<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
Quick update.<br>
<br>
Grandstream finally released the first update to theirDP715
firmware, new v. 1.0.0.8.<br>
<br>
Here are the differences:<br>
<ol>
<li>I can receive calls over secure SIP and RTP</li>
<li>No outgoing calls go through</li>
</ol>
<p>What I observed the phone replies from a different port compared
to a port it receives SIP messages on. As a result Asterisk
becomes confused. For example, "sip set debug peer 999" would
only track messages to the phone.<br>
</p>
<p>Grandstream's support is beyond the level of criticism. It takes
them 10 days to reply to a posted message. It seems their only
goal is to close the case. So far I am still to see a single bit
of help from them.<br>
</p>
<p>I will continue updating this thread.<br>
</p>
<p>-Vladimir<br>
<br>
</p>
<p><br>
</p>
<br>
<br>
<div class="moz-cite-prefix">On 8/31/2012 8:07 PM, Vladimir
Mikhelson wrote:<br>
</div>
<blockquote cite="mid:50415FB9.3000806@mikhelson.com" type="cite">
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
Carlos,<br>
<br>
So far the experience with DP715 is extremely negative.<br>
<br>
It all starts with the WEB interface which is only served on port
80, no https, period. There is no login name, just password.<br>
<br>
The phone worked as expected with insecure SIP and RTP. As I
started playing with security the phone started acting up. It
randomly took calls, then stopped. It placed calls, then stopped.<br>
<br>
Following is a sample of a corrupted SIP message Asterisk receives
from DP715 (pay attention to Call-ID: <a moz-do-not-send="true"
class="moz-txt-link-abbreviated"
href="mailto:477744485-5061-8@BHC.BH.BDH.HB">477744485-5061-8@BHC.BH.BDH.HB</a>):<br>
<br>
[2012-08-23 23:55:09] DEBUG[14132] chan_sip.c: Header 0 [ 14]:
SIP/2.0 200 OK<br>
[2012-08-23 23:55:09] DEBUG[14132] chan_sip.c: Header 1 [ 69]:
Via: SIP/2.0/TLS
172.17.137.11:5061;branch=z9hG4bK2f5ce157;rport=5061<br>
[2012-08-23 23:55:09] DEBUG[14132] chan_sip.c: Header 2 [ 57]:
From: <a moz-do-not-send="true" class="moz-txt-link-rfc2396E"
href="mailto:sip:*97@pbx.int.mikhelson.com:5061"><sip:*97@pbx.int.mikhelson.com:5061></a>;tag=as50c4dc59<br>
[2012-08-23 23:55:09] DEBUG[14132] chan_sip.c: Header 3 [ 54]: To:
<a moz-do-not-send="true" class="moz-txt-link-rfc2396E"
href="mailto:sip:471@pbx.int.mikhelson.com:5061"><sip:471@pbx.int.mikhelson.com:5061></a>;tag=436538044<br>
[2012-08-23 23:55:09] DEBUG[14132] chan_sip.c: Header 4 [ 39]:
Call-ID: <a moz-do-not-send="true"
class="moz-txt-link-abbreviated"
href="mailto:477744485-5061-8@BHC.BH.BDH.HB">477744485-5061-8@BHC.BH.BDH.HB</a><br>
[2012-08-23 23:55:09] DEBUG[14132] chan_sip.c: Header 5 [ 13]:
CSeq: 102 BYE<br>
[2012-08-23 23:55:09] DEBUG[14132] chan_sip.c: Header 6 [ 51]:
Contact: <a moz-do-not-send="true" class="moz-txt-link-rfc2396E"
href="mailto:sip:471@172.17.137.71:5061;transport=tls"><sip:471@172.17.137.71:5061;transport=tls></a><br>
[2012-08-23 23:55:09] DEBUG[14132] chan_sip.c: Header 7 [ 43]:
Supported: replaces, path, timer, eventlist<br>
[2012-08-23 23:55:09] DEBUG[14132] chan_sip.c: Header 8 [ 37]:
User-Agent: Grandstream DP715 1.0.0.5<br>
[2012-08-23 23:55:09] DEBUG[14132] chan_sip.c: Header 9 [ 80]:
Allow: INVITE, ACK, OPTIONS, CANCEL, BYE, SUBSCRIBE, NOTIFY, INFO,
REFER, UPDATE<br>
[2012-08-23 23:55:09] DEBUG[14132] chan_sip.c: Header 10 [ 17]:
Content-Length: 0<br>
<br>
According to RFC 3261, "Call-ID contains a globally unique
identifier for this call, generated by the combination of a random
string and the softphone's host name or IP address."<br>
<br>
Interestingly, the problem is intermittent. Some calls go
through. Asterisk must be able to process these calls from time
to time. Which is strange on its own.<br>
<br>
On top of everything Grandstream's support organization does not
seem to exist for all practical purposes. I opened the case on
08/22/2012. Today, 08/31/2012, I finally received a response,
"Sorry for missing your call yesterday. We checked the syslog you
sent to us and seems the TLS is shut down. I just got some TLS
internal test accounts today and will do a quick test. I'll let
you know soon. It took them 9 days to start looking into the
issue.<br>
<br>
I will update this thread with progress.<br>
<br>
Regards,<br>
Vladimir<br>
<br>
<br>
<br>
<div class="moz-cite-prefix">On 8/17/2012 11:30 AM, Carlos Alvarez
wrote:<br>
</div>
<blockquote
cite="mid:CAFn1dUFmTSPnwydAAVHSpifh=be9TYVwDat_+NHcvQ7-cYRASw@mail.gmail.com"
type="cite">
<div class="gmail_quote">On Fri, Aug 17, 2012 at 9:08 AM,
Vladimir Mikhelson <span dir="ltr"><<a
moz-do-not-send="true" href="mailto:vlad@mikhelson.com"
target="_blank">vlad@mikhelson.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">My primary interest is
security. Grandstream claims their intermediate and
higher-end models support TLS and SRTP. I am really tired
of trying to make Cisco phones to communicate securely
with Asterisk. Cisco has a great security model but one
has to have their provisioning server for it to function.<br>
</div>
</blockquote>
<div><br>
</div>
<div>We've never had customers ask for this, but if doing so
is fairly easy we would look at it as just another feature
we push. Do let me know how it works out for you.</div>
<div><br>
</div>
</div>
-- <br>
<div>Carlos Alvarez</div>
<div>TelEvolve</div>
<div>602-889-3003</div>
<div><br>
</div>
<br>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by <a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://www.api-digital.com">http://www.api-digital.com</a> --
New to Asterisk? Join us for a live introductory webinar every Thurs:
<a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://www.asterisk.org/hello">http://www.asterisk.org/hello</a>
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
<a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://lists.digium.com/mailman/listinfo/asterisk-users">http://lists.digium.com/mailman/listinfo/asterisk-users</a></pre>
</blockquote>
<br>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by <a class="moz-txt-link-freetext" href="http://www.api-digital.com">http://www.api-digital.com</a> --
New to Asterisk? Join us for a live introductory webinar every Thurs:
<a class="moz-txt-link-freetext" href="http://www.asterisk.org/hello">http://www.asterisk.org/hello</a>
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
<a class="moz-txt-link-freetext" href="http://lists.digium.com/mailman/listinfo/asterisk-users">http://lists.digium.com/mailman/listinfo/asterisk-users</a></pre>
</blockquote>
<br>
</body>
</html>