As we Cisco Phone with Asterisk SIP were friends
As we Cisco friends with SIP
Clients got a new Cisco CP6921 petal here, which looks like a normal phone with its own zakos. Before that, all cisco were configured directly from the device itself, and they were a class above 79xx.
I had to rake a bunch of manuals. Try a bunch of configs. Post on any config the phone understands the instruction of the firmware version and in which case it is reflashed. For some version of the config, he doesn’t understand what we want from him at all and every 30 seconds reloads the config. But not a single packet is sent to an asterisk.
After thinking in a question to the cisco community, since it already exists in its native language. They suggested a site where there was an example of a config, and even a whole bundle of settings. Downloading from having installed this magic on tftp, we saw what about miracle phones to knock on the asterisk, but they get a bluff, because do not want to log in to it. And the plug was in that cisco does not know how to work on udp. Okay, as they say, no problem. Included tcp on the server. And the phones are registered. But only outgoing calls began to work, for all incoming calls they say that the port is closed, the asterisk, or you go through the forest.
Let's go study further. We found out that for some reason they want tls it is not clear why, but they want it. Here I had to find how to fasten to the tsl asterisk. We had Asterisk installed from a turnip, and there were no source codes, and the certificate generation comes from the source code utility, it doesn't matter asterisk-opus found what you need to contrib / scripts / ast_tls_cert, but only the script itself is needed, so it was simply copied from web. The generation is quite banal. (although if you think about it, you can do the same thing on bare openssl without scripts, by analogy, for example, with generating certificates for openvpn when there are no scripts for it, for example, if installed on centos)
1. Create a folder for keys
Restart an asterisk and voila you have working phones.
Squeeze the minimum configuration.
1. Config phone SEPXXXXXXXXXXX.cnf.xml
2. Dialplan
3. Firmware (it is better to have up-to-date, and you can download it from the tsiska just by registering there)
ARMADIK prompts
Well, the firmware itself is 4 files
BOOT69xx.0-0-0-14.zz.sgn
DSP69xx.12-4-122-02-121029.zz.sgn
SIP69xx.9-3-3-2.loads
SIP69xx.9-3-3-2.zz.sgn
The name of the loads is specified in the section
P.S.
Also found out that cisco is kind
This means that Web access is allowed.
Clients got a new Cisco CP6921 petal here, which looks like a normal phone with its own zakos. Before that, all cisco were configured directly from the device itself, and they were a class above 79xx.
I had to rake a bunch of manuals. Try a bunch of configs. Post on any config the phone understands the instruction of the firmware version and in which case it is reflashed. For some version of the config, he doesn’t understand what we want from him at all and every 30 seconds reloads the config. But not a single packet is sent to an asterisk.
After thinking in a question to the cisco community, since it already exists in its native language. They suggested a site where there was an example of a config, and even a whole bundle of settings. Downloading from having installed this magic on tftp, we saw what about miracle phones to knock on the asterisk, but they get a bluff, because do not want to log in to it. And the plug was in that cisco does not know how to work on udp. Okay, as they say, no problem. Included tcp on the server. And the phones are registered. But only outgoing calls began to work, for all incoming calls they say that the port is closed, the asterisk, or you go through the forest.
Let's go study further. We found out that for some reason they want tls it is not clear why, but they want it. Here I had to find how to fasten to the tsl asterisk. We had Asterisk installed from a turnip, and there were no source codes, and the certificate generation comes from the source code utility, it doesn't matter asterisk-opus found what you need to contrib / scripts / ast_tls_cert, but only the script itself is needed, so it was simply copied from web. The generation is quite banal. (although if you think about it, you can do the same thing on bare openssl without scripts, by analogy, for example, with generating certificates for openvpn when there are no scripts for it, for example, if installed on centos)
1. Create a folder for keys
mkdir / etc / asterisk / keys2. create a set of certificates
. / ast_tls_cert -C pbx.mycompany.com -O "My Super Company" -d / etc / asterisk / keysIt remains only to add the settings in sip.conf (Enable TCP and TLS)
[ general ]
tcpenable = yes
transport = udp, tcp
tlsenable = yes
tlsbindaddr = 0.0.0.0
tlscertfile = / etc / asterisk / keys / asterisk. pem
tlscafile = / etc / asterisk / keys / ca. crt
tlscipher = ALL
tlsclientmethod = tlsv1 ; none of the others seem to work with the client
Restart an asterisk and voila you have working phones.
Squeeze the minimum configuration.
