[Asterisk-Users] polycom IP 500/600

Kristian Kielhofner kris at krisk.org
Wed Oct 27 00:33:53 MST 2004


Adam Goryachev wrote:
> On Wed, 2004-10-27 at 16:31, Kristian Kielhofner wrote:
> 
>>Richard wrote:
>>
>>>The default user name and password is a huge issue in some cases. For
>>>example, hackers can get into the server, grab the configuration, program
>>>their own phone and make free calls. Another example, if you have multiple
>>>domains, then you want different username/passwd for each domain.
>>>
>>
>>I can understand this, although I would like to think that good network 
>>design could prevent you from opening up your ftp (unencrypted!) server 
>>to the internet at large (using a firewall, etc.).
> 
> 
> Well, since the phones don't support scp or sftp, then I don't suppose
> those options are available.
> 
> 
>>This is why the Cisco and Polycom's use CDP for VLAN configuration - you 
>>can set the VLAN BEFORE the DHCP request is made - to make sure that you 
>>get to the proper network (and DHCP server) in the first place.
> 
> 
> But of course, the phones may not all be on your lan! They could be
> anywhere on the internet. This is the whole point of VoIP.
> 
> 
>>The only way that I see your problem working is if Polycom adds the 
>>option to set username and password via custom DHCP options to the 
>>firmware.  That way you would have the username and password BEFORE you 
>>needed to login to the FTP server.  Maybe an idea for them?
> 
> 
> Precisely, I think this is what the original poster wanted to know. How
> to set the ftp user/pass from DHCP.
> 
> PS, of course, if the phone is elsewhere, then you also can't set the
> ftp user/pass via DHCP, since it isn't your DHCP server. Also, wherever
> I mentioned setting FTP user/pass via DHCP, you should add setting the
> FTP server name via DHCP as well. This means you can look at the box of
> a polycom phone (since the MAC address is on the outside of the box),
> configure the phone extensions/registrations/etc, hand the box to the
> user and tell them to go back to their desk and plug it in. Currently,
> you need to unpack the phone, configure the FTP servername, user,
> passwd, re-pack the box, and then tell the user to go plug it in etc...
> 
> Regards,
> Adam
> 

Adam,

	I understand that the premise with VoIP phones can be placed anywhere 
on the internet.  I don't think that phones like the Polycom are 
optimally designed to be used at locations that are not connected to a 
lan not specifically designed for them.  I picture Polycoms, Ciscos, 
etc. used in traditional office settings, or branch offices with VPNs 
anyways.  Lets face it - they speak SIP only, and their NAT functions 
are severely limited anyways (no NAT mapping, STUN, etc.).  All of this 
combined do not make for a very good single remote location phone.  I 
would love to see someone be able to unplug the phone from their desk 
and plug it in at home (with no prior setup, knowledge, etc.), but I 
understand why that just won't work (right now).  Sipuras can download 
their config and store it in non-volatile memory.  I don't know why 
Polycoms don't have this option, and why Cisco has such a limited 
version of it.  I just got done re-reading the Polycom admin manual and 
I saw no way to set either the FTP server, username or password via DHCP 
or config file.  I hope that answers the OP's question.

--
Kristian Kielhofner




More information about the asterisk-users mailing list