Provisioning Grandstream Devices

Status
Not open for further replies.

ict2842

Member
Mar 2, 2021
139
11
18
Wichita, KS
Hello,

Are any of you aware of how things need to be configured in GDMS for phones to register to multiple servers?
Mark was using Fusion to provision phones, but I think I want to stick with GDMS, for now at least.
The docs refer to adding the IP to the domains ACL. I have tried adding the WAN IP for the network the phone is on, but I am having no luck.


Does Fusion offer a Contacts endpoint for phones to query and download/search contacts? I am not seeing anything on this.
 
Last edited:

ad5ou

Active Member
Jun 12, 2018
884
195
43
In reverse order, yes Fustionpbx can provision a contacts (phone book download) based on the contacts in Fusionpbx and extension in the domain.
https://docs.fusionpbx.com/en/latest/applications/provision.html#phone-book additional details are also in the member docs.

Last I checked, Grandstream phones do not handle dual registration the way Yealink and Poly(com) phones can where they stay registered to both servers. Grandstream will only use the secondary server or outbound proxy if the primary is unreachable.
I'm not sure the exact options in GDMS since we still use Fusionpbx for most provisioning. We do utilize GDMS for "out of box" provisioning, monitoring, and forced resets by setting just the redirect information in GDMS.

Edit your phone template (we use group templates for each customer/set type) Switch to TXT editor and set as follows:
######System Settings - Security Settings######
2=<custom admin password>
######Account - SIP Settings######
32=2
130=2
212=2
237=customerdomain.mypbx.net/app/provision
1360=<http auth username in fusion default setting>
1361=<http auth password in fusion default setting>

if you don't wan to use fusionpbx provisioning, the text editor will allow you to set any of the P codes available for the endpoint even if they don't show up in the GDMS GUI.
 

ict2842

Member
Mar 2, 2021
139
11
18
Wichita, KS
I am still comprehending everything you sent. Are your phones connected to both FusionPBX and GDMS at the same time?


-----

I was able to get the phone registered to two servers using the configuration in the image (done directly in the phone's GUI).
When I replicate the configuration in GDMS, it fails. Looking at sngrep, the web GUI sends
From: 465@tenant.domain
To: sip.server (I think)

The GDMS config sends
From: 465@tenant.domain@sip.server
To: 465@tenant.domain@sip.server

I am talking with Grandstream to see if they know what's going on with it.
 

ad5ou

Active Member
Jun 12, 2018
884
195
43
Yes we have both. Fusionpbx handles the actual phone configuration so tenant admins can manipulate button changes etc.
GDMS mainly just handles the redirect to the actual provisioning server much like GAPS. Since each phone is in GDMS, we also have the options for alerts and diagnostics, etc

It sounds like Grandstream is making progress with the dual registration that several of us have requested for a few years now. I stopped waiting and have not kept up with the progress. We have only experienced two unexpected outages in the past 4 years and the DNS failover had the phones registered to the secondary server quickly so have not concerned myself with the additional headache of dual registration since.
 

ict2842

Member
Mar 2, 2021
139
11
18
Wichita, KS
we also have the options for alerts and diagnostics, etc
This is why I wanted to use GDMS, but a dual system isn't anything I am against.
I assume this would make the contacts seamless since Fusion would handle it. I will toy with it when I am home in half an hour.

GDMS mainly just handles the redirect
To make sure I understand this: GDMS provisions a template, containing the lines you sent in your first response which actually provisions the phone lines & keys? Sounds easy and simple enough.

I had to search GAPS on the forums....It seems you have been using Grandstream for some time. Is there anything I should be aware of? I'm liking everything about them so far, including the pricing. My target is going to be smaller businesses and I think we all know they hate spending money on anything tech related...at least the ones I have interacted with do. My one dislike so far is that the GRP2616 I got lags a bit (it takes a second or two for button presses to occur).
 

ad5ou

Active Member
Jun 12, 2018
884
195
43
You understand correctly. Grandstream phones (and most other brands) will attempt to provision based on info in DHCP options, if there is no options set for config server, then it checks the manufacturer automated provisioning (or redirect) url hard coded in the firmware. GAPS is the default config url but requires assignment from your distributor etc.

