cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
jwable
Contributor III
Contributor III

Remote Phones R10

Jump to solution


Has anyone gotten remote phones working?  I followed the orginal remote phone config guide for R10, not work.  Just found the update released 10/12/2010 and followed it still not working.  This is what I have:

Adtran Demo unit with Public IP on ETH 0

Show Ver:

ADTRAN, Inc. OS version R10.3.1.E

Hardware version 10A

Boot ROM version A2.06.B1.01

Upgraded to R 4.12 from 4.03

Upgraded again from R4.12 to R10.3

Following is scrubed Config:

ip subnet-zero

ip classless

ip routing

ipv6 unicast-routing

domain-name "adtrandemo.catg.com"

domain-proxy

name-server x.x.x.x

no auto-config

!

event-history on

no logging forwarding

logging email on

logging email priority-level fatal

logging email receiver-ip smtp.youremailserver.com auth-username your_username auth-password your_password

logging email address-list you@youremailserver.com

logging email exception-report address-list admin@yourserver.com

logging email ip urlfilter top-websites address-list your_email@your_server.com

logging email ip urlfilter top-websites send-time 23:59:59

logging email sender NetVanta7100

!

service password-encryption

!

portal-list "IPPhoneFTP" ftp

username "ftpuser" portal-list "IPPhoneFTP" password encrypted ""

username "polycomftp" portal-list "IPPhoneFTP" password encrypted ""

ip firewall

ip firewall stealth

no ip firewall alg msn

no ip firewall alg mszone

no ip firewall alg h323

!

!

ip dhcp database local

!

ip dhcp pool "VoIP_pool"

  network 10.10.20.0 255.255.255.0

  dns-server 10.10.20.1

  netbios-node-type h-node

  default-router 10.10.20.1

  tftp-server tftp://10.10.20.1

  ntp-server 10.10.20.1

  timezone-offset -6:00

  option 157 ascii TftpServers=0.0.0.0,FtpServers=10.10.20.1:/ADTRAN,FtpLogin=ftpuser,FtpPassword=ftppassword,Layer2Tagging=True,VlanID=2

!

ip dhcp pool "LAN_pool"

  network 10.10.10.0 255.255.255.0

  dns-server 10.10.10.1

  netbios-node-type h-node

  default-router 10.10.10.1

  tftp-server tftp://10.10.10.1

  ntp-server 10.10.10.1

  timezone-offset -6:00

  option 157 ascii TftpServers=0.0.0.0,FtpServers=10.10.20.1:/ADTRAN,FtpLogin=ftpuser,FtpPassword=ftppassword,Layer2Tagging=True,VlanID=2

!

!

!

!

ip urlfilter Web_Http_Filter http

ip urlfilter allowmode

ip urlfilter top-website

!

!

!

!

!

qos map ConfigWizardQoSMap 20

  match dscp 46

  priority 2000

  set dscp 46

  set cos 7

!

!

!

!

vlan 1

  name "Default"

!

vlan 2

  name "VoIP"

!

!

!

interface eth 0/0

  ip address  X.X.X.X  255.255.255.248

  media-gateway ip primary

  no shutdown

  no lldp send-and-receive

!

interface vlan 1

  ip address  10.10.10.1  255.255.255.0

  ip access-policy Private

  ip urlfilter Web_Http_Filter in

  ip urlfilter Web_Http_Filter out

  media-gateway ip primary

  no shutdown

!

interface vlan 2

  ip address  10.10.20.1  255.255.255.0

  ip access-policy Private

  media-gateway ip primary

  no shutdown

!

ip access-list standard wizard-ics

  remark Internet Connection Sharing

  permit any

!

!

ip access-list extended InterVLAN

  permit ip 10.10.10.0 0.0.0.255  10.10.20.0 0.0.0.255   

--MORE--          permit ip 10.10.20.0 0.0.0.255  10.10.10.0 0.0.0.255   

!

ip access-list extended self

  remark Traffic to Netvanta

  permit ip any  any     log

!

ip access-list extended SIP

  remark Simple Remote Phone SIP Traffic

  permit udp host X.X.X.X  any eq 5060 (X.X.X.X = remote end public IP) 

  permit ip host X.X.X.X  any    (X.X.X.X = remote end public IP)

!

ip access-list extended web-acl-3

  remark Close http and ftp when on Internet

  permit tcp any  any eq www   log

  permit tcp any  any eq telnet   log

  permit tcp any  any eq https   log

  permit tcp any  any eq ssh   log

  permit tcp any  any eq ftp   log

  permit icmp any  any  echo   log

!

ip access-list extended web-acl-5

  remark Remote Phone Access 5060

  permit udp any  any eq 5060  

  permit tcp any  any eq 5060   log

!

