Not sure if this will help but its something I wrote when first working on J Series phones.
his guide will cover the basic configuration of J Series phones onto an IP500 or SE onsite system.
Scenario 1 - Internal only phones using IPO as DHCP with dedicated phone switches - assuming connected to LAN1.
To allow J series phones to connect to an IPO freshly installed you only require an Essential edition licence and an IP endpoint licence for each phone.
After initial configuration of the phone system there are 4 things to check/setup before connecting a J Series phone.
Create a user and matching SIP extension with password
Turn on DHCP and assign a scope
Ensure the System-->Phone File Server Type is set to
Disk for a Server Edition
Memory Card for an IP500
Ensure that LAN1-->VoIP-->SIP Registrar Enable is ticked
At this point you can connect a phone and it will collect DHCP from the phone system, this will advise it of the location of the 46xxsettings file it requires. The phone will get this file and upgrade if required. After a reboot it should present a login page. Login the extension created in step 1.
The phone will have connected to the system via TCP.
Scenario 2 - Internal only phones using IPO as DHCP with dedicated phone switches - assuming connected to LAN1.
To allow J series phones to connect to an IPO freshly installed you only require an Essential edition licence and an IP endpoint licence for each phone.
After initial configuration of the phone system there are a selection of things to check/setup before connecting a J Series phone.
Create a user and matching SIP extension with password
Turn on DHCP and assign a scope
Ensure the System-->Phone File Server Type is set to
Disk for a Server Edition
Memory Card for an IP500
Ensure that LAN1-->VoIP-->SIP Registrar Enable is ticked
Ensure that LAN1-->VoIP-->Layer 4 Protocol TLS is ticked
You need to create a 46xxspecials.txt file to apply to the phone system to tell the phone to use TLS.
Go to
Address of IPO/46xxspecials.txt
Copy the text to notepad
Find the following entry - # J1X9SPECIALS
Under this entry add a new line and add the following text - SET TLSSRVRID 0
Save it as 46xxspecials.txt
Upload it to the primary folder of the IPO
At this point you can connect a phone and it will collect DHCP from the phone system, this will advise it of the location of the 46xxsettings file it requires. The phone will get this file and upgrade if required. After a reboot it should present a login page. Login the extension created in step 1.
The phone will have connected to the system via TLS.
Scenario 3 - Internal only phones using Sonicwall as DHCP with dedicated phone switches - assuming connected to LAN1.
To allow J series phones to connect to an IPO freshly installed you only require an Essential edition licence and an IP endpoint licence for each phone.
After initial configuration of the phone system there are 4 things to check/setup before connecting a J Series phone.
Create a user and matching SIP extension with password
Ensure the System-->Phone File Server Type is set to
Disk for a Server Edition
Memory Card for an IP500
Ensure that LAN1-->VoIP-->SIP Registrar Enable is ticked
Login to the Sonicwall (or equivalent firewall) and go to the DHCP section.
Setup a DHCP scope to cover the IP range of the IPO.
Create an Option 242 set as string with the following as the string
HTTPSRVR=IP Address of IPO,TLSSRVR=IP Address of IPO
At this point you can connect a phone and it will collect DHCP from the Sonicwall, this will advise it of the location of the 46xxsettings file it requires. The phone will get this file and upgrade if required. After a reboot it should present a login page. Login the extension created in step 1.
The phone will have connected to the system via TCP.
Scenario 4 - Internal only phones using Sonicwall as DHCP with dedicated phone switches - assuming connected to LAN1.
To allow J series phones to connect to an IPO freshly installed you only require an Essential edition licence and an IP endpoint licence for each phone.
After initial configuration of the phone system there are 4 things to check/setup before connecting a J Series phone.
Create a user and matching SIP extension with password
Ensure the System-->Phone File Server Type is set to
Disk for a Server Edition
Memory Card for an IP500
Ensure that LAN1-->VoIP-->SIP Registrar Enable is ticked
Login to the Sonicwall (or equivalent firewall) and go to the DHCP section.
Setup a DHCP scope to cover the IP range of the IPO.
Create an Option 242 set as string with the following as the string
HTTPSRVR=IP Address of IPO,TLSSRVR=IP Address of IPO
Ensure that LAN1-->VoIP-->Layer 4 Protocol TLS is ticked
You need to create a 46xxspecials.txt file to apply to the phone system to tell the phone to use TLS.
