September 5, 2014 at 19:07

How we were Cisco Phone friends with Asterisk SIP

  • Tutorial
How we Cisco Phone were friends with SIP
We got a new Cisco CP6921 animal here, apparently a normal phone with its own braces. Before that, all cisco were configured directly from the device itself, and they were a class higher than 79xx.
I had to rake a bunch of manuals. Try a bunch of configs. Posti on any config phone understands the firmware version instructions and in case of which it is reflashed. On some version of the config, he does not understand what we want from him at all and every 30 seconds reloads the config. But not a single packet is sent to the asterisk.
After thinking, I asked a question to the cisco community, since it already exists in the native language. They prompted the sitewhere there was an example of a config and even the whole bundle of settings. Having downloaded from installing this magic on tftp, we saw that miracle phones knock on the asterisk, but they get a shit, because do not want to log in to it. And the plug turned out to be that cisco does not know how to work on udp. Okay, as they say, no problem. Enabled tcp on the server. And the phones are registered. But only outgoing calls began to work, they say to all incoming that the port is closed, go asterisk forest.
Let's go study further. We found out that for some reason they want tls, it is not clear the truth is why, but they want to. Here I already had to find how to fasten tsl to the asterisk. We had Asterisk installed from a turnip, and there were no sources, and certificate generation is a utility from a set of sources, it doesn’t matter asterisk-opusit found what contrib / scripts / ast_tls_cert needed, however, only the script itself was needed, so it was simply copied from the web. Generation is quite commonplace. (although if you think about it, the same thing can be done on baressl without scripts, by analogy, for example, with generating certificates for openvpn when there are no scripts for it, for example, if installed on centos)

1. Create a folder for keys
mkdir / etc / asterisk / keys
2. create a set of certificates
./ast_tls_cert -C pbx.mycompany.com -O "My Super Company" -d / etc / asterisk / keys
All that remains is to add the settings to sip.conf (Enabling TCP and TLS)
[general]
  tcpenable = yes
  transport = udp, tcp
  tlsenable = yes
  tlsbindaddr = 0.0.0.0
  tlscertfile = / etc / asterisk / keys / asterisk.pem
  tlscafile = / etc / asterisk / keys / ca.crt
  tlscipher = ALL
  tlsclientmethod = tlsv1; none of the others seem to work with Blink as the client

Restart asterisk and voila you have working phones.
Squeeze the minimum configuration.
1. Phone config SEPXXXXXXXXXX.cnf.xml
2. Dialplan
3. Firmware (it’s better to have the current one, and you can download it from the tsisk just by logging in there)

Phone config


Sip
 
admin
cisco
 

  
    D / M / Ya
    Ekaterinburg Standard Time
    
      
        10.0.3.1
        Unicast
      
    
  
 
  
    
      
        
          
            2000
            5060
            5061
            5060
          
          ASTERISK_IP
        
      
    
  

 

  
  true
  3

 
SIP69xx.9-3-3-2
 

  false
  false
  0
  1
  0
  0
  1
  1
  0,1,2
  1
  0
  0.1
  0
  0
  0
  0
  
  1,2,3,4,5,6,7
  08:30
  09:30
  01:00
  1
  1
  1
  

 

  1
  1
  1
  0,1,2
  1
  1
  1
  0.1
  0
  1
  0
  2
  0


United_states

  United_states
  64
  8.5.0.0 (1)

 
1
 
0








96
0
96
 
4
5
1
0
0
1
false
0
0
 
0

  
    3804
  

 

false

  
    USECALLMANAGER
    5060
    USECALLMANAGER
    5060
    
    
    true
  
 
  
    true
    x-cisco-serviceuri-cfwdall
    x-cisco-serviceuri-pickup
    x-cisco-serviceuri-opickup
    x-cisco-serviceuri-gpickup
    x-cisco-serviceuri-meetme
    x-cisco-serviceuri-abbrdial
    false
    2
    true
    true
    2
    2
    0
    true
    true
  
 
  
    6
    10
    180
    3600
    5
    120
    120
    5
    500
    4000
    70
    false
    None
  
 
  0
  false
  true
  false
  false
  none
  101
  3
  avt
  true
  true
  3
  false
  ASTERISK_IP
 
  2
 
  false
  10
  false
 
 
  10,000
  20000
  5060
  184
  136
  128
  0
  dialplan.xml
  5060
  SIP_NUMBER
  
    
      9
      SIP_NUMBER
      SIP_NUMBER
      SIP_NUMBER
      
      USECALLMANAGER
      5060
      
        0
      
      4
 
      SIP_NUMBER
      Sippass
 
      false
      3
      1
      1000
      4
      5
 
      
        true
        false
        false
        true
      
      4
      2
    
  

 

  0
  
    Missed calls
    Application: Cisco / MissedCalls
    
    
  
  
    Voicemail
    Application: Cisco / Voicemail
    
    
  
  
    Received Calls
    Application: Cisco / ReceivedCalls
    
    
  
  
    Placed calls
    Application: Cisco / PlacedCalls
    
    
  


ARMADIK tells
You can run on different vehicles2
4 — Use default transport protocol (in old firmwares — udp, in latest — tcp), may be this also a TLS selection
2 — Prefer use UDP
1 — Prefer use TCP
Adding 2 lines to your phone is very simple, you need to create another line section in sipLines
Something like this

  

    ...
  
  
    ...
  
Dialplan, simply and without frills

  

Well, the firmware itself is 4 files
BOOT69xx.0-0-0-14.zz.sgn
DSP69xx.12-4-122-02-121029.zz.sgn
SIP69xx.9-3-3-2.loads
SIP69xx.9- 3-3-2.zz.sgn
The name loads is indicated in the section
SIP69xx.9-3-3-2

P.S.
We also found out that cisco is peculiar
0

This means that web access is allowed.
Tags:

Also popular now: