Upcoming Change for UCM6300/Wave: User Password Required for Wave Login

grandstream · 2021-08-02 11:44:13 UTC

Dear Grandstream Customers,

Thank you for supporting the UCM6300 series and Wave applications. We would like to inform you of upcoming updates for UCM6300 and Wave, which will be available soon. One of the major changes is the discontinuation of using SIP Password for Wave login. Previously, Wave allowed users to log in through either the SIP Password or User Password. With the upcoming update, only User Password can be used to log into Wave. This change was made to reduce potential security risks and to allow for simpler management of accounts.

Here are some suggestions to prepare for this change:

For UCM administrators, it’s recommended to ensure that email addresses are configured for all extensions that access Wave. When a Wave user attempts to reset password after clicking “Forgot Password” on the Wave Login Portal, a Password Reset email will be sent to the associated account’s email address. If no email address is configured for that user, UCM will be unable to send the password reset email. Please also ensure UCM has email settings properly configured. Otherwise, UCM cannot send email to users.
If UCM administrators prefer not to use email for Wave users to reset password, administrators will need manually assign passwords to every Wave user.
Current firmware for UCM6300 (1.0.7.12) and Wave still allows login via SIP Password as well as User Password. Once upgraded to the upcoming UCM6300/Wave firmware, only User Password will be allowed. It’s recommended for UCM administrator to start checking email address settings on UCM/extensions and instruct Wave users to start using User Password now. This will help with a smooth transition and prevent unprepared logout from Wave after UCM6300/Wave are upgraded.

To check the settings mentioned above, log in UCM web UI->Extension/Trunk->Extensions and select an extension to edit an extension.

“SIP Password”:
Under “Basic Settings”->General section, UCM administrator can find SIP Password in “SIP/IAX Password”.

Screen Shot 2021-08-02 at 04.36.40.jpg1638x330 72.8 KB
“User Password”:
In the same page on UCM web UI, scroll down to “User Settings” section to find “User Password” field.
“Email Address”:
“Email Address” field is in the same page and it’s next to “User Password” field.

Screen Shot 2021-08-02 at 04.38.25.jpg1664x858 150 KB

Note:
Endpoints such as IP phones will still use SIP password for registration. This change only affects Wave users.

Please contact us should you have any issues. Thank you for your support for Grandstream products.

Technical Support
Grandstream Networks, Inc.

grandstream · 2021-08-02 11:44:22 UTC

ovsyukov · 2021-08-02 13:28:45 UTC

It would be nice if you periodicly inform us about roadmap of upcoming changes, features and fixes that developers work on.
Thank you !

damiano70 · 2021-08-02 13:45:14 UTC

Hello @grandstream,

I take this opportunity to suggest a security change,
In “Enable Concurrent Call Alert” you can set a call limit in a temporal range, 5 Example 5 in a minute, an email will then be sent if set.
However, this does not imply any automatic block / ban, so it uses little,
Also because if at 2 am the event takes place, the assistance reads it at 8 am, and in 6 hours everything can happen without being able to do anything.
Other switchboards of other vendors include the BAN / automatic block in this condition, it is necessary to complete this thing on UCM.

Security Settings / Fail2Ban / Customer Service System Call Defense -> I don’t understand what you need, could it be such a thing like what I ask?

Damiano

grandstream · 2021-08-02 16:45:54 UTC

Hi damiano70,
Thank you for your feedback. On UCM63xx, the trunk setting has this option “The Maximum Number of Call Lines” to limit the outgoing calls for the trunk. Would that be helpful for this scenario? Or should incoming calls be limited as well?

Best regards,
GSSupport

damiano70 · 2021-08-02 17:11:11 UTC

Hi @grandstream

I try to explain myself better,
“Enable Concurrent Call Alert” allows you to keep track of concurrent calls,
entering the max number of external calls in a time range,
if the UCM event occurs send an alert email.
As it could be a serious anomaly, example UCM hacked, in addition to the warning email the UCM should for example block subsequent external calls, until the intervention of the admin.
That way the security system would make sense and would be great for security.

n. b.: I put you in PM some useful information

ovsyukov · 2021-08-03 09:43:53 UTC

There is an issue with video in version 1.0.9.13
The IPVT10 (Grandstream video conference server) now see no video from wave app ( i call to videoconference as sip extension). I can see video from conference during 15-20 minutes, then video disappears, and i see just black screen. I press the camera button ( wich disables/enables video) and no reaction. The only way is to hangup and call again.
The same situation if i call to GXV3370 videophone.
I can see video from gxv3370, but 3370 does not see video from me.

GSSupport74 · 2021-08-05 03:34:46 UTC

Dear user,

Thank you for using Wave application! Could you kindly help to capture the trace file and syslog from your UCM device? And also, could you export the logs from your Wave application? Thanks for your testing!

Thank you!