Pages

07/06/2021

Return of the Cisco 887VA - Testing and updated config

 Around 3 years ago I blogged about using a Cisco 887VA Router as a VDSL Modem.  As far as I recall I actually documented the configuration whilst getting ready to sell it, as I was downsizing my network.

Well, my network has since creeped back up in both size and complexity so I wanted to swap out the venerable Huawei HG612 VDSL modem for something else that could be rack mounted (cos bling). A quick google suggested the Cisco 887VA was still a good way to go, so I purchased another.



16/05/2021

Resetting the password on a Cisco Catalyst 2940 Switch - (Hint: It doesn't involve sending a break)

I recently got frustrated with the crappy "smart" switches in my network so I replaced them with second-hand Cisco hardware. Because no one got fired for buying Cisco, right? 

It turns out I don't need 1Gb/s to things like VoIP phones and my Blu Ray player, so I could get away with older models with 100Mb/s ports and a single 1Gb/s uplink, like the WS-C2940-8TT-S which are available for £25 and fan-less, with something beefier as the "core".

Whilst I was getting it configured I figured I should probably have a go at performing the password reset. For some reason I had it stuck in my head this entailed sending a break signal whilst it was booting to get into ROMMON, and then changing the configuration-register to ignore the config stored in the NVRAM when it booted. After desperately sending break signals, swapping console cables and generally swearing at the thing I got around to RTFM and realised I was doing it wrong... it seems the whole break into ROMMON thing is the procedure for another router I own, but not the Cisco 2940. Doh!

There's 1000s of guides on resetting Cisco switches. I'm mostly just writing this to commit it to memory and so I can look back on it next time I waste an hour send break signals to a switch.

28/04/2021

WTF AWS CLI? "No credentials found in credential_source referenced in profile"

I was recently debugging a bash script that was failing on an EC2 instance. The script was fairly straight forward and was using the AWS CLI to make some changes to the AWS config, however it was failing with the error "Error when retrieving credentials from Ec2InstanceMetadata: No credentials found in credential_source referenced in profile"

The error implies that the correct credentials cannot be found via the Metadata API, right? Apparently not.



21/04/2021

A Yealink T46S locked to Zoom! - How to unlock...ish

I recently purchased a Yealink T46S SIP phone from EBay as I wanted something with more line keys that supported Opus.

When it arrived it had an active account on it, which would potentially allow me to make outbound calls billed to the original owner. Unfortunately this is quite common for phones acquired on EBay and is incredibly poor practise.

The phone was quite well locked down with an admin password and the SIP signalling being sent via TLS, but a packet capture revealed the phone communicating with IPs belonging to Zoom.

Being an upstanding citizen I wanted to factory reset the phone so I could use it on my own service. The admin password prevented me from reseting the phone via the menu, but Google revealed that pressing the OK button for 5 seconds will factory reset the phone, or so I thought!



31/03/2021

Opportunistic SRTP Support in VoIP Devices

The widely used VoIP signalling protocol SIP has a bad reputation. In my opinion it's mostly unwarranted. If you don't stray too far off piste and have a decent NAT traversal behaviour things will generally work fine.

In the ideal world everything would be encrypted, but there's a plethora of end of life and unsupported devices out there, and devices which may support encryption are often configured by end users that may not enable it.

Enter Opportunistic SRTP - a method of encrypting the audio stream if it's supported by the other end, and it's not supported just fall back to plain old RTP

Photo by Markus Spiske on Unsplash

01/03/2021

Factory Reseting a Polycom VVX 450

I recently acquired a Polycom VVX 450 off Ebay for £30, which is an absolute bargain for a modern 12 Line SIP phone with OPUS / SILK support. 

There was some risk however, it had previously been used by a VoIP provider that shares its name with a character in the Greek Alphabet and some providers lockdown the configuration to make it challenging to make them work with another provider.

Getting around these locks can occasionally involve intercepting traffic and redirecting it to your own TFTP or HTTP server, however with this phone it didn't seem to be the case.


19/02/2021

Yealink T42G attended transfer fix

I recently started using a Yealink T42G - An older (but still very functional) SIP Desk Phone. Weeks passed without any issues, until I attempted an attended transfer. I'd receive a call, chat to them, hit transfer, dial the next number, hit send, and my desk phone would start ringing again displaying "ReCall" on the screen. If you answer the call, the leg to the phone you wish to transfer to will drop.

Fortunately I was eventually able to find a fix. I presume the same fix will work on the other T4X series phones, including the T40, T41 T46 and T48