!

!

!

ip policy-class Private

  allow list self self

  allow list InterVLAN

  nat source list wizard-ics interface eth 0/0 overload

!

ip policy-class Public

  allow list web-acl-3 self

  allow list web-acl-5 stateless

  allow list SIP self

!

!

ip route 0.0.0.0 0.0.0.0 X.X.X.X

!

tftp server

tftp server overwrite

http server

http session-timeout 1800

http secure-server

no snmp agent

ip ftp server

ip ftp server default-filesystem cflash

ip scp server

ip sntp server

ip sntp server send-unsynced

!

ip sip

ip sip udp 5060

ip sip tcp 5060

!

!

!

voice user 5555

  connect sip

  cos "executive_users"

  first-name "John"

  last-name "Test"

  password encrypted ""

  group-ring-call-waiting

  sip-authentication password encrypted ""

  remote-phone

  codec-group g711_first

  voicemail auth-mode password

  voicemail password encrypted ""

  voicemail notify schedule Sunday 12:00 am

!

ip sip authenticate

!

!

ip sip registrar

no ip sip registrar authenticate

ip sip registrar default-expires 180

!

!

!

!

!

ip sip grammar from host domain

ip sip grammar to host domain

!

ip sip qos dscp 46

!

ip sip hmr SIP_GLOBAL_OUT out

!

!

ip sip database local

!

ip sdp grammar hold rfc3264

!

hmr policy SIP_GLOBAL_OUT

  rule-set REMOTE_PHONE_TWEAKS 10

!

!

hmr rule-set REMOTE_PHONE_TWEAKS

  message-rule CHANGE_EXPIRES_TIME message-type response 10

    match header sip-status-line match-value /200/

    match header from match-value /5\d{3}/

    match header CSeq match-value /REGISTER/i

    modify header expires position first-match new-value /55/ 10

    modify header contact position first-match match-value /(;expires=)\d+/i new-value /\155/ 20

!

!

ip rtp quality-monitoring

ip rtp quality-monitoring sip

!

I used the user config to generate a password, then I set the phone IP 706 to connect to the public address of the 7100 for TFTP and FTP.  The phone contacts the TFTP server (Suseccfully) then it changes to the default internal address for FTP even though it is configured for the public address and then it can't download the config.  It seems to me there are some steps missing somewhere maybe on the phone side.  Or does this new setup still require a VPN I was under the impression a VPN was no longer required.

John Wable

0 Kudos
1 Solution

Accepted Solutions
jwable
Contributor III
Contributor III

Re: Remote Phones R10

Jump to solution

Some Additional Information:

    Doing some testing it I have discovered a few additional items of interest.  Since the remote phones are already in the field I started thinking possible the issues could be related to the firmware of the phones not updating through the remote connection, so I setup a computer running an FTP server and a TFTP and put all the files adtran_*.txt files plus the upgraded firmware files the adtran_system.csv file and the iconpixmap.bmp file and then pointed the phone to the local server.  Looking at the FTP logs I noticed that the phone was trying to connect to the FTP using admin for the username instead of the polycomftp, but it did successfully download all the file via TFTP.  Which goes back to the above post of the unit failing to connect to FTP and then changing to the default 10.10.20.1 IP address for TFTP not working.  As an additional experiment I set the FTP server to have a username of admin and password of password and then reset the Adtran phone to Factory Defaults and disabled the local TFTP server, rebooted the phone and it successfully connected via FTP and downloaded all files.  So it appears that you will have to set the DHCP options for FTP credentials on the remote site DHCP server in order for the phone to properly connect via FTP to download the configurations.  Do to an internet issue at the remote site I have not been able to test connectivity to the 7100 yet now that all the config and firmware items have been downloaded to the phone.  However I will let everyone know once it is done.  Also once it is tested and working on the first phone I will add the DHCP options to the remote sites DHCP scope and test the FTP connection again and see if it will then connect to the 7100 and download the needed files.

