Plantronics + Polycom. Now together as Poly Logo

Poly Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

PIN Authentication from non microsoft dhcp server not working.

murraybd
Occasional Advisor
‎11-30-2014 02:26 PM
‎11-30-2014 02:26 PM

PIN Authentication from non microsoft dhcp server not working.

We have deployed PIN provisioning on Lync 2013 for VVX series phones running latest UCS5.2 firmware.

 

All phones authenticate and login when using Windows DHCP Server, however will not when using third party Cisco or Junpier routers as DHCP Servers. DHCP relay is not an option unfortunatley. 

 

We have also downgraded to 5.1.3 with same results and note Polycom releases UC software 5.1.2 for VVX and SoundStructure release notes state "The phone now accepts the "Non Microsoft DHCP server provisioned Option 43".

 

PIN authentication using HP 4120 works perfectly but not for VVX.

 

Below and attached is a packet trace with the DHCP options being sent and received, a copy of the DHCP router configuration and the result of the Microsoft DHCP util that proves option 120 and 43 are correct.

 

I have hidden HEX and IP Addresses or obvious reasons.

 

MS DHCP Util:
E:\>DHCPUtil -EmulateClient
Starting Discovery ...
Sending Packet (Size: 276, Network Adapter: IP HIDDEN DUE TO SECURITY, Attempt Type: Broadcast + Unicast)
--Begin Packet--
DHCP: INFORM                (xid=7AF625EE)
DHCP: Op Code           (op)      = 1
DHCP: Hardware Type     (htype)   = 6
DHCP: Hops              (hops)    = 0
DHCP: Transaction ID    (xid)     = TID HIDDEN DUE TO SECURITY
DHCP: Seconds           (secs)    = 0
DHCP: Flags             (flags)   = 0000
DHCP: Client IP Address (ciaddr)  = IP HIDDEN DUE TO SECURITY
DHCP: Your IP Address   (yiaddr)  = 0.0.0.0
DHCP: Server IP Address (siaddr)  = 0.0.0.0
DHCP: Relay IP Address  (giaddr)  = 0.0.0.0
DHCP: Client HW Address (chaddr)  = 9CEBE###--End Packet--

Received Packet
Sender:192.168.200.1:67, Size:383
--Begin Packet--
DHCP: ACK                (xid=7AF625EE)
DHCP: Op Code           (op)      = 1
DHCP: Hardware Type     (htype)   = 6
DHCP: Hops              (hops)    = 0
DHCP: Transaction ID    (xid)     = TID HIDDEN DUE TO SECURITY
DHCP: Seconds           (secs)    = 0
DHCP: Flags             (flags)   = 0000
DHCP: Client IP Address (ciaddr)  = 0.0.0.0
DHCP: Your IP Address   (yiaddr)  = 0.0.0.0
DHCP: Server IP Address (siaddr)  = 0.0.0.0
DHCP: Relay IP Address  (giaddr)  = 0.0.0.0
DHCP: Client HW Address (chaddr)  = MAC HIDDEN DUE TO SECURITY
DHCP: Server Host Name  (sname)   = IP HIDDEN DUE TO SECURITY
DHCP: Boot File Name    (file)    =
DHCP: Magic Cookie                = 99.130.83.99
DHCP: Option Field
    DHCP: DHCP MESSAGE TYPE(  53) = (Length: 1) DHCP ACK
    DHCP: Server Identifier(  54) = (Length: 4) IP HIDDEN DUE TO SECURITY
    DHCP: Client Identifier(  61) = (Length: 0) () 
    DHCP: SIP Server( 120)        = (Length: 32) enc:0 lync.domain.com.au (HEX HIDDEN DUE TO SECURITY)
    DHCP: Host Name(  12)         = (Length: 0)
    DHCP: Vendor Identifier(  60) = (Length: 0)
    DHCP: Param Req List(  55)    = (Length: 0) 0 0
    DHCP: Vendor Info(  43)       = (Length: 96) ☺♀MS-UC-Client☻♣https♥↔lync.domain.com.au♦♥443♣%/CertProv/CertProvisioningService.svc (HEX HIDDEN DUE TO SECURITY)
    DHCP: End of this option field
--End Packet--

Result: Success
DHCP Server : IP HIDDEN DUE TO SECURITY
SIP Server FQDN : lync.domain.com.au
Certificate Provisioning Service URL : https://lync.domain.com.au:443/CertProv/CertProvisioningService.svc

Juniper DHCP Router Configuration:
pool IP HIDDEN DUE TO SECURITY/24 {
    address-range low IP HIDDEN DUE TO SECURITY high IP HIDDEN DUE TO SECURITY;
    default-lease-time 86400;
    domain-name domain.com.au;
    name-server {
        IP HIDDEN DUE TO SECURITY;
    }
    router {
        IP HIDDEN DUE TO SECURITY;
    }
    boot-server IP HIDDEN DUE TO SECURITY;
    option 43 byte-stream "HEX HIDDEN DUE TO SECURITY";
    option 42 array ip-address IP HIDDEN DUE TO SECURITY;
    option 2 integer 36000;
    sip-server {
        name {
            lync.domain.com.au;
        }
    }
} 

 

 

Any ideas?

 

Message 1 of 2
0 Kudos
Reply
1 REPLY 1
SteffenBaierUK
Polycom Employee & Community Manager Polycom Employee & Community Manager
Polycom Employee & Community Manager
‎11-30-2014 11:01 PM
‎11-30-2014 11:01 PM

Re: PIN Authentication from non microsoft dhcp server not working.

Hello murraybd,

welcome to the Polycom Community.

I am aware of a Cisco issue at present (VOIP-95799) but to verify the Juniper or Cisco issue is the same we would require you to open a support ticket via your Polycom reseller.

Please ensure to provide some feedback if this reply has helped you so other users can profit from your experience.

Best Regards

Steffen Baier

Polycom Global Services

----------------
The title Polycom Employee & Community Manager is a community setting and does not reflect my role. I am just a simple volunteer in the community like everybody else. My official "day" Job is 3rd Level support at Poly but I am unable to provide official support via the community.

----------------

Notice: This community forum is not an official Poly support resource, thus responses from Poly employees, partners, and customers alike are best-effort in attempts to share learned knowledge. If you need immediate and/or official assistance please open a service ticket through your proper support channels.
Please also ensure you always check the VoIP , Video Endpoint , Skype for Business , PSTN or RPM FAQ's
Message 2 of 2
0 Kudos
Reply