info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Re: Tearing hair out with Snom phones on VOIP - transferring calls
40 views
Skip to first unread message
Bob L
Jan 9, 2020, 5:31:44 AM1/9/20
to
On Wed, 08 Jan 2020 17:23:17 +0000, Peter
<occassional...@nospam.co.uk> wrote:
>We have moved to the 20th century at work.
>
>We have VOIP! No more huge BT rental bills.
>
>There is a slight problem: we cannot work out how to transfer bloody
>calls!!!
>
>The phone has a web interface (of course, even your washing machine
>has that these days) and that has, wait for it, an online manual. It
>also has config for various buttons.
>
>The problem is that the button symbols showing there are mostly
>different from the button symbols on the actual phone (Snom D375).
>Somehow, some twat (presumably Snom) managed to load software into the
>phone which is for a different model.
>
>We can transfer an incoming call A from extension B to an extension C
>(there are no "extensions" in VOIP; each phone has its own £1/month
>geographical number... another story and another learning experience)
>and B and C can talk to each other (typically: "do you want to speak
>to X"), but there is no way to conclude the transfer so that A talks
>to C. The manuals talk about a Transfer button but there isn't one.
>
>The system is from A&A who also configured the phones. It took us all
>day to get them to register; it turned out to be the gateway IP. We
>also discovered each phone needs its own IP - luckily we have a subnet
>of 6 with 5 spare IPs; ok for the four phones.
>
>I wonder if there is some config at the ISP's VOIP control panel for
>this? I doubt it, because with this VOIP setup there is no
>transferring as such, in the old PBX type language. When you transfer
>a call, you put the caller on hold (as with a normal PBX) and you dial
>the geographical number of the "extension".
I have a couple of older Snom phones and the transfer button on both
is 1 up from the bottom button ((ABOVE DND) in the vertical line of
buttons that is underneath the "TICK" button. )
The layout of my phones is identical to the D375
From the manual
Transferring calls
You can transfer connected calls as well as calls ringing on your
phone.
• When you have a call on the line, there are two ways to transfer it
to a third party:
? Announcing the call to the third party frst, to make sure the call
is welcome and will be
accepted:
Attended transfer;
? Transferring the call unannounced: Blind transfer. There will be no
feedback on whether the
third party is available and/or picking up the call.
• When a call is ringing on your phone, you can transfer it to a third
party without answering it frst
(blind transfer only).
Attended transfer
1. Put the call on hold.
2. Dial the number you wish to transfer the call to and announce the
call.
3. If the third party wishes to accept the call, press (transfer
button) and then press the TICK button .
Blind transfer
1. With a call ringing or on the line, press (transfer button).
2. Dial the number of third party you intend to transfer the call to.
3. Press tick button .
<occassional...@nospam.co.uk> wrote:
>We have moved to the 20th century at work.
>
>We have VOIP! No more huge BT rental bills.
>
>There is a slight problem: we cannot work out how to transfer bloody
>calls!!!
>
>The phone has a web interface (of course, even your washing machine
>has that these days) and that has, wait for it, an online manual. It
>also has config for various buttons.
>
>The problem is that the button symbols showing there are mostly
>different from the button symbols on the actual phone (Snom D375).
>Somehow, some twat (presumably Snom) managed to load software into the
>phone which is for a different model.
>
>We can transfer an incoming call A from extension B to an extension C
>(there are no "extensions" in VOIP; each phone has its own £1/month
>geographical number... another story and another learning experience)
>and B and C can talk to each other (typically: "do you want to speak
>to X"), but there is no way to conclude the transfer so that A talks
>to C. The manuals talk about a Transfer button but there isn't one.
>
>The system is from A&A who also configured the phones. It took us all
>day to get them to register; it turned out to be the gateway IP. We
>also discovered each phone needs its own IP - luckily we have a subnet
>of 6 with 5 spare IPs; ok for the four phones.
