Yealink T27P on Session Manager 6.3

[FreD_WriteR]

I am trying to set up a Yealink T27P SIP phone on the new Session Manager. I connected my CM to the System Manager. Synchronization passed, CM settings were loaded on SMGR. Session Manager passes all tests. Configured according to this instruction. Although it is for T22 and Session Manager 6.1, I think it is configured in the same way. The user, when saving the settings in Home / Users / User Management / Manage Users, is created on the CM. In the phone settings, I specify ip Security Module in the "SIP server address", but a registration error occurs. On the Session Manager, the SIP registration log is empty. A phone appears in Home / Elements / Session Manager / System Status / User Registrations but not registered. TraceSM does not see any attempts to register a phone. TraceSM provides data only via SIP and CallP:

11:47:54,030 │    Remote host is not trusted     │ Host not trusted                                                                                     
11:49:24,235 │    Remote host is not trusted     │ Host not trusted                                                                                     
11:49:30,089 │    Request Dial Pattern route     │ for: sip:10.31.200.50:15061;transport=tls  Location: null                                            
11:49:30,090 │  No hostname resolution required  │ Routing to: sip:10.31.200.50:15061;transport=tls                                                     
11:49:40,089 │    Request Dial Pattern route     │ for: sip:10.31.200.50:15061;transport=tls  Location: null                                            
11:49:40,090 │  No hostname resolution required  │ Routing to: sip:10.31.200.50:15061;transport=tls                                                     
11:49:50,089 │    Request Dial Pattern route     │ for: sip:10.31.200.50:15061;transport=tls  Location: null                                            
11:49:50,090 │  No hostname resolution required  │ Routing to: sip:10.31.200.50:15061;transport=tls                                                     
11:49:54,167 │    Remote host is not trusted     │ Host not trusted                                                                                     
11:49:54,236 │    Remote host is not trusted     │ Host not trusted                                                                                     
11:50:00,089 │    Request Dial Pattern route     │ for: sip:10.31.200.50:15061;transport=tls  Location: null                                            
11:50:00,090 │  No hostname resolution required  │ Routing to: sip:10.31.200.50:15061;transport=tls                                                     
11:50:10,088 │    Request Dial Pattern route     │ for: sip:10.31.200.50:15061;transport=tls  Location: null                                            
11:50:10,090 │  No hostname resolution required  │ Routing to: sip:10.31.200.50:15061;transport=tls                                                     
11:50:20,089 │    Request Dial Pattern route     │ for: sip:10.31.200.50:15061;transport=tls  Location: null                                            
11:50:20,091 │  No hostname resolution required  │ Routing to: sip:10.31.200.50:15061;transport=tls                                                     
11:50:24,205 │    Remote host is not trusted     │ Host not trusted                                                                                     
11:50:24,235 │    Remote host is not trusted     │ Host not trusted                                                                                     
11:50:30,089 │    Request Dial Pattern route     │ for: sip:10.31.200.50:15061;transport=tls  Location: null                                            
11:50:30,090 │  No hostname resolution required  │ Routing to: sip:10.31.200.50:15061;transport=tls

12:37:10.090 │◄──OPTIONS─│           │           │ (107) sip:10.31.200.50:15061                                                                       12:37:10.091 │──200 OK──►│           │           │ (107) 200 OK (OPTIONS)                                                                             
12:37:10.091 │◄──200 OK──│           │           │ (107) 200 OK (OPTIONS)                                                                             12:37:20.089 │──OPTIONS─►│           │           │ (108) sip:10.31.200.50:15061                                                                       
12:37:20.089 │◄──OPTIONS─│           │           │ (108) sip:10.31.200.50:15061                                                                       12:37:20.090 │──200 OK──►│           │           │ (108) 200 OK (OPTIONS)                                                                             
12:37:20.090 │◄──200 OK──│           │           │ (108) 200 OK (OPTIONS)                                                                             12:37:30.089 │──OPTIONS─►│           │           │ (109) sip:10.31.200.50:15061                                                                       
12:37:30.090 │◄──OPTIONS─│           │           │ (109) sip:10.31.200.50:15061                                                                       12:37:30.090 │──200 OK──►│           │           │ (109) 200 OK (OPTIONS)                                                                             
12:37:30.091 │◄──200 OK──│           │           │ (109) 200 OK (OPTIONS)                                                                             12:37:40.089 │──OPTIONS─►│           │           │ (110) sip:10.31.200.50:15061                                                                       
12:37:40.089 │◄──OPTIONS─│           │           │ (110) sip:10.31.200.50:15061                                                                       12:37:40.090 │──200 OK──►│           │           │ (110) 200 OK (OPTIONS)                                                                             
12:37:40.090 │◄──200 OK──│           │           │ (110) 200 OK (OPTIONS)                                                                             
12:37:50.090 │──OPTIONS─►│           │           │ (111) sip:10.31.200.50:15061                                                                       
12:37:50.090 │◄──OPTIONS─│           │           │ (111) sip:10.31.200.50:15061                                                                       
12:37:50.091 │──200 OK──►│           │           │ (111) 200 OK (OPTIONS)                                                                             
12:37:50.091 │◄──200 OK──│           │           │ (111) 200 OK (OPTIONS)

