Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

3rd party Sip extn registration details.

Status
Not open for further replies.

daken

Programmer
Jul 14, 2010
124
GB
Hi All

Investigating an issue at a site.

To register a 3rd party sip phone to the system we would need to be registering with:

Username "User > username"
Password "User > Telephony > Supervisor settings > Login code"
IP Address of PBX

thanks

da-ken
 
Plus a 3rd party ip end point licence

ACSS (Manieee on a new account)
 
Just to confirm I should NOT be able to register with

Username "User > [highlight #FCE94F]extn[/highlight]"
Password "User > Telephony > Supervisor settings > Login code"
IP Address of PBX

I have spare 3rd party and avaya ip enpoints.

????


da-ken
 
I always use etxension number and login code for registration, as documented.
 
This manual shows it is Extn username.

However iv just discovered it work with extn number as well :(

Reduces the number of possible usernames for people to guess :(

Dont even need an ip endpoint, if you know how.

Only needs an ip endpoint OR office worker to get a phone registered.

looks like i will be studying the security guidelines tonight.


thanks
da-ken
 
SIP only has 3 settings beside the call server to register to
Extension number
User name
Password
Juggle them around if it doesn't work one way.

Joe W.

FHandw, just expired ACSS (SME)


"This is the end of the world, make sure to buy your T-shirt before it is too late"
Original expression of my daughter
 
There is also a vital bit to enable SIP REGISTRAR on the voip tab of the LAN you want to use to connect the phone to

ACSS (Manieee on a new account)
 
Careful @Mainie3 you're in danger of getting Pink Stars. [2thumbsup]

ACSS (SME)

 
Daken,

Yes, a kind of risk for supporting external SIP phone access but potential hackers still need to get the user's login code correct and they only have 5 go's before the extension number is blacklisted for 10 minutes (and if they keep trying another 5 go's blacklists the IP address for 10 minutes)

[I know having been there recently with a bit of SIP softphone software that was automatically retrying the registration details when I got the login wrong and so got itself blacklisted within seconds. Lots of hair pulling before I spotted the software was doing that and got to shout at the developer]

That's said, the existing H.323 behaviour of having an extension registration passcode that is separate from the phone user login code is coming to SIP extensions as part of R11.0. That means the passcode used for intial registration of an extension can then be something really long and annoying to installers and hackers alike.

Stuck in a never ending cycle of file copying.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top