>
>I wonder if there is some config at the ISP's VOIP control panel for
>this? I doubt it, because with this VOIP setup there is no
>transferring as such, in the old PBX type language. When you transfer
>a call, you put the caller on hold (as with a normal PBX) and you dial
>the geographical number of the "extension".
I have a couple of older Snom phones and the transfer button on both
is 1 up from the bottom button ((ABOVE DND) in the vertical line of
buttons that is underneath the "TICK" button. )
The layout of my phones is identical to the D375
From the manual
Transferring calls
You can transfer connected calls as well as calls ringing on your
phone.
• When you have a call on the line, there are two ways to transfer it
to a third party:
? Announcing the call to the third party frst, to make sure the call
is welcome and will be
accepted:
Attended transfer;
? Transferring the call unannounced: Blind transfer. There will be no
feedback on whether the
third party is available and/or picking up the call.
• When a call is ringing on your phone, you can transfer it to a third
party without answering it frst
(blind transfer only).
Attended transfer
1. Put the call on hold.
2. Dial the number you wish to transfer the call to and announce the
call.
3. If the third party wishes to accept the call, press (transfer
button) and then press the TICK button .
Blind transfer
1. With a call ringing or on the line, press (transfer button).
2. Dial the number of third party you intend to transfer the call to.
3. Press tick button .
Bob Eager
Jan 11, 2020, 4:55:52 PM1/11/20
to
On Sat, 11 Jan 2020 20:52:32 +0000, Peter wrote:
> Yes I can see in a bigger company it would be a total nightmare. No
> internet means all your phones go dead. Also for say 20 extensions you
> need 20 fixed IPs. And you have to carefully firewall that stuff so only
> the ISP's IPs are allowed in, otherwise you are relying on each phone's
> login+pwd to stop anybody hacking your phone system.
The fireewall thing is trivial. You firewall the phones to block all IPs
(which should be the default anyway) apart from that for the ITSP's
server.
> A friend installed something called Asterisk and promptly got ripped off
> a few k when somebody found a supposedly well known exploit in it.
> Does that ring a bell?
Asterisk is *the* VoIP PBX software. It is pretty secure, but if set up
by an amateur it can of course let people in. Same applies to anything. I
have been running Asterisk for 7 or 8 years, but I didn't go live until I
had carefully secured it. I have 10 phones on it. You can of course make
internal calls without Internet, and with no possible charges.
> Re the auto message outside office hours, in my other thread, A&A do
> have this but it has only one time period, not two.
Easy to do with Asterisk. As is lots of other useful stuff such as
blacklisting. My favourite is a list of numbers which only ever get to
voicemail, without the phones actually ringing. Great for annoying
relatives, and no confrontation re blacklisting! Not to mention speaking
clock, voicemail, alarm calls, etc.
> I looked up freepbx https://www.freepbx.org/store/freepbx-appliances/
> and what would that give us? We just want a simple phone system, 4
> phones total.
Based on Asterisk.
Put it on a Raspberry Pi.
> Yes I can see in a bigger company it would be a total nightmare. No
> internet means all your phones go dead. Also for say 20 extensions you
> need 20 fixed IPs. And you have to carefully firewall that stuff so only
> the ISP's IPs are allowed in, otherwise you are relying on each phone's
> login+pwd to stop anybody hacking your phone system.
The fireewall thing is trivial. You firewall the phones to block all IPs
(which should be the default anyway) apart from that for the ITSP's
server.
> A friend installed something called Asterisk and promptly got ripped off
> a few k when somebody found a supposedly well known exploit in it.
> Does that ring a bell?
Asterisk is *the* VoIP PBX software. It is pretty secure, but if set up
by an amateur it can of course let people in. Same applies to anything. I
have been running Asterisk for 7 or 8 years, but I didn't go live until I
had carefully secured it. I have 10 phones on it. You can of course make
internal calls without Internet, and with no possible charges.
> Re the auto message outside office hours, in my other thread, A&A do
> have this but it has only one time period, not two.
