mskenderian Posted December 25, 2022 Report Share Posted December 25, 2022 I am having two seperate issues, but I think they are related. 1) One of my first client I onboarded, they have VVX 350 and 450 Phones, the phone seem to work. but it loses provisioning. As in the user can still make calls and trasnfer, but if i edit the button template it will not update. I have to factory reset it to be able to make it work. 2) I have a new client, about 12 phones, 2 of them VVX 450, the other 10 VVX 350. I can not provision, if the default sip transport is set to TLS or TCP, it must be UDP, also i have tried to setup the server type to HTTPS/HTTP, only HTTP seems to work. But even when its set to UDP, once the phone reboots, it says "Contacting Provisiong Server", it loads all the buttons fine, but then it says "Provisioning Failed." Even though the says "Provisiong Failed", calls/transfers seem to be fine. But if i Try to update the button template. it doesnt seems to work. Going back to provisiong section, I notice it changed to HTTPS from HTTP and the server address change to pbx.domain.com:443. IF i change it back to HTTP and pbx.domain.com without the port number and reboot the phone it will update the button changes. It seems its a cert issue. Also in Button template, i cant change the label. it just shows the Extension number, and disregard anything i put in Label. Quote Link to comment Share on other sites More sharing options...
Vodia PBX Posted December 26, 2022 Report Share Posted December 26, 2022 The phone should obviously not loose the provisioning address. One typical reason is that the phone is in the LAN where a router overrides the address with option 66. If you are able to log into the web interface of the phone it should be possible what was set up and that might give you a clue where the address is coming from. Maybe it is still set up for cloud provisioning and the MAC address was not removed. That being said, if you can, it would be actually preferable to use the Poly remote redirection service and just point it to the PBX. TLS works only if you have a certificate that is accepted by the phone. If the firmware is recent, LetsEncrypt should work fine. You have to get the provisioning working, otherwise this will be an uphill battle. Poly phones (at least the models that we tested) don't use SNI for TLS, which requires that you put a server DNS address into the global settings otherwise it will not work. Quote Link to comment Share on other sites More sharing options...
mskenderian Posted December 26, 2022 Author Report Share Posted December 26, 2022 I just got a vvx 450, Provisioned that just fine. I cant rename the Lines, but I can add other button types those seem fine, also i noticed, depending on if there is something misconfigured on the buttons, for example Button 7 is a valid setting Button 8 I choose Speed Dial but i do not specify a paramters, Button 12 is a valid setting (Ring Group: 199), Becuase button 8 is invalid, button 12 gets moved to button 8 positions Quote Link to comment Share on other sites More sharing options...
mskenderian Posted December 26, 2022 Author Report Share Posted December 26, 2022 no its not on LAN and i do not have option 66, its not https issue with certs. in the logs i see something like can not validate ca cert. for some reason vvs 450 that i just got an hour ago, works fine. I also noticed this, VVX 350 is a older phone revision, the logo on the phone has the old polycom logo, but the new one that is red. i think it has to do with the root CA that lets encrypt uses expired october of 2021. so even though the provision file check and intalls the cert, the CA root cert, is saying that cert is invalid. SL_connect error Peer certificate cannot be authenticated with known CA certificates.SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed Quote Link to comment Share on other sites More sharing options...
mskenderian Posted December 27, 2022 Author Report Share Posted December 27, 2022 upgrading firmware to v6.4.3.5156 for vvx 350 seems to fix the issue Quote Link to comment Share on other sites More sharing options...
mskenderian Posted December 27, 2022 Author Report Share Posted December 27, 2022 nevermind TLS still doesnt work, TCP UDP is fine. Quote Link to comment Share on other sites More sharing options...
Vodia PBX Posted December 29, 2022 Report Share Posted December 29, 2022 As for LetsEncrypt there are two chains that they are using. As far as I remember the original tool chain will eventually be retired, but you could use the alternate LetsEncrypt chain. It's about old Android phones that cannot be updated, but as long as you don't use old Android phones maybe the alternate works better for you. Apart from that, maybe there is anything on the VVX log that would explain why it does not work? Or in the PBX log (TLS level 9)? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.