Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

9600 VPN Phone 1

Status
Not open for further replies.
hbsurfn

hbsurfn

Programmer
Sep 18, 2007
187
US
I have and IP500v1- r6 with an Avaya SG20 VPN router. I currently have 4- 5610 remote vpn phone users connected with no issue, but am unable to get a 9640 to connect as a vpn phone. I'm getting Phase 1 No Response and have tried every vpn client in the phone. Anyone else tried setting up 9600 remote VPN phones? Any luck? tips?

ACA
ACS
CompTIA Convergence+
CCNA
CCVP
 
Sort by date Sort by votes
The 9600 series phones connect via VPN to SonicWall NSA240 for us. I would suspect that other SonicWall devices would also work. Used the generic profile to set-up. One thing: there is no way to set a "Virtual IP address" in the 9600 (unless this has changed recently) so if you are using Avaya's setup Tech Tip you will need to work around this.

HTH,
Mark
 
Upvote 0 Downvote
Sorry-Avaya SG is yet another product that was decent when they bought them (old VP Net company), but let dev go and killed the product (officially unsupported on 9600 I think, so its called a science project that you might get to work with enough play time.)-

I have pretty much zero SG install base left and decided to spend my time on going-forward products instead (tough enough nut to decide what is going forward) Started using SonicWall, great product for the money for SMB, but now Avaya no longer seems to be updating and publishing compatibility for that product either hence threads here for 'how can I config a virtual IP on 9600- (answer is can't -but somehow a few folks seemed to get them to work). Unfortunately, Avaya's strategy sems to drive everyone, including Avaya BP's to Cisco because we know they will always have to support some Cisco.....wierd.

Anyone got recommendations for best VPN gateway for SMB customers (affordable, easy to support, going forward support, works w 56xx/46xx/96xx VPN phones) (I played w Juniper for a while- but expensive and not sure old NetScreen SSG versions will be going forward either vs incorporated int Juniper heritage routers)
 
Upvote 0 Downvote
I have had the same thing with a Netgear router.
I ended up with not using Mode config.
Perhaps you can give that a shot ?

Homo sapiens non urinat in ventum

honey, i fried the IP Office !!!

Sarcasm, it's only one of the services I offer.
 
Upvote 0 Downvote
Can the settings be changed in VPN programming using the phone interface (same as 46/56xx series)? Or are you stuck with the text files?


 
Upvote 0 Downvote
Can be done both ways.
On the phone press the mute button and type craft or VPN (VPN brings you straight to that menu.
But the VPN option must already be enabled by the text file.


Homo sapiens non urinat in ventum

honey, i fried the IP Office !!!

Sarcasm, it's only one of the services I offer.
 
Upvote 0 Downvote
FInally got it to take. But when I make my settings on the phone, reboot, it grabs the 96xxvpn file, and the settings default again.

Removed the file, and rebooted, same thing.

Peter, do you have your txt file for a Netgear FVS338?




 
Upvote 0 Downvote
96xxvpn.txt file:

Code: 
################################################## #
## VPN Mode
## 0: Disabled, 1: Enabled. 
################################################## #

SET NVVPNMODE 1

################################################## #
## Vendor. 
## 1: Juniper/Netscreen, 2. Cisco
## 3: CheckPoint/ Nokia 4: Other
## 5: Nortel.
################################################## #

SET NVVPNSVENDOR 1

################################################## #
## Encapsulation Type. 
## 0: 4500-4500, 1: Disabled
## 2: 2070-500, 3: ?
## 4: RFC (500-500) 
################################################## #

SET NVVPNENCAPS 0

################################################## #
## Copy TOS. 
## 1: Yes, 2: No 
################################################## #

SET NVVPNCOPYTOS 0
################################################## #
## Authentication Type. 
##
## [For Cisco/Juniper/Checkpoint/Other]
## 3: PSK, 4: PSK with Xauth
## 5: RSA signatures with Xauth, 6: Hybrid Xauth
## 7: RSA signatures. 
##
## [Nortel Authentication Type]
## 1: Local credentials, 2: Radius Credentials.
## 3: Radius SecureID, 4: Radius Axent. 
################################################## #

SET NVVPNAUTHTYPE 4

################################################## #
## VPN User Type. 
## 1: Any, 2: User
################################################## #

SET NVVPNUSERTYPE 1

################################################## #
## Password Type.
## 1: Save in Flash, 2: Erase on reset
## 3: Numeric OTP, 4: Alpha-Numeric OTP
## 5: Erase on VPN termination. 
################################################## #