GRP series and newer firmware versions for most other models also include the default TR-069 url for GDMS to work. If none of the above provision the phone, or specifically the TR-069 support isn’t disabled from above steps, then the phone reaches out to GDMS. If GDMS has settings to send the phone, it sends it.

With the basic settings I posted, GDMS is telling the phone the correct provisioning url and other required info to reach the url.

Main thing to remember about Grandstream is you get what you pay for. They can be frustrating with odd quirks, usually related to a firmware bug. If you have a phone working trouble free, don’t change firmware unless there is a solid reason to upgrade.

the GRP phones should be pretty responsive. If not, then try a new firmware version. And don’t be afraid to factory reset it if GDMS is setup properly. We have had a few “problem child” phones that needed a factory reset after a few months of ‘mostly’ working.
 

ict2842

Member
Mar 2, 2021
139
11
18
Wichita, KS
I was able to get the phone to successfully contact Fusion after a few hiccups and searching around. Thank you!

Do you happen to have the list of all these numbers and the configuration field they coordinate with?
######System Settings - Security Settings######
2=<custom admin password>
######Account - SIP Settings######
32=2
130=2
212=2
237=customerdomain.mypbx.net/app/provision
1360=<http auth username in fusion default setting>
1361=<http auth password in fusion default setting>
 

ad5ou

Active Member
Jun 12, 2018
884
195
43
The numbers are Grandstream "P" codes in the provisioning templates. http://www.grandstream.com/sites/default/files/Resources/config-template.zip for the official "raw" templates. The Fusionpbx templates are here or can be found on your system at .../fusionpbx/resources/templates/provision/grandstream/

2=admin password (isn't needed for redirect, but adds a touch of security. ultimately should be set in Fusionpbx default/domain setting)
32= account 1 register expiration (probably shouldn't be included in the redirect but I copied from a template a coworker put in gdms)
130= account 1 sip transport. (also not needed for redirect specifically)

Important part for GDMS to send phone to fusionpbx provisioning server.
212=config via Config Via. 0 - TFTP, 1 - HTTP, 2 - HTTPS, 3 - FTP, 4 - FTPS.
237= Config Server Path
1360=Config HTTP/HTTPS User Name
1361=Config HTTP/HTTPS Password
 
  • Like
Reactions: ict2842

in2digital

New Member
Mar 13, 2021
10
0
1
31
I've had this working for about 12 months but all my devices across multiple sites aren't able to be controlled by GDMS actions e.g. phone rebooting, factory defaulting, diagnostic tests. All the tasks just timeout.

If the WAN drops at said sites I do get account unregistered/register/reboot emails from GDMS, so they are seeing devices online/offline.

In the Fusionpbx mac.xml template I can see these set which all looks normal:
TR-069 ACS URL: <P4503>https://acs.gdms.cloud</P4503>
Periodic Inform Enable: <P4506>0</P4506>
Periodic Inform Interval: <P4507>86400</P4507>
Connection Request Username: <P4511>{$mac|replace:'-':''}</P4511>
Connection Request Port: <P4518>7547</P4518>

Just wondering how others have found GDMS and if having same issues with actions not working?
 
  • Sad
Reactions: ict2842

ad5ou

Active Member
Jun 12, 2018
884
195
43
We've only had problems with a couple of sites that were behind double NAT and one overly aggressive firewall.
 
  • Like
Reactions: ict2842

in2digital

New Member
Mar 13, 2021
10
0
1
31
I've had a chat with Grandstream GDMS support.

They found an authorisation error from the device packet/syslog capture. To resolve this they mentioned that P4512 (TR-069 Connection Request Password) should be supplied and be the device MAC, so I added to the config template: <P4512>{$mac|replace:'-':''}</P4512> (same as P4511).

However, this did not work. After spending some time I found that GDMS will only work if P4511 and P4512 have the MAC in uppercase.

