1. Home
  2. Cisco Systems
  3. VOIP Static Device

VOIP Static Device

I have a Cisco 831 router on my home network. I have a number of devices inside my network, all programmed with private, static IP addresses.

I also have a Linksys PAP2-NA v1 VOIP adapter which I am running two telephone lines with. Something very weird is going on.

I keep setting a static IP address, subnet mask, gateway, domain, and two DNS server addresses in the VOIP device. I set the DHCP option to 'No'. It also resets the password I put into the unit in the user section.

Once I've programmed the static IP address into the unit, within a few hours the DHCP option miraculously changes to 'On' again and it takes one of my dynamic IP addresses from the Cisco 831 router. I've spoken with the VOIP provider about this. According to their engineers, they send an instruction for the unit to change from static to dynamic as part of an instruction set they send the unit.

Linksys spoke of something called a 'Profile rule' that might be causing this. They suggested that I set the static IP address in the unit and turn off the DHCP again then disconnect the Ethernet cable and leave it sitting all day while I was gone. I did so and left early in the morning.

When I returned that evening, I reconnected the Ethernet cable. It was still at the static IP address I had assigned, the DHCP option was still off, and the password was still the one I had programmed.

Within ten minutes of being back on my network, it happened again. The unit got one of my dynamic IP addresses, turned the DHCP option to 'On', and reset the password I had given it to the default one my VOIP provider had put into it.

It really irritates the hell out of me that they would change my IP settings on my unit.

I am wondering if there is some way to tell my Cisco 831 that when the MAC address associated with the VOIP device requests a dynamic IP address to have the DHCP client ignore the request. Is there a way to do that? Can anyone tell me how?

I don't know that this idea will solve the problem, but I'd like to give it a try. I've sent an email of complaint to their company CEO. We'll see if it makes any difference.

Regards,

Fred

Reply to
Fred Atkinson
Loading thread data ...

Hello fred, i dont work too much with that kind of cisco, but maybe you can try to find to restrict that port, maybe an ACL and pass only UDP and TCP port, restrict telnet and so on.

let me know if i can help, i gonna try to find something else...

stay in contact.

Reply to
Fer Mtz

Better yet, you can reserve an address for that device. Here is an example of what you would do...

ip dhcp pool LINKSYS host 192.168.0.250 255.255.255.0 client-identifier 01xx.xxxx.xxxx.xx client-name linksys default-router 192.168.0.1 dns-server 192.168.0.1

**** Important. Note that the mac address is longer than it should be. You need to put a 01 in front of the mac-address, which indicates ethernet. So, you will have a format of 4N.4N.4N.2N

Hope that helps,

Jim

Reply to
Scooby

I tried to add those values to my current DHCP pool. It kept giving me an error message of 'This command may not be used with network, origin or vrf pools.'.

Are you suggesting I create a second DHCP pool on the same interface?

That will stop the changing IP problem. But it won't stop them from reseting the password to the IP configuration tab.

Regards,

Fred Atkinson

Reply to
Fred Atkinson

I have a pap2 with 2 providers as well, and I need to turn provisioning off in order to avoid this. The profile rule you mentioned is nothing but a URL that the pap2 uses to periodically pull provisioning data from your provider - I don't think there is a way that your provider can "send" and change settings to your pap2. This only happens if the "provisioning enable" flag in the provisioning section is set to yes. You can get to the provisioning section only if you have admin privileges to your pap2. I got my user name and password from tech support from my provider - ViaTalk, your mileage with your provider may vary. The best option of course is to ask your provider to change the settings on their end, so you don't have to worry about not getting any updates. The second best option (and this is what I use to have a second provider programmed in on my second line) is to change your settings and then set "provisioning enable" to "no". In that case, though, if the provider changes any of their settings on their side, such as the proxy, it is your responsibility to keep your pap2 up to date. You will have to set provisioning to yes, get the updates, make your changes again, and set provisioning to no.

Hope this helps,

Thomas

formatting link

Reply to
t

Thomas,

I'd go the latter route if I could get my provider to give me the password to the advanced section. But I don't think they are going to do that.

I've made the request that they stop doing that. Since they aren't doing it with any other unit, I don't see why they would do that with the PAP2-NA. They should honor my request. But so far, I've gotten no response.

I've found a tool for monitoring my devices and I've installed it on my PC. If the software works out, I'll be able to monitor everything *but* my VOIP device, and that is the main reason for monitoring my devices (to make sure my only telephones in the house are working).

Argh.

Fred

Reply to
Fred Atkinson

Fred,

If you can control your router, most likely it has some sort of "parental control" built in, such that certain URLs (outgoing) are going to be blocked. You'd need to figure out - or guess - what URL the pap2 is using to obtain the provisioning data from your provider. If you disable this URL or domain then the pap2 has no way of updating itself until you explicitely allow it. Alternatively you might want to look the provider I use, ViaTalk, who are extremely customer friendly and allow you to do just about anything. I have a little review on the URL below.

Thanks,

Thomas

formatting link

Reply to
t

I looked at there Web site. Unfortunately, I live in a very rural corner of NC and it appears that they do not provide incoming service for that area. I've got to keep my local number.

Too bad.

Regards,

Fred

Reply to
Fred Atkinson

Thomas,

I think I figured out a way to do it.

I ping 'lsys.nuvio.com' and got the IP address 63.251.33.163.

So I created an access control list and blocked that IP address incoming to the router from my home network.

I can no longer ping it from my PC (or any other device on my network, for that matter except for my router which is beyond that interface).

So, I'm going to make the settings and see if that stops it.

Regards,

Fred

Reply to
Fred Atkinson

Just because your rate center is not listed does not mean they can't port your number. I had the same situation that Belle Mead NJ was listed, but Hillsborough was not. I checked with customer support if they could port my number and they could, so I still have my old telephone number. You may want to send them a ticket and ask.

Thanks,

Thomas

Reply to
t

Hey Fred,

Sorry, just getting back to this. There may be a way to establish a single pool, but I've personally had to create a separate pool for each specific IP that I want to reserve.

And, you are correct, that would not prevent them from changing the password. Frankly, I find that a little (or, more than a little) annoying. I'd raise a fuss. But, if you are familiar with packet sniffers, capture all packets for a while until this occurs. You may be able to stop the offending packets at the router if they differ from the normal traffic needed to operate.

Jim

Reply to
Scooby

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.