SET NVVPNPSWDTYPE 1

################################################## #
## User Password. 
################################################## #

SET NVVPNPSWD 123456789

################################################## #
## IKE ID (Group Name). 
################################################## #

SET NVIKEID vpnphone

################################################## #
## IKE ID Type. 
## 1: IPv4_ADDR, 2: FQDN
## 3: USER_FQDN, 9: DER_ASN1_DN
## 11: Key ID 
################################################## #

SET NVIKEIDTYPE 2

################################################## #
## IKE Xchg Mode. 
## 1: Aggressive, 2: Identity Protect. 
################################################## #

SET NVIKEXCHGMODE 1

################################################## #
## IKE DH Group. 
################################################## #

SET NVIKEDHGRP 2

################################################## #
## IKE Encryption Algo. 
## 1: AES-128, 2: 3DES
## 3: DEs 4: AEs-192
## 5: AES-256 0: Any
################################################## #

SET NVIKEP1ENCALG 2

################################################## #
## IKE Auth algo. 
## 0: Any, 1: MD5
## 2: sHA-1 
################################################## #

SET NVIKEP1AUTHALG 2

################################################## #
## IPsec PFS DH group. 
################################################## #

SET NVPFSDHGRP 2

################################################## #
## IPsec Encryption Algo. 
## 1: AES-128, 2: 3DES
## 3: DEs 4: AEs-192
## 5: AES-256 6: None
## 0: Any
################################################## #

SET NVIKEP2ENCALG 2

################################################## #
## IPsec Authentication Algo. 
## 0: Any, 1: MD5
## 2: sHA-1 
################################################## #

SET NVIKEP2AUTHALG 2

################################################## #
## Protected Network. 
################################################## #

SET NVIPSECSUBNET 172.18.190.0/0

################################################## #
## IKE Over TCP. 
## 0: Never, 1: Auto
## 2: Always 
################################################## #

SET NVIKEOVERTCP 0

################################################## #
## Craft access
## 0: Enabled, 1: only view option is available?
################################################## #

SET PROCSTAT 0

################################################## #
## VPN craft access
## 0: disabled, 1: view only
## 2: View and edit.
################################################## #

SET VPNPROC 2

################################################## #
## Call Server address
################################################## #

SET MCIPADD 192.168.42.1

################################################## #
## craft access code
################################################## #

SET PROCPSWD 27238

################################################## #
## VPN craft access code
################################################## #

46xxsettings.txt (put this on top and set the phone in the right group)

Code: 
IF $GROUP SEQ 0 GOTO NO96XXVPN

IF $GROUP SEQ 876 GOTO 96XXVPN

# 96XXVPN

GET 96xxvpn.txt

# NO96XXVPN


Homo sapiens non urinat in ventum

honey, i fried the IP Office !!!

Sarcasm, it's only one of the services I offer.
 
Upvote 0 Downvote
Thanks. Does the netgear stay configured the same way that Avaya had in that Application note for vpn remote and FVS338's?

Again, thank you


 
Upvote 0 Downvote
Not all.
I did not use mode config.
I made a user for each VPN phone.
Do a search here.
TheTaker posted an example.

Homo sapiens non urinat in ventum

honey, i fried the IP Office !!!

Sarcasm, it's only one of the services I offer.
 
Upvote 0 Downvote
tlpeter,
You reference a 96xxvpn.txt file. Where is this located? Not found on my IP500v2 or in the Manager root directory in 6.0.18.

Is the "VPN Access Code assigned by the administrator" that is referenced when pressing the Avaya (A) Menu button set in the 96xxvpn.txt file?

Vance


ACS Implement IP Office
 
Upvote 0 Downvote
It does not exist, you need to make it yourself.


Homo sapiens non urinat in ventum

honey, i fried the IP Office !!!

Sarcasm, it's only one of the services I offer.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

AldoLT
  • Locked
VPN J179
Replies
1
Views
525
DrB0b
DrB0b
BerettaGuy
  • Locked
  • Question
IP phone on VPN one way audio 2
Replies
2
Views
212
Westi
Westi
comfortinntechci.com
  • Locked
  • Question
Magnetic Door Phone installation
Replies
1
Views
240
budbyrd
budbyrd
K
  • Locked
  • Question
96xx IP Phone not update.
Replies
7
Views
504
derfloh
derfloh
dsm600rr
  • Locked
  • Question
One Phone Sending CID as "Unknown" 1
Replies
8
Views
434
derfloh
derfloh

Part and Inventory Search

Sponsor

Back
Top