-users mailing list > sipx-users@list.sipfoundry.org > List Archive: http://list.sipfoundry.org/archive/sipx-users/ > _______________________________________________ > sipx-users mailing list > sipx-users@list.sipfoundry.org > List Archive: http://list.sipfoundry.org/archive/sipx-users/ > > > _______________________________________________ sipx-users mailing list sipx-users@list.sipfoundry.org List Archive: http://list.sipfoundry.org/archive/sipx-users/
