Hi, recently I had setup ucm6300 for a customer and they required some users to be able to access extension only via wave app while others would have concurrent registration. All lan extensions work perfectly fine. Now coming to wave app, I did a test run on a mobile and laptop during configuration, these devices are able to connect and make calls from anywhere and via any extension but the newly registered wave app extensions are not able to connect. Did a packet capture in ucm and notice that for the wave remote extension the ucm trying to reach the private IP of the device and not the public IP through which it initially reached ucm. Stun server is set to stun.ipvideotalk.com:3478 extension keep alive is enabled. port 5060, 5061 and 10000-20000 forwarded in router that sits ahead of UCM. Am I missing anything here… The wierd part is how are these two devices still able to connect and successfully make calls. @lpneblett I have seen your earlier replies on similar issues, your inputs on this will be great…
UCM trying to reach local ip of wave app extension
with UCM630X you do not have to do absolutely any NAT or Forward of the ports, you have to use the remote connect integrated with UCM (subject to licenses).
Doing NAT or forward unnecessarily exposes UCM to the Internet with related security problems.
Thank you for using the UCM63xx device and UCMRC service! As Damiano claimed, you can contact your device dealer or go to GDMS platform and click “Help” button to process to purchase a UCMRC plan so that you do not need to do any NAT or forwarding of the ports. It will help users set up those NAT/forwarding features efficiently. Please refer to the related documents below:
UCM RemoteConnect Service User Guide:
UCM RemoteConnect Endpoint Configuration Guide:
UCM63xx Remote Work Environment Setup Guide:
Let me know if you have any further questions. Thanks!
Thanks everyone. A reconfig sorted out the issue. Thanks for support.
Thanks for your updates! Let me know if you have any further questions. Thanks!
I would have to disagree with this, it depends on the firewall and security put in place. I’m struggling with a couple clients with SonicsWalls that we don’t administer. The list of firewall rules support is saying to implement is long. I was under the impression the “paid” Remote Connect plans would just work and that’s not the case at all.
I have not created neither UCM nor Remote Connect, so if you have any complaints you have to make them directly to Grandstream. If you say it to me it is useless, I limit myself as much as possible to lend a hand to the users of the forum, indicating where possible the Grandstream instruction links.
As far as I’m concerned, I have tested Remote Connect both on Clients managed by me (normally Draytek), and on Firewalls of any brand not managed by me, and in all cases the IP phone works regularly,
as far as WAVE is concerned, I honestly don’t like it at all, so I don’t even waste time on it, APP born in my view badly, I repeat, it’s just my point of view.
Thank you for your feedback! Please kindly let us know if you have any questions about the UCMRC service! Please kindly help us export the logs from the Wave app and download the syslog from the Web UI of you UCM63XX if you have any questions about using this service. Thanks for your testing!
Almost all my UCM’s are behind Sonicwall Firewalls. I have not had any problems using the UCM-Remote Connect feature. The one thing that needs to be changes on the Sonicwall is to go to the VOIP section on the Sonicwall, uncheck all boxes, except they will need to check the box for “Enable consistent NAT”
If using the desktop app vs the mobile app, then you have to set up the remote phone/desktop wave app manually as I understand it. The information you need can be found on the wave email that can be sent to the user.
The remote connect user manual is here
Thanks a lot for your feedback, Dave!