vicidial.org

[velocityvoice]

Hi all

I am running Vicidial VERSION: 2.12-552a BUILD: 160429-0835.

This is a noob question for sure.. I am trying to create a new phone.. I added a user and named it 1121 and gave it a password. Then I went to admin > add a phone and created a phone for 1121, and set the login and registration password to the same password that I set when I created the user for 1121. When I try to register my softphone, my logs are showing a bad password entry. Did I miss a step somewhere? I set the password in both places to be all the same password.

[williamconley]

1) Good job posting your Vicidial Version with Build.

2) Please try to also post your Installation Method with Version (it helps to get used to doing it).

3) Confusion always ensues when you relate users to phones in any way. Try again with JUST the phone. No discussion of User at all.

4) PHONES have two completely unrelated id/auth entries: First is "extension/registration password". Second is "screen login/screen password". They are not linked in any way other than the fact that when a user logs in to Vicidial in the agent login screen, that's the phone which will be called by Vicidial's login script. They are used in different places: extension/registration password is used in the PHONE (be it physical hardware VOIP phone or Software phone). screen login/screen password is used by the agent in the web browser during login (on the first login page).

5) Security-consciousness: NEVER use "all numeric" extension. If you get hacked and someone brute force attacks your asterisk server, the script kiddy will attempt every number from 100 to 10000. If they get a hit, then they need only brute force the password for that extension. But they never go beyond that. I highly recommend using one or two alphabet characters before or after or during your extensions. Instead of 1121 try zz1121. Note that this is in NO way related to any number anyone will dial on the telephone keypad to reach this agent. That's the "dialplan number" in the phone record. So the only place this "extension" will be used is when you register the phone. Think of it as a "user name" for the phone. Do you really want to have a "user 1000"? That's as bad as "root". LOL Since no one will ever use this again aside from registering a phone, why not something a little less obvious and less likely to cause a monetary loss if you do get hacked?

[velocityvoice]

1) Good job posting your Vicidial Version with Build.

2) Please try to also post your Installation Method with Version (it helps to get used to doing it).

3) Confusion always ensues when you relate users to phones in any way. Try again with JUST the phone. No discussion of User at all.

4) PHONES have two completely unrelated id/auth entries: First is "extension/registration password". Second is "screen login/screen password". They are not linked in any way other than the fact that when a user logs in to Vicidial in the agent login screen, that's the phone which will be called by Vicidial's login script. They are used in different places: extension/registration password is used in the PHONE (be it physical hardware VOIP phone or Software phone). screen login/screen password is used by the agent in the web browser during login (on the first login page).

5) Security-consciousness: NEVER use "all numeric" extension. If you get hacked and someone brute force attacks your asterisk server, the script kiddy will attempt every number from 100 to 10000. If they get a hit, then they need only brute force the password for that extension. But they never go beyond that. I highly recommend using one or two alphabet characters before or after or during your extensions. Instead of 1121 try zz1121. Note that this is in NO way related to any number anyone will dial on the telephone keypad to reach this agent. That's the "dialplan number" in the phone record. So the only place this "extension" will be used is when you register the phone. Think of it as a "user name" for the phone. Do you really want to have a "user 1000"? That's as bad as "root". LOL Since no one will ever use this again aside from registering a phone, why not something a little less obvious and less likely to cause a monetary loss if you do get hacked?

I deleted the user account and just created a new phone... extension 1021. I set the registration password to "1234" for testing purposes.. When I try to register my xlite phone my logs produce a bad password error:
[Aug 22 01:18:31] NOTICE[1872]: chan_sip.c:28445 handle_request_register: Registration from '"1021"<sip:1021@xxx.net:48756>' failed for '71.164.156.230:52762' - Wrong password

I have tried different extension numbers with a different registration password to no avail. I really am not understanding what I'm done wrong though. I get the difference between agent login and password vs extension number and registration password. It is pretty hard to enter 1234 incorrectly when you try it 10 times.. lol -- Any additional ideas?

I wasn't aware I could use alphabetical characters in my extension numbers, great tip! Thank you!

[williamconley]

Next test: Verify that the value is properly created in sip-vicidial.conf

If it is, verify that a "reload" has occurred to load this new value (of course, "sip reload" or "reload" in the asterisk command line will make this happen, and if that fixes the problem, then you likely did not get a good reload before, which happens a lot in servers where the IP has been changed).

[velocityvoice]

Odd.. I had to reload asterisk and all is well now... Thanks for the tips William!

Any idea on why a manual reload is needed on a servers where the IP has been changed? I purchased my server from a cloud provider and I'm guessing they set the server for a specific static IP before handing it off to me. Is there a work around or should I just get used to doing a manual reload when changes I make aren't taking place?

[williamconley]

When you log in via the command line there is a splash screen which contains the script you must run if the IP has changed. Rerunning this script (multiple times) with the previous IP(s) that this server had (or may have had) will not hurt, but may catch a "missed entry" from a previous run. Changing the IP manually in any location can also cause this to be out of sync and result in a server that "appears" to work.