This is how I converted P4511 and P4512 to uppercase:

<P4511>{$mac|replace:'-':''|upper}</P4511>
<P4512>{$mac|replace:'-':''|upper}</P4512>
 
Last edited:

ict2842

Member
Mar 2, 2021
139
11
18
Wichita, KS
Is that used in GDMS or FusionPBX's config? I don't provision through FusionPBX at all because things were acting weird when I tried...my config would vanish randomly.
 
Jan 9, 2018
140
12
18
54
I'll second the comments of @ad5ou. We are using GDMS to redirect to FusionPBX provisioning in exactly that way. To me, doing the full-on provisioning in GDMS would create too much extra work to copy account info across from FusionPBX, so I don't recommend it. Of course, you do need to have provisioning working correctly in FusionPBX first.

And our experience with GDMS control of endpoints has been mixed as well. At most sites, GDMS can see the status of the endpoints, but in about 30% of the sites, scheduled reboots will always or mostly fail. And in about 5%, we'll actually see "network restricted", likely due to firewall issues.

Regarding sluggishness in the GRP line: We have seen that as well. Early GRP2612 phones were terrible on this. As @ad5ou says, updating firmware will fix most of that. We haven't experienced as much negative issues as he has with firmware upgrades, apparently. I did get burned one time on an update for an HT818, but aside from that, it's generally been neutral or positive.

While we haven't rolled out dual registration, we have tested it successfully on both GXP and GRP models on current firmware. However, as I said, we aren't doing full provisioning with GDMS; just redirection to FusionPBX provisioning.

Regarding config vanishing in FusionPBX, that is strange--never had that happen. That may be what you need to work on, to allow you to utilize provisioning in FusionPBX. Especially since that will allow you a lot more flexibility to handle other brands or even Grandstream models that aren't supported in GDMS.
 

ict2842

Member
Mar 2, 2021
139
11
18
Wichita, KS
At my volume, copying the password over isn't so bad. But I see how it could become a headache as things scale. I also had an issue of config changes in FusionPBX only being applied when I rebooted the phone as opposed to on the fly with GDMS. Once the phones are provisioned for use, that shouldn't be too big of a deal, but it is nice to have along with the config templates for phones.
As I use FusionPBX more, I am learning a few things. I am thinking to give provisioning another try.
 
Jan 9, 2018
140
12
18
54
There are two places to push provisioning changes from within FusionPBX without reboots: Devices and Registrations. On Device page, there's a provision button at the top. On Registrations, just tick the one(s) you want to re-provision and click Provision at the top.
Device page provision won't work if you have more than one line/account on a device, but otherwise is very handy!
Registrations is handy for re-provisioning multiple devices. You can also reboot devices from there, as needed.

Another thing that is nice about doing the provisioning from within FusionPBX is that if you use BLFs or speed dials (95% of our installed base), and then if a name changes on one phone, it will automatically update the BLFs/speed dials on the other phones.
 

in2digital

New Member
Mar 13, 2021
10
0
1
31
Is that used in GDMS or FusionPBX's config? I don't provision through FusionPBX at all because things were acting weird when I tried...my config would vanish randomly.

FusionPBX config.

We use FusionPBX for provisioning, and GDMS platform for their device diagnostic tools which would all timeout prior to me changing the FusionPBX xml config.
 

in2digital

New Member
Mar 13, 2021
10
0
1
31
Does this not need to be set to admin as the username?

Nope, it's TR-069 connection request username (should be device MAC without :- in uppercase).

From GDMS support:
Dear user,

Thank you for your feedback! When the GDMS platform assigns the P4511 and P4512 to the devices, the assigned values from the GDMS platform are uppercase. Thanks for your testing!

Thank you!
 

in2digital

New Member
Mar 13, 2021
10
0
1
31
I'll second the comments of @ad5ou. We are using GDMS to redirect to FusionPBX provisioning in exactly that way.

We use it in this way too. The only values set in our GDMS device parameters are Fusionpbx config file URL, user and pass. However, we wanted to use GDMS platform device diagnostics for checking devices on sites where we don't have remote/VPN capabilities.

Changing these TR-069 values in our Fusionpbx configand pushing config has resolved GDMS device diagnostic tasks from timing out.
 
Status
Not open for further replies.