1. Config phone SEPXXXXXXXXXXX.cnf.xml
2. Dialplan
3. Firmware (it is better to have up-to-date, and you can download it from the tsiska just by registering there)
Phone config
<? xml version = "1.0" encoding = "UTF-8" ?>
<device >
<deviceProtocol > SIP </ deviceProtocol >
')
<sshUserId > admin </ sshUserId >
<sshPassword > cisco </ sshPassword >
<devicePool >
<dateTimeSetting >
<dateTemplate > D / M / Ya </ dateTemplate >
<timeZone > Ekaterinburg Standard Time </ timeZone >
<ntps >
<ntp >
<name > 10.0.3.1 </ name >
<ntpMode > Unicast </ ntpMode >
</ ntp >
</ ntps >
</ dateTimeSetting >
<callManagerGroup >
<members >
<member priority = "0" >
<callManager >
<ports >
<ethernetPhonePort > 2000 </ ethernetPhonePort >
<sipPort > 5060 </ sipPort >
<securedSipPort > 5061 </ securedSipPort >
<voipControlPort > 5060 </ voipControlPort >
</ ports >
<processNodeName > ASTERISK_IP </ processNodeName >
</ callManager >
</ member >
</ members >
</ callManagerGroup >
</ devicePool >
<commonProfile >
<phonePassword > </ phonePassword >
<backgroundImageAccess > true </ backgroundImageAccess >
<callLogBlfEnabled > 3 </ callLogBlfEnabled >
</ commonProfile >
<loadInformation > SIP69xx.9-3-3-2 </ loadInformation >
<vendorConfig >
<disableSpeaker > false </ disableSpeaker >
<disableSpeakerAndHeadset > false </ disableSpeakerAndHeadset >
<pcPort > 0 </ pcPort >
<settingsAccess > 1 </ settingsAccess >
<garp > 0 </ garp >
<voiceVlanAccess > 0 </ voiceVlanAccess >
<ciscoCamera > 1 </ ciscoCamera >
<videoCapability > 1 </ videoCapability >
<usbClasses > 0,1,2 </ usbClasses >
<sdio > 1 </ sdio >
<wifi > 0 </ wifi >
<bluetoothProfile > 0.1 </ bluetoothProfile >
<powerNegotiation > 0 </ powerNegotiation >
<autoSelectLineEnable > 0 </ autoSelectLineEnable >
<webAccess > 0 </ webAccess >
<sshAccess > 0 </ sshAccess >
<g722CodecSupport > </ g722CodecSupport >
<daysDisplayNotActive > 1,2,3,4,5,6,7 </ daysDisplayNotActive >
<displayOnTime > 08:30 </ displayOnTime >
<displayOnDuration > 09:30 </ displayOnDuration >
<displayIdleTimeout > 01:00 </ displayIdleTimeout >
<displayOnWhenIncomingCall > 1 </ displayOnWhenIncomingCall >
<spanToPCPort > 1 </ spanToPCPort >
<loggingDisplay > 1 </ loggingDisplay >
<loadServer > </ loadServer >
</ vendorConfig >
<enterpriseConfig >
<usb1 > 1 </ usb1 >
<usb2 > 1 </ usb2 >
<ciscoCamera > 1 </ ciscoCamera >
<usbClasses > 0,1,2 </ usbClasses >
<sdio > 1 </ sdio >
<bluetooth > 1 </ bluetooth >
<wifi > 1 </ wifi >
<bluetoothProfile > 0.1 </ bluetoothProfile >
<joinAndDirectTransferPolicy > 0 </ joinAndDirectTransferPolicy >
<videoCapability > 1 </ videoCapability >
<webAccess > 0 </ webAccess >
<eapAuthentication > 2 </ eapAuthentication >
<webProtocol > 0 </ webProtocol >
</ enterpriseConfig >
<advertiseG722Codec > </ advertiseG722Codec >
<networkLocale > United_States </ networkLocale >
<networkLocaleInfo >
<name > United_States </ name >
<uid > 64 </ uid >
<version > 8.5.0.0 (1) </ version >
</ networkLocaleInfo >
<deviceSecurityMode > 1 </ deviceSecurityMode >
<idleTimeout > 0 </ idleTimeout >
<authenticationURL > </ authenticationURL >
<directoryURL > </ directoryURL >
<idleURL > </ idleURL >
<informationURL > </ informationURL >
<messagesNumber > </ messagesNumber >
<messagesURL > </ messagesURL >
<proxyServerURL > </ proxyServerURL >
<servicesURL > </ servicesURL >
<dscpForSCCPPhoneConfig > 96 </ dscpForSCCPPhoneConfig >
<dscpForSCCPPhoneServices > 0 </ dscpForSCCPPhoneServices >
