New J179 IP Phones 7

[superikey]

Trying to setup my first J179 IP phone on my demo system here in my Lab.
I upgraded the system to R11 which is requited, but cant get the phone to register.
After putting in Extn and Password, the phone sits on "acquiring services" and goes no where.
Any ideas?


Isaac Braca
Avaya ACA - IP Office
CTO / ICCS & Co., LLC.


ICCS, Your Premier IT & Telecom Partner, is a New York City Based Avaya SMB Expert Business Partner and IT Consulting Firm.

Visit and Post on my Blog:

http://ipofficeexpert.blogspot.com/

 

[mkoker]

Did the firmware update? What does the setting menu show for info? I had run early versions of the sets and they were pretty fool proof.

NTSDirect

 

[sizbut]

1) Go into the phone's admin menus and looking at which server addresses it has got would tell us a lot. It needs to have got the IP Office address as its file server in order to have then requested its J100Supgrade.txt file and the settings.txt file. That either happens through DHCP or through you entering the address when the new phone first prompts for it.

2) Its a SIP phone, so even if you've have 9600 phones working fine, you need to enable the settings for SIP extension support (SIP registrars, etc).

3) For R11.0, new SIP extensions register using the extension Phone Password settings rather than the user Login Code.

4) If you're not using the auto-generated 46xxsettings.txt file then you're probably missing a lot of settings. Take a backup copy of your existing 46xxsettings.txt file and then delete it from the system. Let the system auto-generate a settings file by looking at it using a browser and save a copy of that. Compare the two. Any custom settings that you previously had in the 46xxsettings.txt file now need to go in a file called 46xxspecials.txt.



Stuck in a never ending cycle of file copying.

 

[TheSmash]

Great post from @sizbut - have a star.

Pay special attention to Point 3) as this is essential (and documented).

Only thing I would add is that to enable the 46xxspecials.txt file in the autogenrated settings, add this to the NoUser source numbers;

ENABLE_46XXSPECIALS_TXT

Lastly - if you have TLS enabled, then you may need to make some modifications to the settings file depending on the certificates being used.

ACSS (SME)

 

[sizbut]

Cheers. For the GA release they removed the need for the NUSN (they worked out it the specials file would be very popular).

So now, if the 46xxspecials.txt file is present on the system, then the extra command to use it is automatically added to the auto-generated 46xxsettings.txt file.

Stuck in a never ending cycle of file copying.

 

[jayjr1105]

So these aren't H323? How does licensing go?

 

[tlpeter]

Yes and no.
They come with SIP firmware but uses a normal IP license but you can convert them to H.323 although it makes no sense.


BAZINGA!

I'm not insane, my mother had me tested!

 

[gwebster]

They are SIP (which is great for remote users via an SBC without the hassles of VPN) but have special signaling with IP Office so offer the same features as an H.323 9611G.

 

[daveinwearside]

if you convert them to h323 the screen and options go just like the 96X1 screens, sort of ruins the look and the feel of the phone

ACSS SME
APSS SME

A word to the wise ain't necessary - it's the stupid ones that need the advice.

 

[C0mmUN1cAt0r]

hi followed all relevant knowledge base info this but still no joy getting the phones working.

Basically as a test I web browsed to the 46xxsettings which auto generated, all the settings within look ok but a j179 just doesn't seem to take the settings. The SIP proxy remains blank, it does say press new to add, but new option doesn't list. Its like the phone just doesn't look to the file and pull its settings through.

I don't have the J100 upgrade file from what I can see within the file manager , but no where references adding this so presuming this is part of the standard IPO files from ISO

thought it may have been an issue with TLS so disabled but still no look.

I've reset the phones to factory numerous times but still no joy - any ideas?

 

[gwebster]

The J179 comes from the factory with 1.5 firmware. You will need to get it to 2.0 firmware to work on IPO.

 

[CASSBusinessSystems]

Make sure you are using the Extension phone password when logging in j1xx phones.

 

[Jonjr88]

Does anyone have the J169 working with TLS enabled? I currently have a ticket open with Avaya since the J169 just sits at acquiring Service when TLS is enabled. The phone is grabbing the correct identity cert. Once I disable TLS phone connects right up. Same outcome on 2 different systems running R11.

 

[TheSmash]

If you don't have a SIP URI in the identity cert it won't work. Check the latest installation documents for details. The workaround is to set this in the 46xxSpecials.txt;

SET TLSSRVRID 0

Which disables the check in the phone.

ACSS (SME)

 

[Ekster]

We also found that TLS did not work with our cert. It was a wildcard cert and apparently Wildcard certificates for SIP are forbidden by the SIP RFCs. (not sure why)

“Some humans would do anything to see if it was possible to do it. If you put a large switch in some cave somewhere, with a sign on it saying 'End-of-the-World Switch. PLEASE DO NOT TOUCH', the paint wouldn't even have time to dry.”

Terry Pratchet

 

[TheSmash]

Here is the relevant information and explanation. Plus my workaround above until an appropriate certificate is added.

Link

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Server certificate identity validation is only performed when TLSSRVRID is set to 1.
When it is enabled, the phone verifies the identity contained in the server certificate. The TLS connection
fails if any aspect of identity validation fails.
All TLS connections, that is, SIP-TLS and HTTPS-TLS, verify that the identity is contained in the
server certificate. The server identity that is used for verification is the address that is used to
connect to the server. This might be one of the following:
• IPv4 adress. For example, 192.168.1.2
• IPv6 address. For example, 2001:db8::2:1
• FQDN. For example, hostname.domain.com
This identity must match an identity found in the certificate. The matching is case insensitive. The
phone first checks for the server identity in the Subject Alternative Name (SAN). If it cannot be
found in the SAN, then the phone checks the certificate common name (CN). This validation is
based on RFC 2818.
The phone checks for an IP address server identity match with the following in the specified order
until a match is found:
1. Field of type IP address in the SAN extension
2. Full content of one field in the CN
The phone checks for a FQDN server identity match with the following in the specified order until a
match is found:
1. Field of type DNSName in the SAN extension. An exact match of the full string is required.
For example, host.subdomain.domain.com does not match subdomain.domain.com.
2. Full content of one field in the CN using the same rules as DNSName in SAN.
Note:
Identities containing a wildcard are not supported and do not match. For example,
*.domain.com in the certificate will not match a connection to hostname.domain.com.
In addition, all SIP-TLS connections also verify that the SIP domain configured on the phone is
present in the SIP server certificate as per RFC 5922.
The phone checks for a SIP domain match with the following in the specified order until a match is
found:
1. Field of type URI in the SAN extension.
2. Field of type DNSName in the SAN extension and there is no URI field in the list of SAN
extensions.
3. Full content of one field in the CN and there is no URI field in the list of SAN extensions.
Note:
Only full matches are allowed. For example, a configured SIP domain of sipdomain.com will
1. not match a SAN DNSName containing proxy1.sipdomain.com.


ACSS (SME)

 

[chaunymony]

Have a * CASS. THAT phone password. lol. You just saved me a bunch of head beating. . .

ACSS-SME
ACIS-SME