Author Topic: SFTP/FTP access to Virtual MiVB 9.0  (Read 6951 times)

Offline petr.necas

  • Sr. Member
  • ****
  • Posts: 393
  • Country: cz
  • Karma: +8/-0
    • View Profile
SFTP/FTP access to Virtual MiVB 9.0
« on: October 31, 2018, 10:50:48 AM »
Maybe the solution is very simple. I'm trying to download a PCAP file (generated by the SIP TCPDUMP ON command) from a virtual MiVB 9.0 system but with no luck. I scanned the MiVB IP address for open ports, and the FTP port 21 does not seem to be open at all. Port 22 (SFTP) seems to be open, I coudn't connect using any of the well known user names (system/admin/root). Could anyone provide please any ideas?

In MiVB 9.0 docs there is only:

SIP TCPDUMP ON
   

Trunk & Line side
   

Starts TCPDUMP (capturing signaling packets) for SIP signaling on MiVoice Business.

Captured data is saved into files and placed in the /Vmail folder. All SIP signaling files in the /Vmail folder have names in the format of WS_xxxxxx.pcap. A maximum of 20 files of approximately 55-Mbyte size can be created by MiVoice Business. To collect captured data, manually ftp all WS_xxxxxx.pcap files in the /Vmail folder and use the Wireshark application to view them.

NOTE: Once retrieved, it is strongly recommended to delete all WS_*.pcap files.


Offline NEPhoneGuy

  • Global Moderator
  • Sr. Member
  • *****
  • Posts: 218
  • Country: us
  • Karma: +5/-0
    • View Profile
Re: SFTP/FTP access to Virtual MiVB 9.0
« Reply #1 on: October 31, 2018, 11:20:46 AM »
I'm curious as well as we have not made the move to 9.0

On our existing virtual systems we simply FTP to the Controllers IP and login using the ESM credentials.

Offline lundah

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 1215
  • Country: us
  • Karma: +66/-0
  • Senior Chief Grunt
    • View Profile
Re: SFTP/FTP access to Virtual MiVB 9.0
« Reply #2 on: October 31, 2018, 11:22:39 AM »
From the MiVB 9.0 release notes:

Quote
FTP is no longer supported to access the MiVB.
Use WinSCP, Filezilla or similar application.

So I'd try using WinSCP. Not sure what the folder structure looks like in MiVB 9.0, I haven't had a chance to play with it yet.

Offline petr.necas

  • Sr. Member
  • ****
  • Posts: 393
  • Country: cz
  • Karma: +8/-0
    • View Profile
Re: SFTP/FTP access to Virtual MiVB 9.0
« Reply #3 on: October 31, 2018, 12:52:45 PM »
I use Far Manager (www.farmanager.com) that supports SFTP out of the box. I downloaded WinSCP (5.13.4) and tried to connect but without success.

Offline Dogbreath

  • Global Moderator
  • Sr. Member
  • *****
  • Posts: 396
  • Country: gb
  • Karma: +18/-0
    • View Profile
Re: SFTP/FTP access to Virtual MiVB 9.0
« Reply #4 on: October 31, 2018, 01:02:26 PM »
Have you tried going through the MSL instance? Haven't played with 9 yet [and won't be doing so for some time if the threads on here are anything to go by!] but on 8 all the interesting stuff was in /var/service/tenant0/

Offline petr.necas

  • Sr. Member
  • ****
  • Posts: 393
  • Country: cz
  • Karma: +8/-0
    • View Profile
Re: SFTP/FTP access to Virtual MiVB 9.0
« Reply #5 on: October 31, 2018, 01:27:58 PM »
Since MiVB 9.0 there is only one IP that is shared by the MSL and the MCD.

Single Address for Server Manager and MiVB ESM
• MiVoice Business release 9.0 supports a single FQDN or IP address for both MiVoice Business and Server Manager instead of separate IP addresses.
Example:
https://local8.miteluniversity.ca/server-manager for server-manager
https://local8.miteluniversity.ca/main.asp for ESM
OR
https://192.168.62.166/server-manager for server-manager
https://192.168.62.166/main.asp for ESM

Offline petr.necas

  • Sr. Member
  • ****
  • Posts: 393
  • Country: cz
  • Karma: +8/-0
    • View Profile
Re: SFTP/FTP access to Virtual MiVB 9.0
« Reply #6 on: October 31, 2018, 04:41:04 PM »
It is at least possible to copy the PCAP file out of the box to an external FTP server.

Offline petr.necas

  • Sr. Member
  • ****
  • Posts: 393
  • Country: cz
  • Karma: +8/-0
    • View Profile
Re: SFTP/FTP access to Virtual MiVB 9.0
« Reply #7 on: November 01, 2018, 07:19:57 AM »
It looks the MSL blocked the IP address I was connecting from. The IP is in the /etc/hosts.blocked file.

The denyhosts/current log file shows when the IP was blocked.

2018-10-31 15:23:36.571225500 adjusting supervised sshd (sighup)
2018-10-31 15:23:36.574012500 new denied hosts: ['172.20.10.111']
2018-10-31 15:23:36.574089500 Added the following hosts to /etc/hosts.blocked:
2018-10-31 15:23:36.574093500
2018-10-31 15:23:36.574096500 172.20.10.111

According to the following messages, after about 5 days the IP should be unblocked automatically:
2018-11-01 09:39:50.403601500 num entries purged: 0
2018-11-01 10:39:53.460703500 purging entries older than: Sat Oct 27 11:39:53 2018

I tried to connect via SFTP from another PC and it worked fine. Important is that the correct user is "root", not "system" or "admin".

Offline Dogbreath

  • Global Moderator
  • Sr. Member
  • *****
  • Posts: 396
  • Country: gb
  • Karma: +18/-0
    • View Profile
Re: SFTP/FTP access to Virtual MiVB 9.0
« Reply #8 on: November 01, 2018, 07:49:43 AM »
You can just install sngrep from here and debug it interactively rather than messing about copying PCAP files:

http://packages.irontec.com/rhel/6/x86_64/

Again, I've no experience with MiVB9, but on 8 you'll want to specify a capture interface, because otherwise it captures on all interfaces and you'll see three copies of every packet.
If you're wondering whether or not this is officially sanctioned by Mitel, I'll give you one guess :-D

Offline petr.necas

  • Sr. Member
  • ****
  • Posts: 393
  • Country: cz
  • Karma: +8/-0
    • View Profile
Re: SFTP/FTP access to Virtual MiVB 9.0
« Reply #9 on: November 01, 2018, 08:03:34 AM »
I have no experience with sngrep, I will have a look what it can do. Thanks for the tip.

In MSL I use "tcpdump -i eth0 -B 1600 -w capture.pcap -v" command to capture traffic on one interface (eth0 in this case), then I download it and analyze it in Wireshark.


 

Sitemap 1 2 3 4 5 6 7 8 9 10