<dscpForCm2Dvce > 96 </ dscpForCm2Dvce >
<transportLayerProtocol > 4 </ transportLayerProtocol >
<dndCallAlert > 5 </ dndCallAlert >
<phonePersonalization > 1 </ phonePersonalization >
<rollover > 0 </ rollover >
<singleButtonBarge > 0 </ singleButtonBarge >
<joinAcrossLines > 1 </ joinAcrossLines >
<autoCallPickupEnable > false </ autoCallPickupEnable >
<blfAudibleAlertSettingOfIdleStation > 0 </ blfAudibleAlertSettingOfIdleStation >
<blfAudibleAlertSettingOfBusyStation > 0 </ blfAudibleAlertSettingOfBusyStation >
<capfAuthMode > 0 </ capfAuthMode >
<capfList >
<capf >
<phonePort > 3804 </ phonePort >
</ capf >
</ capfList >
<certHash > </ certHash >
<encrConfig > false </ encrConfig >
<sipProfile >
<sipProxies >
<backupProxy > USECALLMANAGER </ backupProxy >
<backupProxyPort > 5060 </ backupProxyPort >
<emergencyProxy > USECALLMANAGER </ emergencyProxy >
<emergencyProxyPort > 5060 </ emergencyProxyPort >
<outboundProxy > </ outboundProxy >
<outboundProxyPort > </ outboundProxyPort >
<registerWithProxy > true </ registerWithProxy >
</ sipProxies >
<sipCallFeatures >
<cnfJoinEnabled > true </ cnfJoinEnabled >
<callForwardURI > x-cisco-serviceuri-cfwdall </ callForwardURI >
<callPickupURI > x-cisco-serviceuri-pickup </ callPickupURI >
<callPickupListURI > x-cisco-serviceuri-opickup </ callPickupListURI >
<callPickupGroupURI > x-cisco-serviceuri-gpickup </ callPickupGroupURI >
<meetMeServiceURI > x-cisco-serviceuri-meetme </ meetMeServiceURI >
<abbreviatedDialURI > x-cisco-serviceuri-abbrdial </ abbreviatedDialURI >
<rfc2543Hold > false </ rfc2543Hold >
<callHoldRingback > 2 </ callHoldRingback >
<localCfwdEnable > true </ localCfwdEnable >
<semiAttendedTransfer > true </ semiAttendedTransfer >
<anonymousCallBlock > 2 </ anonymousCallBlock >
<callerIdBlocking > 2 </ callerIdBlocking >
<dndControl > 0 </ dndControl >
<remoteCcEnable > true </ remoteCcEnable >
<retainForwardInformation > true </ retainForwardInformation >
</ sipCallFeatures >
<sipStack >
<sipInviteRetx > 6 </ sipInviteRetx >
<sipRetx > 10 </ sipRetx >
<timerInviteExpires > 180 </ timerInviteExpires >
<timerRegisterExpires > 3600 </ timerRegisterExpires >
<timerRegisterDelta > 5 </ timerRegisterDelta >
<timerKeepAliveExpires > 120 </ timerKeepAliveExpires >
<timerSubscribeExpires > 120 </ timerSubscribeExpires >
<timerSubscribeDelta > 5 </ timerSubscribeDelta >
<timerT1 > 500 </ timerT1 >
<timerT2 > 4000 </ timerT2 >
<maxRedirects > 70 </ maxRedirects >
<remotePartyID > false </ remotePartyID >
<userInfo > None </ userInfo >
</ sipStack >
<autoAnswerTimer > 0 </ autoAnswerTimer >
<autoAnswerAltBehavior > false </ autoAnswerAltBehavior >
<autoAnswerOverride > true </ autoAnswerOverride >
<transferOnhookEnabled > false </ transferOnhookEnabled >
<enableVad > false </ enableVad >
<preferredCodec > none </ preferredCodec >
<dtmfAvtPayload > 101 </ dtmfAvtPayload >
<dtmfDbLevel > 3 </ dtmfDbLevel >
<dtmfOutofBand > avt </ dtmfOutofBand >
<alwaysUsePrimeLine > true </ alwaysUsePrimeLine >
<alwaysUsePrimeLineVoiceMail > true </ alwaysUsePrimeLineVoiceMail >
<kpml > 3 </ kpml >
<natEnabled > false </ natEnabled >
<natAddress > ASTERISK_IP </ natAddress >
<stutterMsgWaiting > 2 </ stutterMsgWaiting >
<callStats > false </ callStats >
<silentPeriodBetweenCallWaitingBursts > 10 </ silentPeriodBetweenCallWaitingBursts >
<disableLocalSpeedDialConfig > false </ disableLocalSpeedDialConfig >
