Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

9650 VPN Phone with Watchguard 1

Status
Not open for further replies.
TheSmash

TheSmash

Technical User
Oct 16, 2009
994
GB
So, I finally got the boss to buy a 9650 (for himself!) which I'm trying to set up as a VPN phone with a Watchguard X2500.

Got is set up on the system fine (once I'd worked out the MUTE 27238 #!). So went for the VPN setup. What an arse you have to enter a line into the 46xxsettings.txt to allow you just to enable VPN on the phone. Oh well, seems a bit pointless.

I notice that the VPN menu is a little different to the 46xx handsets so it took some time learning the new interface. Now I can't seem to get it to connect up. I get through Exchanging Keys, Building VPN tunnel and then it fails with "No response to IKE Phase 2".

I'm using Juniper/Netscreen with PSK and sort of followed the setup which was posted on here (which I go working a year ago with a 5610 handset). but no joy.

Has anyone else got any good success stories with the 96xx handsets in VPN mode? Any pointers?

I appreciate any suggestions.

Smash

My name is Mike but everyone calls me The Smash...
 
Sort by date Sort by votes
i was having a similar issue with the 9620 and one of our Cisco 877's

seemed to have all the settings correct but failing on the same thing.

i still dont have it working.

ill try again once we have seriously upgraded to v6

 
Upvote 0 Downvote
Thanks HSM, I appreciate the feedback.

Does anyone have a 96xx working in VPN mode??

My name is Mike but everyone calls me The Smash...
 
Upvote 0 Downvote
Look at the error code to determine the specifics

It's people like you who generalize.
 
Upvote 0 Downvote
Yup, will do now that my firewall guy is back :)

My name is Mike but everyone calls me The Smash...
 
Upvote 0 Downvote
Haha, well I would be firewall guys as well if he'd give me access!

My name is Mike but everyone calls me The Smash...
 
Upvote 0 Downvote
Yes, I have a couple of 9650's and a 9620 working in VPN mode. I figured out the same things you mentioned in your first post in regards to having to enable the setting in the 46xxsettings file, and the craft password.

I have a Kentrox Router, and used the same info I did for my 5621 and 5610's via the tek tip. It all worked the first time. I noticed when the phone boots up it asks for a VPN username, which I do not know why, as the 56xx didn't ask for one, and I use a generic PSK profile. The VPN tunnels are created on the fly for the kentrox router which makes it easy to deploy.

So far I've had zero problems with the 9600 series phones in VPN mode.
 
Upvote 0 Downvote
Thanks qtelecom,

I was starting to worry that no-one had these working yet! I probably need to just fiddle around until I get a setting that works. If I get it working I'll post the settings here.

My name is Mike but everyone calls me The Smash...
 
Upvote 0 Downvote
I just got my first 9650! Very impressed with the logo screensaver and the feel.... Now i need to make this a VPN phone. I have a couple questions:
1.No firmware upgrade?
2.Where do you insert SET "VPNPROC 2" in the 46xxsettings.txt file? (it says "## //Place this at the top of the file right after the Info Block") Where? the top of the 96XX settings part or the top of the whole file?
3.

Jeff
"the phone guy"
 
Upvote 0 Downvote
1) Correct
2) Anywhere you like
3) ?

My name is Mike but everyone calls me The Smash...
 
Upvote 0 Downvote
[ol]
[li]No[/li]
[li]On top of the 46xxsettings.txt file[/li]
[li]You did not write a question :)[/li]
[/ol]


ACS IP Office
APSS IP Office
ACA - Implement IP Telephony -- ACA - Design IP Telephony
APSS UC
ACA - Voice Services Management


______________
Women and cats can do as they please and men and dogs should relax and get used to the idea!
 
Upvote 0 Downvote
Peter I think he meant no specific firware upgrade for VPN functionality. It's build in to the latest firmware.

My name is Mike but everyone calls me The Smash...
 
Upvote 0 Downvote
Indeed, that is why i answered no on the firmware upgrade :)


ACS IP Office
APSS IP Office
ACA - Implement IP Telephony -- ACA - Design IP Telephony
APSS UC
ACA - Voice Services Management


______________
Women and cats can do as they please and men and dogs should relax and get used to the idea!
 
Upvote 0 Downvote
I know i forgot something...
What about this line?
Do I add this too?
## Set VPN Mode On (On Boot)
## // Do not set this until VPN Settings have been modified
## Disabled if NVVPNMODE = "0"(default),
## Enabled if NVVPNMODE = "1"

Jeff
"the phone guy"
 
Upvote 0 Downvote
Turn it on, then you can choose for vpn mode or normal mode.


ACS IP Office
APSS IP Office
ACA - Implement IP Telephony -- ACA - Design IP Telephony
APSS UC
ACA - Voice Services Management


______________
Women and cats can do as they please and men and dogs should relax and get used to the idea!
 
Upvote 0 Downvote
Never noticed it :)
I have no idea.


ACS IP Office
APSS IP Office
ACA - Implement IP Telephony -- ACA - Design IP Telephony
APSS UC
ACA - Voice Services Management


______________
Women and cats can do as they please and men and dogs should relax and get used to the idea!
 
Upvote 0 Downvote
So it should look like this?

#############################################################
## Set VPN Mode On (On Boot)
## // Do not set this until VPN Settings have been modified
## Disabled if NVVPNMODE = "0"(default),
## Enabled if NVVPNMODE = "1"
##
SET NVVPNMODE 1
##
## VPNPROC: Whether VPNCODE accesses Special VPN Procedure-
## at all (0=No), in view-only mode (=1), or in view/modify mode (=2)
##
SET VPNPROC 2
##
#############################################################

Jeff
"the phone guy"
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

AldoLT
  • Locked
VPN J179
Replies
1
Views
525
DrB0b
DrB0b
joestar
  • Question
Caller ID (CLID) Not Passing to Twinned Phone with SIP
Replies
7
Views
488
Menniss
Menniss
BerettaGuy
  • Locked
  • Question
IP phone on VPN one way audio 2
Replies
2
Views
213
Westi
Westi
comfortinntechci.com
  • Locked
  • Question
Magnetic Door Phone installation
Replies
1
Views
240
budbyrd
budbyrd
K
  • Locked
  • Question
96xx IP Phone not update.
Replies
7
Views
504
derfloh
derfloh

Part and Inventory Search

Sponsor

Back
Top