Making an end run to VoIP

When your brand new VoIP phone system doesn't work, who you gonna call?

Earlier this year, the company I work for decided to replace our aging phone system with a VoIP solution with all the bells and whistles. We looked at several systems before finally deciding on a vendor. Our in-house IT staff was extremely competent in network administration, system administration, and so on, but none of us had any hands-on experience with phone systems, let alone VoIP phones. Fortunately, “Ring-a-Ding Telecom,” the company we hired to install and support the new system, told us not to worry. The switchover would be a snap.

When the Ring-a-Ding team showed up to do the install, they were mildly distressed to discover that we were a Linux house. They were accustomed to installing in a Windows environment, but we were totally opposed to adding a Windows server. We had gone to a lot of trouble to get the buggers out of there in the first place, and we didn’t want one sneaking back in. On the other hand, Ring-a-Ding had never set up a DHCP phone server on a Linux box before. So to make life simpler, we agreed that they would install the phones using static IP addresses. Then, at the last moment, they decided that setting up over 200 phones statically would take too long. Somehow they convinced my boss to have me reconfigure our Linux DHCP server. This turned out to be a nightmare.

Configuring the server to boot the phones required some very obscure options. Every time I asked Ring-a-Ding for help, I got the same response from Charlie, the team leader: “I’m a phone guy,” he would say, “not a data guy.”

Luckily, I found a similar product that ran on Linux and used a DHCP server. Due to the simplicity of text file-based configuration on Linux, we were able to copy the necessary options to get the phones up and running, but the fun was just beginning.

My company has two locations, and one of the most appealing features of this new phone system was that it was supposed to allow staffers at both sites to dial each others’ extensions directly. Except this feature never worked.

“Well,” said Charlie, “I’m not a data guy, but maybe you don’t have the right ports open.”

So I started opening ports. At first it was just one or two, then entire ranges. Finally, much against my better judgment, I opened up all the ports. No dice. The two systems just wouldn’t talk.

Finally, Ring-a-Ding decided we needed a VPN. Of course, they had one they could sell us at a “fair price.” Yeah, right. We had been getting nickled and dimed by these guys for weeks, and I was ready to send them packing. But my boss decided it was worth paying them the money just to get the system working.

I decided to try an end-run. I had 24 hours until Ring-a-Ding would arrive to install the VPN. The race was on!

Our IT department had never installed a VPN, although we were familiar with OpenBSD firewalls and routers. We installed OpenBSD on an old Dell workstation; then we scrambled to read up on VPN. With less than three hours to go before Ring-a-Ding showed up, one of my co-workers stumbled on a BSD-based VPN/firewall called Monowall. Within one hour we had a running VPN, and the phones at both locations worked perfectly.

Charlie might not have been a data guy, but I was.

Mobile Security Insider: iOS vs. Android vs. BlackBerry vs. Windows Phone
Recommended
Join the discussion
Be the first to comment on this article. Our Commenting Policies