Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Avaya 9608 remote h323 Problems 1

Status
Not open for further replies.

Yaze

IS-IT--Management
Jan 26, 2006
209
CA
Hello,

I'm trying to setup a remote extention without the vpn option, forwarded 1719, 1720, RTP ports, and done the config on the ipoffice side, the software is 8.1.85.

When i connect the phone remotly it ask me for the extension and the password, i use the newly created remote user, then it goes into registering mode, i see the phone screen (when its about to get the button info) for about .5 seconds and it goes back to registering... Looping forever...

Any ideas ? :)

Yaze.
Chaos, Panic and Disorder, my work here is done.
 
Anyone ? :p

Yaze.
Chaos, Panic and Disorder, my work here is done.
 
Which ISP is you remote user using?



A Maintenance contract is essential, not a Luxury.
Do things on the cheap & it will cost you dear
 
One caveat is that the remote firewall has to have ICMP allowed. So, is the firewall's external address pingable?

New England Communications
 
Try setting this NoUser source number:

REMOTE_H323=1800

This forces the phone to use port 1800.
Do not forget to set the port forwarding from 1720 to 1800.


BAZINGA!

I'm not insane, my mother had me tested!

 
Remote worker phones is one of the features that to me is like throwing dice. Some installs it works with no issues, others it drives you crazy. This has to do with the routers installed at both sites, some work others don't.

NCDS | NCSS | APSS - SME | ACIS - SME | ACSS - SME | ACIS - UC | ACSS - UC | APSS - SCOPIA | APDS - SCOPIA | CCENT
 
And everyone talkes about the risk of connecting external
SIP endpoints but with H323 it should be OK?
 
@derfloh

In both cases you're supposed to have a SBC in place.
When allowing any kind of remote access to the system it's only a question of how long before someone finds it.

"Trying is the first step to failure..." - Homer
 
But if you want just a couple for remote phones then the SBC is very expensive so the customer won't buy one.
I always suggest to use a different port range and strong passwords if there is no SBC in place.

BAZINGA!

I'm not insane, my mother had me tested!

 
It's even more expensive when someone starts to call long distance from their PBX, but as long as the customer is aware of the risk and says it's OK. Otherwise it comes back to you if/when it happens.

There are more and more attacks developed targeting IPO since it has a big install base today and many installations are insecure.
There are so many ways to attack an IPO if you are looking to attack just that system.


"Trying is the first step to failure..." - Homer
 
I always advise against Nat traversal phones

They simply do not work well enough to be sold a s a solution.
It is invariably quicker, easier & cheaper (once you include all the engineering costs of trying to make it work) to simply provide a suitable VPN router if the customer does not already have one.

A Maintenance contract is essential, not a Luxury.
Do things on the cheap & it will cost you dear
 
You are absolutely right but it is all about the price sometimes and the customers think it will not happen to them.


BAZINGA!

I'm not insane, my mother had me tested!

 
need more port forwarding and setting for remote extension.

1719 - 1720
5060 - 3478
RTP
Nat activate in full cone nat in VOIP setting
....
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top