Go to
Address of IPO/46xxspecials.txt
Copy the text to notepad
Find the following entry - # J1X9SPECIALS
Under this entry add a new line and add the following text - SET TLSSRVRID 0
Save it as 46xxspecials.txt
Upload it to the primary folder of the IPO
At this point you can connect a phone and it will collect DHCP from the Sonicwall, this will advise it of the location of the 46xxsettings file it requires. The phone will get this file and upgrade if required. After a reboot it should present a login page. Login the extension created in step 1.
The phone will have connected to the system via TLS.
Scenario 5 - Internal and External Phones using DES.
To allow J series phones to connect to an IPO both internally and externally requires a lot more work and there are several pre-requisites.
A SAN Cert is required. This has to cover the Domain used (ie company.com) and the FQDN used (ie uc.company.com), if covering multiple sites then all sites FQDNs need to be covered.
Split DNS is required to allow the FQDN to be translated internally to the internal IP address of the IPO and externally to the public IP assigned to the FQDN.
After initial configuration of the phone system the following need to be checked/setup before connecting a J Series phone.
Create a user and matching SIP extension with password
Ensure the System-->Phone File Server Type is set to
Disk for a Server Edition
Memory Card for an IP500
Ensure that LAN1-->VoIP-->SIP Registrar Enable is ticked
Ensure that LAN1-->VoIP-->SIP Remote Extn Enable is ticked
Ensure that LAN1-->VoIP-->Layer 4 Protocol TLS is ticked
Set Remote UDP Port and Remote TCP Port to 6060
Set Remote TLS Port to 6061
In the box next to SIP Domain Name - enter company.com
In the box next to SIP Registrar FQDN - enter uc.company.com
Make a note of the Port Number Range (NAT) - this will be required for the firewall works later
LAN1-->Network Topology-->Ensure STUN Server Address is blank
LAN1-->Network Topology-->Set Firewall/NAT Type to Unknown
LAN1-->Network Topology-->Public IP Address is set to the IP that the FQDN (uc.company.com) resolves to
Set Public Port UDP and TCP to 5060 and Public Port TLS to 5061
Ensure Run STUN on Startup is not ticked
You need to create a 46xxspecials.txt file to apply to the phone system to tell the phone to use TLS.
Go to
Address of IPO/46xxspecials.txt
Copy the text to notepad
Find the following entry - # J1X9SPECIALS
Under this entry add a new line and add the following text - SET TLSSRVRID 0
Save it as 46xxspecials.txt
Upload it to the primary folder of the IPO
On the firewall of the Company you will need to configure NAT and Firewall rules.
Service Objects Required are
SIP Registration = UDP and TCP - 6060-6061
RTP = UDP 40750-50750 (or as you noted in step 10)
Equinox 80 = TCP 80
Equinox 443 = TCP 443
Equinox 411 = TCP 411
Address Objects Required are
IPO Public = Public IP address assigned to the FQDN
IPO Private = Internal Private IP assigned to the IPO
NAT Rules Required are
1:1 Translation of all traffic to IPO Public to go to IPO Private
Firewall Rules Required are
Allow all service objects through the firewall from any Source if they target IPO Public
On the internal DNS Server you will need an entry to allow the FQDN to resolve internally to the internal IP address assigned to the IPO - exact method will vary depending on DNS server
As we will be using DES for this setup this will also need configuring
Go to
Login with the details on CW
Go to Company Accounts --> Account Management
Click Add
Set Account Type to Customer
Complete rest as appropriate and click Submit
Go to Profile Management
Click Add
Enter an appropriate Profile Name
Click Add
Set Server Type as HTTP(S)
Enter
under Provisioning URL
Leave Root CA Certificate blank
Set Phone Group to 0
Click the Tick
Click Submit
Go to Company Accounts --> Account Management
Tick the box next to the previously created Account and click Edit.
Click Site at the top
Click Add
Enter an appropriate name against site
Under Profile, click the dropdown and navigate to the Profile you just created
Click the Tick
Click Submit
At this point DES is configured for that site.
You now need to claim a phone onto DES and assign it to the account just created.
Now you can connect the claimed phone, it will then boot up and auto provision. The phone will be provided with where it needs to go by DES and then will communicate with the phone system and obtain the necessary files.
It should then upgrade and reboot and present a login screen. Login the user created in step 1.
The phone will have connected to the system via TLS.
| ACSS SME |
