Thursday, May 6, 2010

012 Smile - Voice box after router

How to connect 012 voice box after your router and control it.

This is my device

Make: AudioCodes
Model: MP-202 (012 uses MP-202/012/CBL)
I got with M.Date 12/2008

user@wazup:~$ sudo nmap -sS -O 10.100.101.1

Starting Nmap 5.00 ( http://nmap.org ) at 2010-05-06 01:24 IDT
Interesting ports on 10.100.101.1:
Not shown: 995 closed ports
PORT     STATE    SERVICE
23/tcp   filtered telnet
443/tcp  open     https
992/tcp  open     telnets
8080/tcp open     http-proxy
8443/tcp open     https-alt
MAC Address: 00:90:8F:09:93:DC (Audio Codes)
Device type: general purpose
Running: Linux 2.4.X
OS details: Linux 2.4.18 - 2.4.35 (likely embedded)

Also another suspicious ports
2555 open uknown
8023 open unknown
2945/sctp filtered h248-binary
7626/sctp filtered simco

UDP scan took 20 minutes.
user@wazup:~$ sudo nmap -sU 10.100.101.1

Starting Nmap 5.00 ( http://nmap.org ) at 2010-05-06 01:26 IDT
Interesting ports on 10.100.101.1:
Not shown: 983 closed ports
PORT STATE SERVICE
53/udp open|filtered domain
67/udp open|filtered dhcps
68/udp open|filtered dhcpc
161/udp open|filtered snmp
789/udp open|filtered unknown
965/udp open|filtered unknown
1007/udp open|filtered unknown
1105/udp open|filtered unknown
1900/udp open|filtered upnp
16503/udp open|filtered unknown
20678/udp open|filtered unknown
21524/udp open|filtered unknown
21644/udp open|filtered unknown
21780/udp open|filtered unknown
21898/udp open|filtered unknown
49173/udp open|filtered unknown
55043/udp open|filtered unknown
MAC Address: 00:90:8F:09:93:DC (Audio Codes)

So, to place this box after your router and control it, you need to connect your PC via cable in LAN/PC port, wait for IP address from it, check a Gateway IP and use it in browser with 8080 port (https://GATEWAY-IP/ also works). Username is "user", password is "wel-012!" (all without quotes). Set Connection Type to "Automatic IP Address Ethernet Connection".

No you need to set QoS rules for SIP and RTP protocols - this will help prioritize voice traffic over other, so when you need to call, your torrent will not affect you, because voice will get high priority.
Ports are 5060, 5061, 5004, 5005.

If support guys can't reach it, setup port forwarding to black box, they should be happy.

Led indication
SIP registration status LED indication - a successful registration ('online' state) is indicated by a LED flashing slowly (a very short flash every 4 seconds). This indication is per phone line.
The LEDs labeled 'Phone 1' and 'Phone 2'reflect the status of the phones connected to the MP-202:
ON - During power-up and when the phone is off-hook.
OFF - Normal / the phone is on-hook
Flashing - Phone is ringing

See also about that in Hebrew

22 comments:

  1. Do you know how can I get the SIP connection data from the box? User, password SIP server?

    ReplyDelete
  2. You wrote:
    If support guys can't reach it, setup port forwarding to black box, they should be happy.
    Which ports I should forwarded? 3389 ?

    Username is "user", password is "wel-012!" will give only guest access without additional control.
    Unfortunately user : 012Voip with password my012accountid_m doesn’t work after I called to support 

    I am in USA now in hotel. Connected the box. Have dial tone, able to dial, but no voice.
    Called to Internet support, they forwarded ports 5060, 5061, 5004 – 5012 (TCP + UDP)
    Now I able to hear, but other side doesn’t hear me.

    What I need to ask? Some additional ports should be forwarded?
    Regards Roman

    ReplyDelete
  3. @Hersh

    I usually have comments count always at zero, so I missed you, sorry ;-)

    As far as I know, they have an admin account to the box (differs from the one we all know) but they also set user-password combination individually for each customer.

    I tried once to brute-force via telnet using small dictionary but with no luck. Now I left it as is while it works fine and I have no other troubles with 012.

