I have a Skype for Business system currently deployed in my work area. Before that, we were using all the Cisco Clients and other telephony clients.
I am seeing a strange behavior, that is I am able to make calls from my Skype for Business mobile clients to my Cisco phones, but when I do reverse I cannot get the call established.
What is see is SIP status code 488 (in wire shark trace) - which is codec mismatch.
I see that an invite message from Cisco phone offers media via 0 and 101 codecs.
But still not able to get the call through.
Check the path the INVITE is taking: outgoing the SfB will send the INVITE through the mediation server for audio trans-coding, but the Cisco may be attempting media bypass: trying to connect phones directly without going through the mediation server.
But this all depend on how the two are connected of-course and if a session border controller is involved or a hundred other little things.
You may want to refer to an official document: Skype for Business 2015 using SIP trunk to Cisco Unified Communications Manager Release 10.5.2 SU3
That is over 100 pages on only one method of interconnecting the two ;)
Related
I am using a free caller android app and they restrict me with limited credits. I would like to explore more about how this app works. So I started decompiling the APK file and intercepting networking requests using Fiddler.
I intercepted requests, but none of those are creating the actual call. So after decompiling the APK I understood they are using SIP server for calls. I couldn't intercept any SIP call with fiddler or wireshark.
They are using this SIP server : https://www.kamailio.org/
Kamailio is one of the powerful SIP Servers and they have good documentation and big mail-user list. You can check their wiki:
http://www.kamailio.org/wiki/
For understanding this case first you should learn "how voip works" subject. You already can not inrecept any SIP call with fiddler or wireshark. Generally, SIP server managers hide their topology for security reasons. Thats why you can not observe SIP traffic to the end of the tunnel.
Even Kamailio has its own module that provides hide your network topology with one click :)
https://www.kamailio.org/wiki/tutorials/tls/testing-and-debugging#decoding_of_tls_connections_with_wireshark
If they can limit your credits, then, of course, they will authenticate your every call and reject it if you don't have enough funds (or out of quota).
So, if you learn a little bit about SIP technology - perhaps, you'll be able to send a call request even without a dialer, but I doubt that the call will be authenticated.
An analogy: if you know a full path to some restricted page - you can paste it into the browser's address field and go there, but if you are not logged in, then you will still get an error like "you're not allowed to read this page".
Recently started at a new small company that has the following infrastructure:
Private XMPP Openfire server that hosts #chat..com
Google Apps for email, chat, docs, etc. with account of #.com
The company uses the private/internal chat server heavily for communication. However that requires me to install and run a client on my machine like Adium/Psi and then chat history is stored locally etc.
Since getting the entire company to move away from their beloved internal chat server and use gtalk that comes built-in with google apps is not an option, the hope was to register the #chat..com account with gtalk and then handle all communication through gtalk similar to what folks have done with AIM, Facebook, and other transports. Benefit would be the following:
All chat history stored server side on gtalk side and serchable
Other people in the company do not need to change behavior
Android phone that is already sync'd with Google services will not be able to leverage the chats without the need to install another XMPP client.
No need to have a thick client installed on the desktop/laptop
I have researched the XMPP transports and tried to the registering but they do not seem to cover my situation. I have investigated two routes thus far with no luck:
Transport plugin for Openfire
Use public transport at http://jabberd.eu
Guidance and/or experience from someone who has accomplished this would be appreciated.
I've used Spectrum (v1 and v2) to connect Openfire to Gmail and Facebook. It shows up in the users' clients as a discoverable service. It requires that a remote roster plugin be added to Openfire and that Spectrum be run on the same box as Openfire.
In short, it acts similar to a web proxy. Your users don't have to change their account on your system but to Gtalk users, your users appear to be other Gtalk users. Any of your users who access Gtalk will be using their own Gtalk authentication so you don't need to maintain any extra authentication schemes.
Take a look at it at http://spectrum.im. The remote roster plugin for Openfire is attached to the bottom of the first message in http://community.igniterealtime.org/thread/46580 (it's filename is "gojara.jar").
I don't know enough about SIP. As far as I know SIP can not be used in LAN. But it's features are very good. I want to use it for a LAN messenger (with video conference facilities).
Is there any way of using SIP in LAN network ?
The SIP protocol can be used over any reliable transport (TCP, XMPP, instant messaging channel, etc...) to a service (e.g. a server such as a SIP proxy) that knows how to route the SIP INVITE message from the caller to the callee. e.g. If you send an INVITE to bob#foobar.com, there's needs to be a service that knows how to find "bob" and deliver the message. Likewise, when Bob sends back his response messages back, the messages need to route back to the caller who sent the original INVITE.
