Snom D7xx/TLS mode and reprovision button in 3CX 15.5

Discussion in '3CX Phone System - General' started by Vladimir Alekseev, Sep 24, 2017.

Thread Status:
Not open for further replies.
  1. Vladimir Alekseev

    Joined:
    Sep 24, 2017
    Messages:
    3
    Likes Received:
    0
    Good evening,

    We faced with the problem when reprovision button (3CX Web -> Phones) doesn't work.

    We use TLS (Snom Phone Web -> Identity 1 -> Outbound proxy -> [FDQN]..3cx.eu:5061;transport=tls).

    With Outbound proxy -> [FDQN]..3cx.eu:5060 everything is fine and works well.

    Is there any solution? Thank You
     
  2. StefanW

    StefanW Head of Customer Support and Training
    Staff Member 3CX Support

    Joined:
    Jun 2, 2009
    Messages:
    1,210
    Likes Received:
    85
    I think it is clear that TCP 5061 must be enabled and NATted to your 3CX host. Try telnet to the FQDN:5061
    Second, as we provision this field within 24h we will set it back to defaults.

    Now, as you use a 3CX FQDN, have you copied and pasted the TLS information in the security tab?
    (Note, those certs run out in 90 days and will be re-issued and you need to copy past them again, including sip server restart!)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. Vladimir Alekseev

    Joined:
    Sep 24, 2017
    Messages:
    3
    Likes Received:
    0
    Dear Stefan, yes, everything fine with 5061 port.

    What did you mean copy/paste for TLS? We made zero ssl certificate for ethernet interface and paste it to TLS tab.
    Phone work fine with TLS outbound proxy, fine except reprovision button.

    [​IMG]
     
  4. StefanW

    StefanW Head of Customer Support and Training
    Staff Member 3CX Support

    Joined:
    Jun 2, 2009
    Messages:
    1,210
    Likes Received:
    85
    as the phone does not trust the HTTPs connection and will give you an exception! Review the Snom logs (debug level) and take it from there how to resolve.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    Vladimir Alekseev likes this.
  5. Vladimir Alekseev

    Joined:
    Sep 24, 2017
    Messages:
    3
    Likes Received:
    0
    Dear Stefan,

    without TLS
    Oct 8 21:53:13.511 [DEBUG1] SIP: recv NOTIFY (1: UH6365OMl_J7cAp5vzW9iw..) <- Udp:104.4X.XX.XX:5060
    Oct 8 21:53:13.513 [NOTICE] PHN: Setting server prio 1, type redirection, url: >https://XXXXXXXXXX.3cx.eu:5001/provisioning/XXXXXXXXXXXX/cfg%7Bmac%7D<
    Oct 8 21:53:13.514 [NOTICE] PHN: SetProvisioningActive
    Oct 8 21:53:13.514 [INFO ] PHN: ProvisioningReplacements:

    with TLS (nothing happens on snom side)
    Oct 8 21:51:09.674 [DEBUG2] PHN: WEB: HTTP accepting from Tcp:192.168.0.11:57369
    Oct 8 21:51:09.675 [DEBUG2] PHN: WEB: HTTP 381/80 accepted from Tcp:192.168.0.11:57369
    Oct 8 21:51:09.675 [DEBUG2] PHN: WEB: HTTP 381/80 connected
    Oct 8 21:51:09.676 [INFO ] PHN: WEB: Request 381/653/0: POST /log.htm HTTP/1.1
    Oct 8 21:51:09.676 [INFO ] PHN: WEB: 381 Basic authentication.

    Debug2 logging on.

    What kind of certificate we should to install on the phone? 3CX in the cloud now.

    Thank you...
     
Thread Status:
Not open for further replies.