[SR-Users] Cisco 79XX Series Phones and TLS integration with kamailio
Mark Boyce
mark at darkorigins.com
Thu Jun 19 13:24:04 CEST 2014
Hi Jon
Thanks for that. Trying to translate between the txt version and the xml version, most of the settings seem to be about right.
I think the problem might be with the way we’re referring to the sip server in the xml. The previous advice I got was to do it using the call manager section;
<callManagerGroup>
<members>
<member priority="0">
<callManager>
<ports>
<ethernetPhonePort>2000</ethernetPhonePort>
<sipPort>5060</sipPort>
<securedSipPort>5061</securedSipPort>
</ports>
<processNodeName>1.2.3.4</processNodeName>
</callManager>
</member>
</members>
</callManagerGroup>
and then later in the config
<sipLines>
<line button="1">
<featureID>9</featureID>
<featureLabel>SIPACCOUNT</featureLabel>
<name>SIPACCOUNT</name>
<displayName>SIPACCOUNT</displayName>
<contact>SIPACCOUNT</contact>
<proxy>USECALLMANAGER</proxy>
<port>5060</port>
<authName>SIPACCOUNT</authName>
<authPassword>MYPASSWORD</authPassword>
<sharedLine>false</sharedLine>
</line>
</sipLines>
It seems to be seeing the line name etc but never trying to contact the server.
Putting the SIP servers IP in the <proxy> field doesn’t seem to make any difference.
Cheers
Mark
On 19 Jun 2014, at 11:51, Jonathan Hunter <hunterj91 at hotmail.com> wrote:
> Hi Mark,
>
> Yes we had exactly the same issue with a 7940.
>
> It is with the .cnf xml file.
>
> You need to make sure that the line name is populated;
>
> line1_name: "<<USERNAME>>"
>
> line1_authname: "<<USERNAME>>"
>
> line1_password: "supersecret"
>
> See an example file attached, hopefully will give you an idea.
>
> Thanks
>
> Jon
>
>
>
>
> From: mark at darkorigins.com
> Date: Thu, 19 Jun 2014 11:03:25 +0100
> To: sr-users at lists.sip-router.org
> Subject: Re: [SR-Users] Cisco 79XX Series Phones and TLS integration with kamailio
>
> Hi Jon
>
> I’m working with a variety of routers here at the moment (testing / lab environment :-) ranging from Mikrotik, Draytek to Firebricks.
>
> So far;
>
> - Phone on test is a 7970
>
> - Variety of routers here at the moment (testing / lab environment :-) ranging from Mikrotik, Draytek to Firebricks. All configured to NAT, no firewall filtering
>
> - SIP v9.3(1)SR4 firmware on the phone
>
> - Provisioning side ‘appears’ to be working. In that it requests the files, says ‘registering’
>
> - Doesn’t appear to generate any SIP traffic during registration (tcpdump on router/kamailio server)
>
>
> Wondering if I’ve got something wrong in the .cnf xml …
>
> Cheers
>
>
> Mark
>
>
> On 19 Jun 2014, at 10:48, Jonathan Hunter <hunterj91 at hotmail.com> wrote:
>
> Hi Mark,
>
> Sure of course, they are some what painful to get working due to their asymmetric NAT behaviour.
>
> What handset models are you working with, and what firewall devices do you have on site, as I have them working with a Cisco ASA on the network edge.
>
> Then I can give you some more details on at least them trying to register to kamailio.
>
> Thanks
>
> Jon
>
> From: mark at darkorigins.com
> Date: Thu, 19 Jun 2014 10:37:42 +0100
> To: sr-users at lists.sip-router.org
> Subject: Re: [SR-Users] Cisco 79XX Series Phones and TLS integration with kamailio
>
> Hi Jon
>
> It sounds like you’re a few steps in front of me. I’m just starting to try and get a working set of config files etc for provisioning to the phones. Which at the moment is going through the motions of registering but not actually sending anything.
>
> Would you mind sharing your experiences so far?
>
> Thanks
>
> Mark
>
>
> On 19 Jun 2014, at 09:50, Jonathan Hunter <hunterj91 at hotmail.com> wrote:
>
> Hi All,
>
> As you guys might remember I have been doing alot of work with these legacy handsets recently, in particular the Cisco IP phones 7945G and 7965G.
>
> They work well now with kamailio, using UDP or TCP as the transport protocol.
>
> I am now looking to implement SIP over TLS with them, and wondered if anyone had completed the same, as it appears they were designed very much to support SIP over TLS and SRTP but with Cisco call manager and not other SIP devices.
>
> I am trying to understand if its possible to integrate with kamailio, as from Cisco documentation it appears a CTL file (client trust list) is required which seems to be generated by cisco software, and the handset needs it before it will try to initiate a SIP connection over TLS.
>
> I have implemented TLS /SRTP with Cisco SPA's, Bria etc on kamailio fine, so its more a question around the handset and if anyone has achieved this.
>
> Thanks
>
> Jon
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
>
>
> _______________________________________________ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users at lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
>
>
> _______________________________________________ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users at lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
> <7940examplefile.txt>_______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20140619/4e42d9d0/attachment.html>
More information about the sr-users
mailing list