Saturday, September 20, 2008

SNOM OCS Edition...

SNOM OCS Edition firmware (Contact tk@snom.com)


I recently purchased two SNOM VoIP phones, a 320 dual line display and a 370 hi-res LCD unit. My goal is to connect them in various configurations to my software based PBX solution (pbxnsip) and my Microsoft Office Communications Server 2007 lab environment.

Tim Koehler of SNOM in Germay was kind enough to respond to my request for their latest firmware which supports OCS. The firmware update allows registration, SRTP, and directory lookup from Active Directory along with basic presence information.

Both phones use similar firmware and support the same basic features:

  • Create a call from OCS to SNOM or SNOM to OCS
  • Call transfer (attended/unattended/blind)
  • Hold/Unhold
  • TLS Encryption
  • Basic Presence (in a call/available)

The instructions on how to configure the phones are quite good however they are missing one or two steps (http://www.snom.com/en/products/software/how-to-configure-the-snom-ocs-edition/).

Step 4 shows the setting "Register HTTP Contact:" as "Off" however the instructions don't specifically indicate to make this setting. My firmware on both phones had this set to "On" which resulted in an error when registering "Invalid Contact Information".

Also, when the phone attempted to register using the IP or FQDN as suggested (i.e. 192.168.1.100;transport=tls), it would fail with the error "Registration Failed". When searching event viewer logs on the OCS server I found several error messages such as:


A significant number of invalid certificates have been provided by remote IP
address 192.168.1.70 when attempting to establish an MTLS peer. There have been
10 such failures in the last 20 minutes.
Certificate Names associated with
this peer were
snom VoIP Phone
The serial number of this certificate
is
00.
The issuer of this certificate is snom VoIP Phone
The specific
failure types and their counts are identified below.
Instance count - Failure
Type
10 800B0109

So for some reason the phone is attempting to use MTLS to connect to the OCS server. To resolve this I created a new inbound connection object on my front-end server. I set it to use the same IP, port 5066, and TLS as the transport. I then configured the registration parameter in the phone to: "192.168.1.100:5066;transport=tls" and it worked!

So now the phones can be registered with OCS. I can call back and forth between MOC, Tanjay, and SNOM without issue.

In order for presence information to be conveyed I had to set the "Report Machine State" value to "On". Now when I pick up the handset the presence shows "In a call".

This solution isn't without significant issues though and deploying these units as is would be impossible in just about every environment.

So here are the current issues:

1. When I call in from the PSTN my DID goes to my Exchange UM server where the Auto Attendant picks up the call. I type in the extension of my now-signed-in SNOM phone (+8021) and it rings! I pick up the phone and NO AUDIO comes through.

I can call from OCS to OCS (SNOM) and it works great.
I can call from OCS (SNOM) to OCS and it works great.
I can call from OCS to my Exchange UM AA and transfer to the OCS (SNOM) and it works great.
I can call from OCS (SNOM) to PSTN and it works great.

!!UPDATE!! You need to change the dial plan in Exchange UM to "SIP Secured" for this to work.

2. When I place a call on hold using the OCS (SNOM) unit, the other party shows the call being held. When I pick up the call again it drops the call. I've tried this many different ways and think this is a genuine bug.

!!UPDATE!! This appears to be resolved with the above fix ("SIP Secured" setting).

3. When I try to call my Exchange UM AA from my OCS (SNOM) unit, I get an error "unsupported media type" on the phone and Exchange produces an error:


'The SDP media description received from the remote SIP peer could not
be parsed.'

!!UPDATE!! You need to change the dial plan in Exchange UM to "SIP Secured" for this to work. Also, change the "RTP Encryption" setting to "off" in the user registration, RTP settings.

4. I'm not 100% sure how to bring up the directory but I've found that hitting the "0" key once or twice usually works. I've programmed the Directory button to do this for me so I suppose its working

That's all I have for now...I'll post again as I find out more.

Cheers!

No comments:

Post a Comment