John Wable

View solution in original post

0 Kudos
7 Replies
jwable
Contributor III
Contributor III

Re: Remote Phones R10

Jump to solution

As a test I changed TFTP on the phone to 0.0.0.0 when FTP ran it tried to go to the proper public IP address but it failed to connect, this tells me that the phone is reaching the TFTP server when it is set to the public IP and the 7100 is telling the phone to use the Private Address of the FTP server, which it doesn't know how to get there.  Most other systems that support remote phones have a place where you configure the public IP address of the SIP Server, however other then the TFTP and FTP settings on the phone I do not see anything like that.

John Wable

jwable
Contributor III
Contributor III

Re: Remote Phones R10

Jump to solution

Some Additional Information:

    Doing some testing it I have discovered a few additional items of interest.  Since the remote phones are already in the field I started thinking possible the issues could be related to the firmware of the phones not updating through the remote connection, so I setup a computer running an FTP server and a TFTP and put all the files adtran_*.txt files plus the upgraded firmware files the adtran_system.csv file and the iconpixmap.bmp file and then pointed the phone to the local server.  Looking at the FTP logs I noticed that the phone was trying to connect to the FTP using admin for the username instead of the polycomftp, but it did successfully download all the file via TFTP.  Which goes back to the above post of the unit failing to connect to FTP and then changing to the default 10.10.20.1 IP address for TFTP not working.  As an additional experiment I set the FTP server to have a username of admin and password of password and then reset the Adtran phone to Factory Defaults and disabled the local TFTP server, rebooted the phone and it successfully connected via FTP and downloaded all files.  So it appears that you will have to set the DHCP options for FTP credentials on the remote site DHCP server in order for the phone to properly connect via FTP to download the configurations.  Do to an internet issue at the remote site I have not been able to test connectivity to the 7100 yet now that all the config and firmware items have been downloaded to the phone.  However I will let everyone know once it is done.  Also once it is tested and working on the first phone I will add the DHCP options to the remote sites DHCP scope and test the FTP connection again and see if it will then connect to the 7100 and download the needed files.

John Wable

View solution in original post

0 Kudos
jwable
Contributor III
Contributor III

Re: Remote Phones R10

Jump to solution

The above manual upgrade and installation of the files resolved the issue allowing the phone to connect remotely with only needing to set the FTP settings in the phone menu.  So if you are deploying remote phones that have not already been connected to the 7100 directly you will need either manualy update the phones, or set the DHCP options including the proper username and password for FTP connections.

John Wable

Anonymous
Not applicable

Re: Remote Phones R10

Jump to solution

John,

Thanks for providing this information for everyone to benefit from.  There was another related post that I just responded to here:

Also, manual and DHCP instructions for both Polycom and ADTRAN IP 700 phones can be found in this post:

I wanted to link these posts together to help anyone else that needs assistance with this later.  Again thanks for the detailed information.

Thanks,
Matt

Message was edited by: matt - updated to link new post

jwable
Contributor III
Contributor III

Re: Remote Phones R10

Jump to solution

Matt,

    Thanks for the additional information.  I would recommend Adtran add that information to the Remote Configuration guide so others do not have to try and figure it out. The problem I ended up having was the remote site DHCP server did not allow for additional DHCP options and I could not get the phone to upgrade the firmware and since it had already been deployed and was working for internal calls (one way audio on external calls) the answer ended up being manually update the phones with a local ftp server at the remote site.

John Wable

Anonymous
Not applicable

Re: Remote Phones R10

Jump to solution

John,

Thanks for the feedback.  I agree that information should be in the guide.  I will work with our Technical Publications group to see if we can add it in a future version.  I also wanted to let you know that I updated the DHCP example in the post I linked to this one.  My original syntax for the tftp-server command was missing the "/polycom" path.

Thanks,
Matt

Anonymous
Not applicable

Re: Remote Phones R10

Jump to solution

One more thing I wanted to note on this post is that FTP and SIP should be restricted from the outside to only trusted and known IP addresses or hostnames.  In the example configuration above web-acl-3 and web-acl-5 allow those protocols from any source, which could be a risk.  Our has some good guidelines to follow in this area. 

Thanks,
Matt