And you can do SIP without a server - provided the computer already have a connection (direct or indirect) to the other computer intended for the call.
But SIP isn't anything special. If you were to invent your own video conferencing protocol, it would probably look a lot like SIP. SIP's primary job is for both sides of a call to exchange IP/port candidates for connecting directly in addition to codec and bandwidth negotiation data.
After the SIP messages are exchanged, ICE/STUN/TURN take over and RTP packets typically flow. SIP isn't used in the call except to end the call.
What are you really trying to do anyway?
Thread is Old but still I would like to contribute to this. There are various SIP server like http://www.officesip.com/index.html which works in LAN and can be connected to hardware phone too and soft client also.
Jitsi is open source cross platform SIP/xmpp client:https://jitsi.org/
And if you want to XMPP server Openfire is the best:http://www.igniterealtime.org/projects/openfire/
I hope this will definitely help someone..!
XMPP allows users to connect to the server from multiple clients simultaneously, using the same account. I built an application that does this but if the desktop client is enabled, I do not want the users to be able to connect using a mobile client. This is for a game and being connected to both causes problems.
So what I'm wondering is:
Is it possible to detect if there are other clients connected using the same account. If I can check for other clients, I can auto logout the user.
#Flow was on the right track. If all of your client instances use the same resource, in most servers, the later-connecting client will replace the older session. The older session will get a conflict stream error, and be disconnected. You MUST be careful not to auto-reconnect with the older client, or you will have written the "dueling resources" bug.
If you had control over your server, you have a chance at configuring it to allow a maximum of one resource for a given user, in which case the newer connection will fail with a conflict error, but you'll have worse user interface problems if you head down that path; there will be no way to get the second client logged in, even if you wanted to.
Finally, all resources for a given user are subscribed to that user's presence. As long as your client sends presence in:
<presence/>
you will receive presence from each of your other devices:
<presence to='user#example.com/resource1' from='user#example.com/resource2'/>
<presence to='user#example.com/resource1' from='user#example.com/resource3'/>
<presence to='user#example.com/resource1' from='user#example.com/resource4'/>
You could use this to decide which client is current, perhaps by adding an extension to the presence like XEP-0115.
Give the desktop and mobile client a fixed but different resource string. If the mobile client logs in, it can detect the presence of the desktop client by looking up the presence/availability of the resource of the desktop client and vice versa.
Then you only need to implement an custom XMPP ad-hoc command (XEP-0050) that tells the conflicting resource to log out.
It would be the servers responsibility: to reject a login from a client that is not accepted. I don't know if servers are able to blacklist xmpp clients but, in case you use openfire, you should be able to write an extension.
What are some iPhone or Android applications that use SMS as their primary means of user authentication?
I'm interested to see such apps in action. SMS-auth seems like a natural approach that is well-situated to mobile contexts.
The basic workflow is: to sign up, a user provides a phone number; the app calls a backend webservice which generates a signed URL and sends it to the phone number via an SMS gateway; the user receives the SMS, clicks the link, and is thus verified and logged in. This results in a very strong user identity that is difficult to spoof yet fairly easy. It can be paired with a username or additional account attributes as needed for the product requirements.
Despite the advantages, this does not seem to be in much use - hence my question. My initial assumption is that this is because products and users are wary of asking for / providing phone numbers, which users consider sensitive information. That said, I hope this becomes an increasingly more commonplace approach.
This is mostly used for employee authentication ... there is a strong value in replacing the older physical tokens with a new SMS based two-factor authentication to ensure that the users accessing your corporate systems have not had their credentials stolen. We're a technology leader in this space and is the partner that worked with Citrix Systems to develop SMS Authentication for their iPhone Receiver. The benefit is that you gain strong two-factor authentication in an easy to use fashion specifically for the iPhone that do not support multiple applications at the same time. For other systems such as the VPN client from Cisco and most other Windows and Android phones, you can run multiple apps and therefore establish a secure connection using standard vpn and ssl vpn technologies.
The Citrix Receiver for iPhone was one of the most downloaded business apps on the store, I've been told.
If you want to learn more about it check out both the Cisco VPN and the Citrix Receiver implementations for SMS Authentication at http://blog.smspasscode.com/
I hope this information is helpful to you.
Rgds
Lars
SMS PASSCODE
WhatsApp does. The app sends a SMS to the phone number you entered, and if you receive the message, they create your account and you can use the app.
It's not very common to have SMS gateway available! Also using it (sending SMS messages) costs quite a lot compared to sending emails.
Much easier to just generate and send verification email.
Loopt for iPhone is a good example. As part of initial sign up you provide your phone number and are sent a confirmation SMS to complete the process. It's simple and painless.