Jump to content

Register to Vodia without provisioning (i.e. manual provisioning)


mcbsys

Recommended Posts

It's great that Vodia can auto-provision many different phones. That will cover most cases.

My question is, how do I provision, say Account #4 of a Yealink T54W phone to register to Vodia? On my phone, Accounts 1-3 are used for other phone systems; Account 4 needs to register to Vodia.

I've tried "fooling" Vodia by giving it the MAC address of the phone, then downloading the Authentication ID and Authentication password using curl. Very inconvenient, but it doesn't even work:  when I try to register to Vodia, the PCAP trace from the Yealink doesn't show any response coming back from Vodia.

What am I missing? Is there a simpler way to set or retrieve the Authentication ID and password for a manually provisioned device?

Thanks for your help.

Link to comment
Share on other sites

How do I set or at least determine the User (Authenticate ID) for an extension? The extension number does not work, even when I manually set the SIP password.

I finally deleted the extension in Vodia. Vodia would NOT allow me to re-create the extension with the same number. Why? When I created it with a different number and a manual SIP password, I finally got the account registered on the phone via UDP. TLS fails; it looks like some certificate error.

Setting the SIP user and password for an extension is one of the most basic tasks in a VoIP PBX. What am I missing?

Thanks.

Link to comment
Share on other sites

  • 2 weeks later...

For manual registration, there is the SIP password. It works with the extension number. You also need to make sure that you have the right tenant name in the Request URI (unless you use the name "localhost" for the tenant), e.g. REGISTER sip:30@tenant.com SIP/2.0 where 30 would be the extension name and tenant.com the name of the tenant. The authentication name then is the same 30, and you may choose a different outbound proxy e.g. the IP address of the PBX as long as the phone find the PBX.

Link to comment
Share on other sites

This is a single-tenant system, so following the example of other working Yealink phones, I set both the SIP server and the Proxy server to phonesystem.mydomain.com.

Unfortunately, creating a SIP password and using the extension number as the Authenticate ID did not work.

Even deleting and re-adding the same extension x250 was not allowed by Vodia. Why not? Are deleted extensions not really deleted?

I finally got it connected by adding a new extension x260 and setting a SIP password for that.

Is there some way to see, at least in the file system if not in the UI, what Authenticate IDs and passwords exist? I feel like I'm banging my head on a black box trying to get info that should be easy to look up.

Link to comment
Share on other sites

Well the passwords are encrypted in the file system, so you would not be able to see the content. However if you check the extensions folder, you should see that the file has changed and the content of the "password" entry has a different value (yes the "password" was the first password entry used by the system, then came the "web_pass" and so on). It does not make a difference if this is single tenant or multi tenant. But it does make a different if the tenant has the magic name "localhost", which serves as a wildcard name.

There were some versions that had problems with the SIP password. What version are we talking about here?

Link to comment
Share on other sites

The Version is 68.0.28.

I can't find any mention of "localhost" though I'm not sure I know where to look.

System > Tenants > List > pencil icon > Primary DNS address = phonesystem.mydomain.com

System > Settings > SIP > Settings > IP routing = private public

On the Debian server, under /usr/local/pbx/extensions, I have 1.xml through 6.xml. Interesting, since I only have 5 extensions. That would seem to support my suspicion that deleting x250 didn't really get rid of it.

Not only are the passwords encrypted, it seems that these XML files do not even contain the extension number. If I open every one, and look at <display_name>, I may be able to backtrack to figure out which file applies to which extension. Am I allowed to see the files that maps extensions to XML definitions? Or for that matter the indexes to all the various folders on the server?

I am really missing the simple Excel file export in 3CX that lists all extensions and passwords (web, SIP, phone UI) in plain text!

 

Link to comment
Share on other sites

On 4/4/2023 at 10:09 AM, mcbsys said:

I can't find any mention of "localhost" though I'm not sure I know where to look.

System > Tenants > List > pencil icon > Primary DNS address = phonesystem.mydomain.com

System > Settings > SIP > Settings > IP routing = private public

The name localhost is a special "DNS address" in the parameters for a tenant. It goes back to the old times when PBX were running on a random IP address without the luxury of having a DNS address assigned to them. It just matches anything. It is not related to the IP routing.

On 4/4/2023 at 10:09 AM, mcbsys said:

On the Debian server, under /usr/local/pbx/extensions, I have 1.xml through 6.xml. Interesting, since I only have 5 extensions. That would seem to support my suspicion that deleting x250 didn't really get rid of it.

Well if there is one file missing that math would still work. But extensions can also be disabled or just have no license.

On 4/4/2023 at 10:09 AM, mcbsys said:

Not only are the passwords encrypted, it seems that these XML files do not even contain the extension number. If I open every one, and look at <display_name>, I may be able to backtrack to figure out which file applies to which extension. Am I allowed to see the files that maps extensions to XML definitions? Or for that matter the indexes to all the various folders on the server?

I am really missing the simple Excel file export in 3CX that lists all extensions and passwords (web, SIP, phone UI) in plain text!

Passwords need to be encrypted, otherwise there is no way to have the system e.g. compliant for healthcare. Passwords that humans enter are sensitive information and should not be visible anywhere, not and especially not to the administrator. If 3CX sends them in CSV files, they might be in trouble regarding compliance and actually general security.

But you can export the list of extensions, just click on "Export as CSV" in the accounts overview.   

Link to comment
Share on other sites

23 hours ago, mcbsys said:

How do I map the n.xml files in the extensions folder to extension numbers?

The users directory contains the references to the extensions. Then in the user_alias you will find the references to the users table, because users can have multiple alias names and they can all have their properties. Its good old relational database design...

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...