Gontran Harvey
asked on
Send http command to IP phone from outside of the network
I'm trying to connect (send command) to an IP phone (Yealink) from outside the network.
It's already working from the inside with this simple URL to call:
"http://192.168.XX.XXX/servlet?key=number=5145555555"
It's very easy and can make the phone call a client directly from my custom app (Access database).
I see that IP phone company have remote access to my IP phone and would like to know the Technic to do the same.
I have users using the custom app on a remote server, but the IP phone is at another location, and I want to make there phone call by a click of a button the same way I do inside the network.
It's already working from the inside with this simple URL to call:
"http://192.168.XX.XXX/servlet?key=number=5145555555"
It's very easy and can make the phone call a client directly from my custom app (Access database).
I see that IP phone company have remote access to my IP phone and would like to know the Technic to do the same.
I have users using the custom app on a remote server, but the IP phone is at another location, and I want to make there phone call by a click of a button the same way I do inside the network.
Be very carefull. There is a LOT of traffic on the internet to do exactly the same, just for international calls. (Someone else then the original caller has to foot the bill... Lots of fraudulent attempt to do this. ). Phones have a complete lack of security tooling, so they MUST NOT be exposed to the internet.
A PBX should already be hardened or at least have the capabilities to be hardened against attacks.
Another options you have is that many PBX's can be approached (using a library) to dial a number and then locally transfer the local side of the call to a phone. So you don't need to use the phone to dial the number.
For windows environments this might be useful: https://www.ipcom.at/en/telephony/siptapi/
A PBX should already be hardened or at least have the capabilities to be hardened against attacks.
Another options you have is that many PBX's can be approached (using a library) to dial a number and then locally transfer the local side of the call to a phone. So you don't need to use the phone to dial the number.
For windows environments this might be useful: https://www.ipcom.at/en/telephony/siptapi/
As already said, security is a concern. My first thought would be to check with the VOIP provider for any api's that are exposed.
Then as a last resort you can set up port forwarding in the router. From there you can point to a phone.
What you may want to do instead is to create an app on site that can accept some information such as the internal ip of the phone, servletkey, outgoing number and a passphrase that can be static or perhaps a sha256(internalip, servletkey,outgoingnumber, date,stati c passcode) along with the required data. Then your internal app checks the hash against the data input. If it checks out, then sends the required codes to the phone.
Then as a last resort you can set up port forwarding in the router. From there you can point to a phone.
What you may want to do instead is to create an app on site that can accept some information such as the internal ip of the phone, servletkey, outgoing number and a passphrase that can be static or perhaps a sha256(internalip, servletkey,outgoingnumber,
ASKER
Alex, Yes I have a VPN
ASKER
I check for API and they don't have it at this moment, that's the first thing I checked. Thats why I use the internal command for the moment.
SIPTAPI uses SIP command to start a session. It registers as a phone (new extension) then dials the external number and then transfers the call to the intended local extension. from a TAPI interface. So no API required... (not beyond the existing SIP interface.).
ASKER
Thanks guys, for your help. Something came up and need to look at your possible solution probably more in January. i will let you know.
Thanks again.
Thanks again.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Regards
Alex