    ReplyDelete
  4. @Roman

    If support can not reach the 012 box, setup DMZ host to it - that mean all unknown traffic will be forwarded to it.

    VoIP works in the following way:

    First, you got Session Initiation Protocol (SIP) - 5060, 5061 ports for controlling voice sessions.
    This persistent 012 connection to static.012.net.il via port 5060.

    Second, when you calling or reciving a call - it uses Real-time Transport Protocol - usually 500x ports, for actually transfer a voice data.
    012 connects via 5004 and 5005 to static.012.net.il.

    So, make sure ports 5060, 5061, 5004 and 5005 TCP/UDP are forwarded properly to the black box.
    Also, if you set DMZ, it will cover all needed ports and you don't need to set extra forwarding.

    ReplyDelete
  5. How to setup DMZ host ? What I need to ask from local service provider?
    I have only 012 box and computer connected after it in the hotel room.
    Ports 5060, 5061, 5004-5012 are forwarded, according to my request to provider. I am able to dial, I hear other side, but they don't hear me.
    Regards Roman.

    ReplyDelete
  6. @Roman

    DMZ is need only if your have 012 box after a router. Otherwise it should work without DMZ.
    And setting up DMZ is optional, it should work without it. I haven't setup DMZ and it works fine.

    Try to build topology with sniffer device-in-the-middle between internet modem and 012 box to check established connections. That can give a clue.

    ReplyDelete
  7. Do you know how can I get the SIP connection data from the box? User, password SIP server?
    Or any body knows SIP server of 012 smile ?

    ReplyDelete
  8. @Moked
    Sorry, no idea how to get this information.

    ReplyDelete
  9. Great info,

    thanks for having shared.
    Btw, I've choosen the "Manual IP Adress Ethernet Connection" as the 'Connection Type' and it does work too (I prefer this for port forwarding).

    Once again, thanks a lot, you did a great job and it helped me a lot.

    ReplyDelete
  10. 012's sip gateway&proxy: 072ptk.012.net

    to get the sip info you need to the conf file of the box. which you can get either from the box by saving when logged as an admin user. (you will also have to decode tje pass). or you can go to
    https://tulip.012.net.il/config/mp202_.conf
    when the MACK stands fo you boxes MAC. but they started using cetificates so youll need a way to get the certificate from the box as well...
    Good luck. If you find info on the personal password or other ways to get the conf file let me know

    ReplyDelete
  11. Roee,

    I can't see any MACK there, I got "Object not found" page.

    ReplyDelete
  12. alexey that because of the cetificate I didn't manage to get around it as well I just know hte box get its conf file throguh that address...
    maybe trying to use wiresahrk or somthing while resting it...

    did you try loging on to the box with 012Voip and userID_m ?

    ReplyDelete
  13. Ok, now I get it.
    Will try to login with that credentials later today.

    ReplyDelete
  14. This comment has been removed by the author.

    ReplyDelete
  15. I found a way to get the conf file. willing to asist on request. I'm not going to publish it on a forum.
    jbox.fruman@gmail.com

    ReplyDelete
  16. http://media.netcomm.com.au/public/assets/file/0007/71584/NB9WMaxxn_QoS_Setup_for_VoIP.pdf

    This QoS guide for my router asus am604g

    ReplyDelete
  17. היי אלכסיי, האם אתה יודע אם זה עוד רלוונטי כיום? יש לי את המתאם הזה ואני רוצה לשים אותו מאחורי הראוטר.

    ReplyDelete
    Replies
    1. Hi. This old device works for me until today.

      Delete
  18. תודה אלכסיי, חיברתי והגדרתי. טלפון עובד טוב. אבל פקסים לא מצליחים להישלח ולהתקבל. יש לך ניסיון עם זה במקרה? דבר נוסף, לגבי QOS. כמה צריך לשמור לקופסא? יש לי שני קווים. טלפון ופקס. תודה

    ReplyDelete
    Replies
    1. If one line is working that second should work too. It's probably the fax issue, not the line. Did you swaped lines for phone and fax to see if it works?

      Delete
  19. what is the user name and password of mp252bw black box ( 012 smile ) .

    ReplyDelete