Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
3rd party Sip extn registration details.
- Thread starter daken
- Start date
- Thread starter
- #3
Just to confirm I should NOT be able to register with
Username "User > [highlight #FCE94F]extn[/highlight]"
Password "User > Telephony > Supervisor settings > Login code"
IP Address of PBX
I have spare 3rd party and avaya ip enpoints.
????
da-ken
Username "User > [highlight #FCE94F]extn[/highlight]"
Password "User > Telephony > Supervisor settings > Login code"
IP Address of PBX
I have spare 3rd party and avaya ip enpoints.
????
da-ken
intrigrant
Systems Engineer
I always use etxension number and login code for registration, as documented.
teletechman
Technical User
I always use it this way.
Username "User > extn"
Mike
Username "User > extn"
Mike
- Thread starter
- #6
This manual shows it is Extn username.
However iv just discovered it work with extn number as well
Reduces the number of possible usernames for people to guess
Dont even need an ip endpoint, if you know how.
Only needs an ip endpoint OR office worker to get a phone registered.
looks like i will be studying the security guidelines tonight.
thanks
da-ken
However iv just discovered it work with extn number as well
Reduces the number of possible usernames for people to guess
Dont even need an ip endpoint, if you know how.
Only needs an ip endpoint OR office worker to get a phone registered.
looks like i will be studying the security guidelines tonight.
thanks
da-ken
SIP only has 3 settings beside the call server to register to
Extension number
User name
Password
Juggle them around if it doesn't work one way.
Joe W.
FHandw, just expired ACSS (SME)
"This is the end of the world, make sure to buy your T-shirt before it is too late"
Original expression of my daughter
Extension number
User name
Password
Juggle them around if it doesn't work one way.
Joe W.
FHandw, just expired ACSS (SME)
"This is the end of the world, make sure to buy your T-shirt before it is too late"
Original expression of my daughter
![[2thumbsup]](/data/assets/smilies/2thumbsup.gif "[2thumbsup] [2thumbsup]")
Daken,
Yes, a kind of risk for supporting external SIP phone access but potential hackers still need to get the user's login code correct and they only have 5 go's before the extension number is blacklisted for 10 minutes (and if they keep trying another 5 go's blacklists the IP address for 10 minutes)
[I know having been there recently with a bit of SIP softphone software that was automatically retrying the registration details when I got the login wrong and so got itself blacklisted within seconds. Lots of hair pulling before I spotted the software was doing that and got to shout at the developer]
That's said, the existing H.323 behaviour of having an extension registration passcode that is separate from the phone user login code is coming to SIP extensions as part of R11.0. That means the passcode used for intial registration of an extension can then be something really long and annoying to installers and hackers alike.
Stuck in a never ending cycle of file copying.
Yes, a kind of risk for supporting external SIP phone access but potential hackers still need to get the user's login code correct and they only have 5 go's before the extension number is blacklisted for 10 minutes (and if they keep trying another 5 go's blacklists the IP address for 10 minutes)
[I know having been there recently with a bit of SIP softphone software that was automatically retrying the registration details when I got the login wrong and so got itself blacklisted within seconds. Lots of hair pulling before I spotted the software was doing that and got to shout at the developer]
That's said, the existing H.323 behaviour of having an extension registration passcode that is separate from the phone user login code is coming to SIP extensions as part of R11.0. That means the passcode used for intial registration of an extension can then be something really long and annoying to installers and hackers alike.
Stuck in a never ending cycle of file copying.
- Status
Similar threads
- Locked
- Question