SFX Group Posted December 3, 2011 Report Share Posted December 3, 2011 I have noticed something, with my M9 base unit i use the provisioning URL http://192.168.1.63:8080/prov/snom-m9-000413304B3D.xml This uses the MAC address of the base unit, however the below file is returning (you notice it has different MAC addresses in them, and these MAC addresses are for a workstation on the network. (its doing this with the SNOM 360 settings URL as well...!!!) <setting-files> <file url="http://192.168.1.63:8080/prov/snom-m9-firmware-0019D11CD87A.xml"/> <file url="http://192.168.1.63:8080/prov/snom-m9-settings-0019D11CD87A.xml"/> </setting-files> I currently have the M9 plugged in to the PC port of a SNOM 360, so how did a computer MAC address end up in the returning file form SNOM one? This would explain why the M9 isn't getting provisioned, also there are no extension folder being created in the below tree actually on the SNOM ONE server (as its windows i can check it) , so what's up with the server? Its version 2011-4.3.0.5021 (Win64) install/generated/domain/extension Quote Link to comment Share on other sites More sharing options...
Vodia PBX Posted December 4, 2011 Report Share Posted December 4, 2011 I have noticed something, with my M9 base unit i use the provisioning URL http://192.168.1.63:8080/prov/snom-m9-000413304B3D.xml This uses the MAC address of the base unit, however the below file is returning (you notice it has different MAC addresses in them, and these MAC addresses are for a workstation on the network. (its doing this with the SNOM 360 settings URL as well...!!!) 0019D1 is a MAC from Intel. Is that the PC of the PC running the PBX? All snoms have 000413. If yes, there is probably some routing issue from one interface to another. MAC addresses only change on router level, not on switch level. I currently have the M9 plugged in to the PC port of a SNOM 360, so how did a computer MAC address end up in the returning file form SNOM one? This would explain why the M9 isn't getting provisioned, also there are no extension folder being created in the below tree actually on the SNOM ONE server (as its windows i can check it) , so what's up with the server? Its version 2011-4.3.0.5021 (Win64) The m9 should also get provisioned even if it crosses a router. Did you assign the m9 MAC address into an extension on the PBX? Then it should actually verify the certificate from the m9 and ignore what is coming from the interface. Quote Link to comment Share on other sites More sharing options...
SFX Group Posted December 4, 2011 Author Report Share Posted December 4, 2011 0019D1 is a MAC from Intel. Is that the PC of the PC running the PBX? All snoms have 000413. If yes, there is probably some routing issue from one interface to another. MAC addresses only change on router level, not on switch level. The m9 should also get provisioned even if it crosses a router. Did you assign the m9 MAC address into an extension on the PBX? Then it should actually verify the certificate from the m9 and ignore what is coming from the interface. I am a network specialist, IP / MAC routing is something i do, however i dont know the inside of Snom One so can only comment on what i see, however to answer... 000413304B3D is the MAC address of the M9 base unit (and is correct) 0019D11CD87A is the MAC address of an Intel desktop board, and is not running SNOM, it is used to access the web interface of Snom One, however i cant see any reason why Snom would have got hold of this MAC address. I would like to add here, no extenstion folder has been created in the SNOM directory structure for this extenstion either, however now using TFTP it seems to be sending all the correct provision details to the M9 when looking at the log file in the M9 base unit web interface,. My question is, why would the correct http XML file have a MAC address of a completely different machine as this remains a very odd and major issue. There is a 3COM switch onsite (not managed) and a Watchgaurd Firewall (x550e not a cheap unit) which handles DHCP, however the Intel MAC address is not DHCP so cant be a mix up in the Watchgaurd firewall. Quote Link to comment Share on other sites More sharing options...
Vodia PBX Posted December 4, 2011 Report Share Posted December 4, 2011 000413304B3D is the MAC address of the M9 base unit (and is correct) 0019D11CD87A is the MAC address of an Intel desktop board, and is not running SNOM, it is used to access the web interface of Snom One, however i cant see any reason why Snom would have got hold of this MAC address. Okay, probably you accessed the PBX with the URL from the m9 from the web browser of the PC. Then you would see that MAC. I would like to add here, no extenstion folder has been created in the SNOM directory structure for this extenstion either, however now using TFTP it seems to be sending all the correct provision details to the M9 when looking at the log file in the M9 base unit web interface,. My question is, why would the correct http XML file have a MAC address of a completely different machine as this remains a very odd and major issue. When you "trust the MAC" in the PnP, the PBX reads out the MAC from the IP table of the host to find out where the request came from. The MAc acts like a token, with a low trust level (that's why there is a flag to control this). Once you start using username and passwords or certificates that contain the token, the MAC layer trust is not needed. There is a 3COM switch onsite (not managed) and a Watchgaurd Firewall (x550e not a cheap unit) which handles DHCP, however the Intel MAC address is not DHCP so cant be a mix up in the Watchgaurd firewall. I now also dont think that the packet crossed a router; it was probably because the PC did access the PBX directly and the PBX saw the MAC of the PC. The phone switch is a switch, not a router so that also can't be the problem. One more thing that you could check (with Wireshark on the PBX), if the PC has some spyware running trying to steal all traffic from the PC. The RARP attack is one way to relay all traffic through the PC. Quote Link to comment Share on other sites More sharing options...
SFX Group Posted December 4, 2011 Author Report Share Posted December 4, 2011 Okay, probably you accessed the PBX with the URL from the m9 from the web browser of the PC. Then you would see that MAC. This sounds like its resolved then, i tried that same URL from a different PC and the returned contents MAC address matched that PC as well (so changed). This means when the phone requests it it should get the phones MAC address, which is good, i do have trust MAC address enabled inside Snom ONE. So one last thing here is the folder that is named after the extenstion number inside the "generated" folder in Snom ONE isnt getting generated, how do i track this down? Quote Link to comment Share on other sites More sharing options...
Vodia PBX Posted December 4, 2011 Report Share Posted December 4, 2011 So one last thing here is the folder that is named after the extenstion number inside the "generated" folder in Snom ONE isnt getting generated, how do i track this down? There is a option if those files shoul be generated to the file system or just being logged ("Write PnP generated files" in the PnP section). Maybe it is set to false. Quote Link to comment Share on other sites More sharing options...
SFX Group Posted December 4, 2011 Author Report Share Posted December 4, 2011 There is a option if those files shoul be generated to the file system or just being logged ("Write PnP generated files" in the PnP section). Maybe it is set to false. Hi, Thats fixed it, i set the PnP to write to file, this has created the files..... Going to play with the URL in the Provisioning now to see if it gets the details it should, i have also turned of the trust MAC address feature so its locked to what it has. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.