<startMediaPort > 10,000 </ startMediaPort >
<stopMediaPort > 20000 </ stopMediaPort >
<voipControlPort > 5060 </ voipControlPort >
<dscpForAudio > 184 </ dscpForAudio >
<dscpVideo > 136 </ dscpVideo >
<dscpForTelepresence > 128 </ dscpForTelepresence >
<ringSettingBusyStationPolicy > 0 </ ringSettingBusyStationPolicy >
<dialTemplate > dialplan.xml </ dialTemplate >
<voipControlPort > 5060 </ voipControlPort >
<phoneLabel > SIP_NUMBER </ phoneLabel >
<sipLines >
<line button = "1" lineIndex = "1" >
<featureID > 9 </ featureID >
<featureLabel > SIP_NUMBER </ featureLabel >
< SIP_NUMBER </ name >
<displayName > SIP_NUMBER </ displayName >
<contact > </ contact >
<proxy > USECALLMANAGER </ proxy >
<port > 5060 </ port >
<autoAnswer >
<autoAnswerEnabled > 0 </ autoAnswerEnabled >
</ autoAnswer >
<callWaiting > 4 </ callWaiting >
<authName > SIP_NUMBER </ authName >
<authPassword > SIPPASS </ authPassword >
<sharedLine > false </ sharedLine >
<messageWaitingLampPolicy > 3 </ messageWaitingLampPolicy >
<messageWaitingAMWI > 1 </ messageWaitingAMWI >
<messagesNumber > 1000 </ messagesNumber >
<ringSettingIdle > 4 </ ringSettingIdle >
<ringSettingActive > 5 </ ringSettingActive >
<forwardCallInfoDisplay >
<callerName > true </ callerName >
<callerNumber > false </ callerNumber >
<redirectedNumber > false </ redirectedNumber >
<dialedNumber > true </ dialedNumber >
</ forwardCallInfoDisplay >
<maxNumCalls > 4 </ maxNumCalls >
<busyTrigger > 2 </ busyTrigger >
</ line >
</ sipLines >
</ sipProfile >
<phoneServices >
<provisioning > 0 </ provisioning >
<phoneService type = "1" category = "0" >
<name > Missed Calls </ name >
<url > Application: Cisco / MissedCalls </ url >
<vendor > </ vendor >
<version > </ version >
</ phoneService >
<phoneService type = "2" category = "0" >
<name > voicemail </ name >
<url > Application: Cisco / Voicemail </ url >
<vendor > </ vendor >
<version > </ version >
</ phoneService >
<phoneService type = "1" category = "0" >
<name > Received Calls </ name >
<url > Application: Cisco / ReceivedCalls </ url >
<vendor > </ vendor >
<version > </ version >
</ phoneService >
<phoneService type = "1" category = "0" >
<name > Placed Calls </ name >
<url > Application: Cisco / PlacedCalls </ url >
<vendor > </ vendor >
<version > </ version >
</ phoneService >
</ phoneServices >
</ device >
ARMADIK prompts
You can run on <transportLayerProtocol> 2 </ transportLayerProtocol> different transport4 — Use default transport protocol (in old firmwares — udp, in latest — tcp), may be this also a TLS selection 2 — Prefer use UDP 1 — Prefer use TCP Add 2 line to your phone is very simple, you need to create another section of the line in sipLinesLike this
...
</ line >
<line button = "2" lineIndex = "2" >
...
</ line >
</ sipLines >
Dialplan, simply and without frills<sipLines >
<line button = "1" lineIndex = "1" >
...
</ line >
<line button = "2" lineIndex = "2" >
...
</ line >
</ sipLines >
<DIALTEMPLATE >
<TEMPLATE MATCH = "*" Timeout = "6" />
</ DIALTEMPLATE >
Well, the firmware itself is 4 files
BOOT69xx.0-0-0-14.zz.sgn
DSP69xx.12-4-122-02-121029.zz.sgn
SIP69xx.9-3-3-2.loads
SIP69xx.9-3-3-2.zz.sgn
The name of the loads is specified in the section
<loadInformation > SIP69xx.9-3-3-2 </ loadInformation >
P.S.
Also found out that cisco is kind
<webAccess > 0 </ webAccess >
This means that Web access is allowed.
Source: https://habr.com/ru/post/177947/
All Articles