Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Avaya ip500 black listing issues

Status
Not open for further replies.

gmacdonald78

Programmer
May 4, 2012
49
GB
We have a site that has an IP500 on R11 with a physical SBC, we have both the SIP and remote users using the same internal interface which I know is not best practice (not installed by me) and due to lots of users putting in the wrong passwords on their Equinox apps eventually leads to the internal SBC address getting blacklisted which causes no end off issues.

We are going to move the remote users away from the SIP trunks and use 2 internal addresses which will negate the SIP trunks outbound calls failing when the remote users internal address gets blacklisted but it’s still going to stop all the remote users from logging in.

Anyone had experience of this and how did you resolve it?
 
Hi Derfloh yeah that's the plan and the way I would have set it up in the first place however it is still going to leave me with a situation where after 10 wrong password attempts is going to render all the remote users offline which cant be by design (maybe it can it is Avaya after all).
 
Is the no-user information correct? I am not an IPO guy but in Aura the SBCE A-address is needed to allow multiple registrations from the same IP address. In my opinion that is one of the reasons the no-user must be correct for IPO. The other reason I know is to replace the internal addresses with the external ones when getting the 46xxsettings.

Freelance Certified Avaya Aura Engineer

 
I can’t see anything in the install guide referencing adding a source number to no user?

Are you referring to the RW_SBC_REG=<SBC-B1-public-SIP-IPaddr>
 
That is correct. Do have these settings?

Freelance Certified Avaya Aura Engineer

 
Fingers crossed, I’ve added the following entries RW_SBC_REG RW_SBC_Prov and the TLS, TCP & UDP ports

Can’t see why this would stop black listing though, although at this point I will give anything a try.
 
The most imported thing you should notice now if that when you retrieve the settingsfile in your browser, internally it will show internal ip adresses, externally it will show external ip addresses. Besides that, the IP office now knows that multiple registrations can arrive from the same IP address. (at least that is true for Aura)

Freelance Certified Avaya Aura Engineer

 
Unfortunately this doesn't seem to have made any difference still seeing the internal interface address of the SBC getting black listed.
 
Ok, and I asume you see the 46xxseiings change between internal and external? And what are your steps exactly, so I can try to reproduce.


Freelance Certified Avaya Aura Engineer

 
on looking at the 46xxsettings file I cant see reference to any of the data I entered within the no user, im assuming it should update that txt file?
 
That is correct, but updating ip addresses accordingly will only work when you use the autogenerated settings file. Uploading a custom settings file will break this mechanism. Custom changes must be made via the 46xxspecials.

Freelance Certified Avaya Aura Engineer

 
Sorry, I did not understand the question. No, the settingsfile will not change. But when you enter the external FQDN it will show the settings with external addresses in the entries. If you type the same FQDN within you company, it will show internal addresses. (You need to have split DNS in place!

For example

Internal:

SET USER_STORE_URI "SET MWISRVR "172.xx.yy.zz"
SET SIP_CONTROLLER_LIST 172.xx.yy.zz:5061;transport=tls
SET CONFERENCE_FACTORY_URI "ConfServer@ipo.mydomain.com"
SET FQDN_IP_MAP "ipo.mydomain.com=172.xx.yy.zz"

External:
SET USER_STORE_URI "SET MWISRVR "77.xx.yy.zz"
SET SIP_CONTROLLER_LIST 77.xx.yy.zz:5061;transport=tls
SET CONFERENCE_FACTORY_URI "ConfServer@ipo.mydomain.com"
SET FQDN_IP_MAP "ipo.mydomain.com=77.xx.yy.zz”

It changes automatically when retrieving the file internal or external.

What are the steps to reproduce the issue?


Freelance Certified Avaya Aura Engineer
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top