atcomsystems.ca/forum
Posted By: dhostetter IP softphone password - 11/11/08 02:06 PM
I was told by Inter-Tel support that the password field in the 8602 softphone advanced options and setup wizard has no functionality. Is that true?

We want to deploy a few softphones to another company's call center agents for use with our PBX. A password in addition to the Device ID would make me feel better about the access credentials required for the connection.

In general does anyone have any suggestions for security and limiting the functionality of these off-site extensions? I have thought of assigning a different operator, restricting dialing patterns, asking all our employees to use sensible voice mail passwords. What else?

Thanks for any help and advice received!
Posted By: SoCalJake Re: IP softphone password - 11/11/08 08:22 PM
I say the password does matter under certain circumstances. Call it "unique coding" but the 8602 does have a strange password behavior.

If under SYSTEM-->DEVICES AND FEATURE CODES-->STATIONS-->XXXX-->IP SETTINGS-->NETWORK CONFIGURATION the password field is blank, then the 8602 will connect regardless if a password is supplied in the 8602.

However, if a password is defined in the path above, the 8602 will not connect unless its password matches. If there is a mismatch an error will be shown like this:
Code
Trying to find remote IPRC/IPRA via TCP messages.
Connection established.  Waiting for authentication...
Connection refused because the password was incorrect  
As for locking it down, toll restrict it as appropriate, and maybe even deny CO access if they're only receiving calls. If they need to make calls then force account codes to make them accountable. Even if you never follow up on the calls reports, there is a sense of ownership to an agent if they have to enter a unique code to make a call.

If you're putting this in a corporate environment, they will all most likely be connecting from a common IP. In your firewall you could lock down that IP as a source address. You could also apply firewall schedules (if supported) to only allow connections from that IP between certain hours. This should help out in case they load these on laptops which might be taken off prem. How far do you want to go? Assuming they will maliciously abuse these is something you should prepare for.
Posted By: dhostetter Re: IP softphone password - 11/25/08 10:59 AM
Thank you, that's what we needed as far as the password. Strange that Inter-Tel support didn't give me this answer.

Our local field tech helped us create COS for restricted dialing. We can't forbid 911 however, you can get an external dial tone and dial it regardless of the COS. We also can't restrict access to internal extensions and voice mail even though we made it a house phone that forces an outside line. The softphone still lets you dial internally when you click 'Talk'.

These stations are located outside the US so we don't want them dialing 911. Strange that there is a warning when you install the softphone not to use it to call 911 but no way to prevent it.
© Sundance Phone System Forums - VOIP & Cloud Phone Help