Security of IP telephony systems is a hot topic at the moment, it has been for quite some time and is should always be at the forefront of anyone’s mind when setting up such a system.

There are loads of methods and applications for securing PBXs and the like but something I often see overlooked is security of the actual phones themselves.

The usual threat is someone obtaining SIP credentials by looking at the phone’s web interface. In some cases, IP phone devices have the password displayed in plain-text for all to see. Slightly better implemented GUIs have the password obfuscated when you look at the page but still readable by viewing the page source code in your web browser.

If ProVu ever become aware of any products we sell with either of these issues, we push the manufacturer make changes to hide the password at all times.

Further to this though, anyone installing IP phones should really set strong web interface usernames and passwords. I see phones put on public IP addresses or sometimes with port forwards (often for support purposes) that have no passwords set! This is like leaving the front door to your house wide open while you go out to work all day. Please remember to set a username and password. If a phone comes with a default username and password then do not leave this set as you can be certain the people who want to break into your phone will know default passwords for various phones.

ProVu can set usernames and passwords for phones using our provisioning services:

ProVu fulfilment services

cheers,
Paul.

Over the last few weeks we have been taking lots of support calls from people with NAT issues with phones using Draytek routers.

The 2820 seems to be the main router affected but it could be others.

The problem manifests itself with SIP phones losing Registration to the SIP server with 408 time-out messages. In most cases it is weird in that some phones on the network will work fine and others wont.

The fix (which is confirmed by Draytek themselves to a couple of my customers) is to downgrade to firmware version “333”.

This problem occurs even if you have the SIP ALG turned off. Please ensure the ALG is off as this can cause even more problems, it is usually off by default these days.

As a side note, please make sure you are not using a Draytek router with “voip” ports, the model number will usually have a “v” in it. These are not suitable for use with stand-alone SIP phones connected to the network, they are only use if you are ONLY using the built-in VoIP ports. There is no fix other than swapping the router out as far as I’m aware.

cheers,
Paul.

We get asked this a fair bit here, I’ve compiled a quick list of the most common symptoms and causes with some possible solutions too:

Symptom: caller or callee hearing any of the following – clicks, periods of silence (voice stopping and starting), “robotic” sounding voice. This is by far the most common issue.

Cause: packet loss, can be due to lots of things, insufficient Internet bandwidth, lack of QoS on a connection shared with data, faulty network equipment (can include poor cabling), problems at the ISP.

More on bandwidth: a normal g711a VoIP call will require approximately 100kbps in both directions on the wire. The actual audio part is 64kbps but then you have to factor in RTP headers, IP headers, UDP headers etc… So it doesn’t matter if you have a 10Mbps Internet connection if this only has 256kbps, then you will only ever get two VoIP calls and even this assumes you are doing pretty much nothing else with it.

—-

Symptom: crackling during phone calls.

Cause: This is going to be a hardware issue with something like the phone’s handset or handset cable. Or headset if a headset is being used.

—-

Symptom: echo during calls, either the caller or callee hears their own voice coming back at them a fraction of a second after they spoke.

Cause: the fault usually lies with the person not hearing the echo. I.E. if a person you have phoned complains of echo then it is more than likely something on your phone causing it. The most common cause is people having handset volume turned up miles too loud, microphone gain too high or using a very poor quality handset or headset. It’s normally going to be an acoustic problem. Although it can also be caused by phones with extremely poor quality hardware and not very good echo cancellation routines (was common in the very early days of VoIP).

—-

Symptom: calls are too quiet, people who call me can’t hear me or I can’t hear them. My phone handset/headset volume is at full.

Cause: this is usually caused at the point where a call is translated from one format to another, such as inside a PBX converting an ISDN call to a SIP/RTP call. The fault needs to be fixed where at the cause rather than trying to mask the problem by turning handset volume up too loud (as this is likely lead to other problems such as echo on other calls). Most PBX systems will have settings to adjust gain levels when converting calls from one format to another. If this only occurs when using a headset, then check you are using the correct one for your phone.

—-

Symptom: when using a headset, the person I am talking to can hear a buzzing on the line. For those in the know, it is a 50Hz “mains buzz”.

Cause: this is caused by electrical interference being picked up by your headset’s cable. Causes can be faulty electrical equipment (computer, computer screen etc…) nearby. One solution is to ground your phone somehow. Either install fully shielded network cabling (which isn’t much use if you already have unshielded UTP cable installed throughout your building!). Or power your phone with a fully earth power supply, these are identifiable as they will have a 3-pin “IEC” connector from the wall socket to the power brick. Fortunately there is an easier answer which is to buy a headset which has a better quality shielded microphone.

—-