Easy to do with Asterisk. As is lots of other useful stuff such as
blacklisting. My favourite is a list of numbers which only ever get to
voicemail, without the phones actually ringing. Great for annoying
relatives, and no confrontation re blacklisting! Not to mention speaking
clock, voicemail, alarm calls, etc.
> I looked up freepbx https://www.freepbx.org/store/freepbx-appliances/
> and what would that give us? We just want a simple phone system, 4
> phones total.
Based on Asterisk.
Put it on a Raspberry Pi.
Bob Eager
Jan 11, 2020, 7:23:43 PM1/11/20
to
On Sat, 11 Jan 2020 22:24:32 +0000, Peter wrote:
> Is there a firewall in a Snom phone??
A firewall should ideally be separate from that which it is protecting.
> The reality is that a small business is not likely to have a
> sophisticated router with a powerful firewall.
Then it should, I'm afraid.
> We have a "high end" Draytek (2955) and it is quite hard to work out the
> firewall settings for A&A but which let through other stuff.
Drayteks are not the easiest! I have a 2860, but I have a separate
firewall machine as that is most flexible. Requires more knowledge to set
that up, I agree.
> So I am sure most users have their phones wide open to the internet -
> just the login is keeping them secure. The Snom phones fairly obviously
> run Linux, fwiw...
I use a randomised set of characters for the login, and another for the
password. Long ones. Probably overkill as my phones go to the PBX and
have non-routable addresses which are also firewalled off! The PBX is
only allowed to talk to the ITSP's VoIP server (AAISP as it happens).
>>> A friend installed something called Asterisk and promptly got ripped
>>> off a few k when somebody found a supposedly well known exploit in it.
>>> Does that ring a bell?
>>
>>Asterisk is *the* VoIP PBX software. It is pretty secure, but if set up
>>by an amateur it can of course let people in. Same applies to anything.
>>I have been running Asterisk for 7 or 8 years, but I didn't go live
>>until I had carefully secured it.
>
> Again, you know this stuff. This guy has been running a specialist
> hosting company for many years, and still got caught.
Depends whether it was specialist VoIP, I guess. If it was, he has no
excuse!
> That's more work... probably a few days.
>
> I think we must be getting charged for internal calls. Each phone has a
> geo number and that is the number you dial when calling another phone.
> Better check that...
No charge for calls to 'other AAISP customers' - presumably including
you! Unless you divert externally of course.
> Is there a firewall in a Snom phone??
A firewall should ideally be separate from that which it is protecting.
> The reality is that a small business is not likely to have a
> sophisticated router with a powerful firewall.
Then it should, I'm afraid.
> We have a "high end" Draytek (2955) and it is quite hard to work out the
> firewall settings for A&A but which let through other stuff.
Drayteks are not the easiest! I have a 2860, but I have a separate
firewall machine as that is most flexible. Requires more knowledge to set
that up, I agree.
> So I am sure most users have their phones wide open to the internet -
> just the login is keeping them secure. The Snom phones fairly obviously
> run Linux, fwiw...
I use a randomised set of characters for the login, and another for the
password. Long ones. Probably overkill as my phones go to the PBX and
have non-routable addresses which are also firewalled off! The PBX is
only allowed to talk to the ITSP's VoIP server (AAISP as it happens).
>>> A friend installed something called Asterisk and promptly got ripped
>>> off a few k when somebody found a supposedly well known exploit in it.
>>> Does that ring a bell?
>>
>>Asterisk is *the* VoIP PBX software. It is pretty secure, but if set up
>>by an amateur it can of course let people in. Same applies to anything.
>>I have been running Asterisk for 7 or 8 years, but I didn't go live
>>until I had carefully secured it.
>
> hosting company for many years, and still got caught.
Depends whether it was specialist VoIP, I guess. If it was, he has no
excuse!
> That's more work... probably a few days.
>
> I think we must be getting charged for internal calls. Each phone has a
> geo number and that is the number you dial when calling another phone.
> Better check that...
No charge for calls to 'other AAISP customers' - presumably including
you! Unless you divert externally of course.
