Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations dencom on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Equinox Issue 1

Status
Not open for further replies.
Pepp77

Pepp77

Vendor
Oct 30, 2008
2,513
GB
Setup a new customer on Equinox yesterday (after several weeks of back and forth with the customers IT for the certificate and firewall works).

This customer has 8 sites, all on IP500s on R11 connected via SCN. Therefore we purchased a SAN Cert with all 8 DNS names entered into the cert as site.company.com

Uploaded the cert to the first system and when I go to it returns the correct file with what appear to be all the correct settings in it and shows a valid cert with all the correct settings showing.

I therefore setup equinox on mobile with the and then login and I get the error

VoIP Phone Service Unavailable - Invalid SIP domain

I have a play with the app and if I turn off TLS and amend the port from xx61 to xx60 (we dont use 506/5061) the app logs in perfectly fine as TCP and I can make and receive calls.

This leads me to think the issue is related to the certs in some way (this is the first SAN we have used, out hosted uses a wildcard cert and in house we have a single site cert), but not sure what that issue could be.

Any thoughts/ideas on where to look?

| ACSS SME |
 
Sort by date Sort by votes
Along with the lists os FQDNs in the SAN cert, have you added the domain also. It sounds like you haven't.

the cert should include both FQDN AND domain. ie, site1.company.com AND company.com is the SANs.

Equinox is fine with a wildcard cert, but you won't get SRTP I don't think. Always best to get a Multi SAN cert and you are covered for all. Wildcard certs are not allowed in the SIP RFCs.

Jamie Green

[bold]A[/bold]vaya [bold]R[/bold]egistered [bold]S[/bold]pecialist [bold]E[/bold]ngineer
 
Upvote 0 Downvote
Upvote 0 Downvote
Hi Guys

Thanks for the replies, I think jamie has hit the nail on the head - with a wilcard cert this isn't an issue, but on the SAN we do not have just company.com on there (but on checking our in house Cert we do have just company.com on ours)

As the domain is only being used for Equinox I am going to try and cheat the IPO by just amending the domain on there to the FQDN and see what happens, before we deal with getting the certificate amended.

| ACSS SME |
 
Upvote 0 Downvote
Just to update, I changed the domain on the VoIP tab from company.com to site.company.com and now Equinox connects without complaint over TLS and calls work without issue.

| ACSS SME |
 
Upvote 0 Downvote
Getting the right certs out of customer is very challenging!! We are finding that most IT people have no idea how to do it!!!

Jamie Green

[bold]A[/bold]vaya [bold]R[/bold]egistered [bold]S[/bold]pecialist [bold]E[/bold]ngineer
 
Upvote 0 Downvote
This one was our fault, it is the first SAN we have suggested to a customer and only told them to setup the 8 site.company.com names on it.

| ACSS SME |
 
Upvote 0 Downvote
I have the exact same situation. Is there a workaround short of getting a new certificate with the domain name listed?
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

DiscLight
  • Question
Analog Unsupervised Disconnect issue 4
Replies
8
Views
354
Nortel4Ever
Nortel4Ever
tnestel
  • Question
One way audio issue
Replies
8
Views
359
derfloh
derfloh
Nortel4Ever
  • Question
Avaya Cloud Office J179/JEM Issue
Replies
5
Views
300
Nortel4Ever
Nortel4Ever
lsavaya
  • Locked
  • Question
Voicemail Pro client Compatibility issue
Replies
4
Views
535
lsavaya
lsavaya
salert
  • Locked
  • Question
SIP Trunk registration issue TELUS
Replies
5
Views
629
Menniss
Menniss

Part and Inventory Search

Sponsor

Back
Top