I set up the phone to tls, and changed the Entity Link settings to tls in Routing, now TraceSM gives out via TSL handshaking:

17:11:05.822 │──CHello──►│           │           │ (T23) Client Hello                                                            
17:11:05.824 │◄──SHello──│           │           │ (T23) Server Hello                                                            
17:11:05.824 │◄──Cert, S─│           │           │ (T23) Certificate, Server Key Exchange, Server Hello Done                     
17:11:06.423 │──CKeyEx,─►│           │           │ (T23) Client Key Exchange, Encrypted Handshake Message                        
17:11:06.424 │◄──EncHand─│           │           │ (T23) Encrypted Handshake Message                                             
17:11:06.429 │───Alert──►│           │           │ (T23) Encrypted Alert                                                         
17:11:13.843 │──CHello──►│           │           │ (T24) Client Hello                                                            
17:11:13.845 │◄──SHello──│           │           │ (T24) Server Hello                                                            
17:11:13.845 │◄──Cert, S─│           │           │ (T24) Certificate, Server Key Exchange, Server Hello Done                     
17:11:14.522 │──CKeyEx,─►│           │           │ (T24) Client Key Exchange, Encrypted Handshake Message                        
17:11:14.523 │◄──EncHand─│           │           │ (T24) Encrypted Handshake Message                                             
17:11:14.528 │───Alert──►│           │           │ (T24) Encrypted Alert                                                         
17:11:21.858 │──CHello──►│           │           │ (T25) Client Hello                                                            
17:11:21.860 │◄──SHello──│           │           │ (T25) Server Hello                                                            
17:11:21.860 │◄──Cert, S─│           │           │ (T25) Certificate, Server Key Exchange, Server Hello Done                     
17:11:22.458 │──CKeyEx,─►│           │           │ (T25) Client Key Exchange, Encrypted Handshake Message                        
17:11:22.459 │◄──EncHand─│           │           │ (T25) Encrypted Handshake Message                                             
17:11:22.464 │───Alert──►│           │           │ (T25) Encrypted Alert

 

[AvayaHE]

Hi has you try TCP instead UDP what you setup in YeahLink ?

 

[FreD_WriteR]

Thanks for the answer, tried it, it didn't help.

 

[gwebster]

Do you have any Avaya SIP phones working on this system to confirm that the general configuration is correct?

 

[FreD_WriteR]

I have SIP only Yealink.

 

[gwebster]

Do you have any SIP phones working on this system or is this your first one?

 

[FreD_WriteR]

On this system - the first.

 

[G van Hamburg]

Open your SM sip entity and scroll to the bottom. See if SM listens to tcp port 5060. I’d change the entity link between CM and SM to TLS byt the way.

Freelance Certified Avaya Aura Engineer

 

[FreD_WriteR]

In the first post I wrote what TraceSM gives out when I configure the phone for TLS. When I configure my phone to TLS, I change the Entity Link to TLS. My port is 5060. Everything is according to the instructions.

 

[FreD_WriteR]

In Entity Links, in the instructions I used to configure, tcp is selected as the protocol.
But at the same time, they wrote that in the settings of the phone itself, you need to select UDP. With this setting, Session Manager does not respond at all to phone registration attempts. If you select tcp in the phone settings, then traceSM says: 403 Forbidden (Unauthorized).

17: 59: 57.390 │──REGISTE─►│ │ │ (9) "T27P-1011" <sip: 1011@10.31.200.52: 5060> Exp: 60
17: 59: 57.392 │◄──Unautho─│ │ │ (9) 401 Unauthorized
17: 59: 57.398 │──REGISTE─►│ │ │ (9) "T27P-1011" <sip: 1011@10.31.200.52: 5060> Exp: 60
17: 59: 57.400 │◄──Forbidd─│ │ │ (9) 403 Forbidden (Unauthorized)

Here they write that you need to check the traceSM registration package to make sure that the domain is specified correctly, but I have <sip: 1011@10.31.200.52: 5060> in the registration package. There is no domain here. This is the Security Module address that I specified in the phone settings. It then says to check the station settings to make sure it is programmed correctly to route messages to Communication Manager. I have checked the settings several times already, Communication Manager is connected to System Manager. Please tell me how to find out what exactly needs to be checked?

 

[biglebowski]

TLS is normally port 5061

We use two entity links for SM to CM, one that is normal (5060) and one that is TLS (5061)

This is because we have SIP trunks going to a 999 (e911) platform that doesn't support TLS on the entity links.

Biglebowskis Razor - with all things being equal if you still can't find the answer have a shave and go down the pub.

 

[G van Hamburg]

The entity link has nothing to do how the client registers. It should always be TLS.

Freelance Certified Avaya Aura Engineer

 

[FreD_WriteR]

Screenshot from the manual for which I set up:

Manual

 

[gwebster]

You are going to a lot of trouble to configure a 3rd-party SIP phone which will provide minimal functionality on your system.

 

[G van Hamburg]

TCP is an example. It says that. Normally an entity link between SM and CM for OPTIM uses TLS. The phone can register using TCP or UDP.

Freelance Certified Avaya Aura Engineer