Chris Green
Jan 13, 2020, 11:48:03 AM1/13/20
to
Peter <occassional...@nospam.co.uk> wrote:
>
> Bob Eager <news...@eager.cx> wrote
> devices appear on public IPs) the firewall is disabled. No matter what
> we do we cannot get it to filter packets going to the four phones.
>
I'm not clear what you mean by "config a Draytek for a subnet", why
would that make "internal LAN devices appear on public IPs"?
The normal way to make internal LAN devices appear on public IPs would
be to use port forwarding. If you do this then (on both my Draytek
routers, a 2820n and a 2869n) you certainly do have to open up the
firewall appropriately as well.
--
Chris Green
·
>
> Bob Eager <news...@eager.cx> wrote
>
> >> We have a "high end" Draytek (2955) and it is quite hard to work out the
> >> firewall settings for A&A but which let through other stuff.
> >
> >Drayteks are not the easiest! I have a 2860, but I have a separate
> >firewall machine as that is most flexible. Requires more knowledge to set
> >that up, I agree.
>
> It appears that if you config a Draytek for a subnet (so internal LAN
> >> We have a "high end" Draytek (2955) and it is quite hard to work out the
> >> firewall settings for A&A but which let through other stuff.
> >
> >Drayteks are not the easiest! I have a 2860, but I have a separate
> >firewall machine as that is most flexible. Requires more knowledge to set
> >that up, I agree.
>
> devices appear on public IPs) the firewall is disabled. No matter what
> we do we cannot get it to filter packets going to the four phones.
>
I'm not clear what you mean by "config a Draytek for a subnet", why
would that make "internal LAN devices appear on public IPs"?
The normal way to make internal LAN devices appear on public IPs would
be to use port forwarding. If you do this then (on both my Draytek
routers, a 2820n and a 2869n) you certainly do have to open up the
firewall appropriately as well.
--
Chris Green
·
Bob Eager
Jan 13, 2020, 3:27:46 PM1/13/20
to
On Mon, 13 Jan 2020 19:27:27 +0000, Peter wrote:
> There is no real documentation for Draytek firewalls. It appears the fw
> sits at the WAN end of the router for incoming, and at the LAN end for
> outgoing. VPNs cannot be firewalled; they bypass the whole thing, which
> is a PITA if you have some dick in china hacking you all the time. And a
> lot of the DOS defence stuff doesn't work, and is badly implemented
> anyway so e.g. phone apps which so samba file transfers fail if you have
> UDP flood defence enabled
>
> Of course there is no support these days and nobody answers any
> questions in the draytek forums anymore.
I have contacted Draytek support by email and always had an excellent
response. I don't use their firewall, but it turned out that - even when
OFF - it was blocking port 53 outbound. Played hell with secondary DNS
zone transfers. I had a fixed firmware withing five days. There was
another issue (I forget exactly what) with IPv6, and that was fixed
equally quickly.
> There is no real documentation for Draytek firewalls. It appears the fw
> sits at the WAN end of the router for incoming, and at the LAN end for
> outgoing. VPNs cannot be firewalled; they bypass the whole thing, which
> is a PITA if you have some dick in china hacking you all the time. And a
> lot of the DOS defence stuff doesn't work, and is badly implemented
> anyway so e.g. phone apps which so samba file transfers fail if you have
> UDP flood defence enabled
>
> Of course there is no support these days and nobody answers any
> questions in the draytek forums anymore.
I have contacted Draytek support by email and always had an excellent
response. I don't use their firewall, but it turned out that - even when
OFF - it was blocking port 53 outbound. Played hell with secondary DNS
zone transfers. I had a fixed firmware withing five days. There was
another issue (I forget exactly what) with IPv6, and that was fixed
equally quickly.
Bob Eager
Jan 13, 2020, 7:17:38 PM1/13/20
to
I used a web form initially, by the look of it. I got an email respponse
and then it was all email from then on. In my case someone named David.
0 new messages