[Asterisk-Users] polycom IP 500/600

Richard richard at o-matrix.org
Wed Oct 27 01:13:34 MST 2004 

The ease of configuration is the biggest concern here. I'd like to try
everything to avoid pressing the keypad of the phone to change the setting.
There is no way I want to go to a site to make a configuration change.

We will most likely deploy a small appliance as a local dhcp and ftp server
inside a customer's network. Therefore security is less an issue. We only
have ssh access to the local server. Then if we make any change, we just
change the setting on the server and send a command to reboot the phone.
Again there is no way I visit each site and punch keys on each phone.

> -----Original Message-----
> From: asterisk-users-bounces at lists.digium.com [mailto:asterisk-users-
> bounces at lists.digium.com] On Behalf Of Kristian Kielhofner
> Sent: Tuesday, October 26, 2004 9:34 PM
> To: Asterisk Users Mailing List - Non-Commercial Discussion
> Subject: Re: [Asterisk-Users] polycom IP 500/600
> 
> Adam Goryachev wrote:
> > On Wed, 2004-10-27 at 16:31, Kristian Kielhofner wrote:
> >
> >>Richard wrote:
> >>
> >>>The default user name and password is a huge issue in some cases. For
> >>>example, hackers can get into the server, grab the configuration,
> program
> >>>their own phone and make free calls. Another example, if you have
> multiple
> >>>domains, then you want different username/passwd for each domain.
> >>>
> >>
> >>I can understand this, although I would like to think that good network
> >>design could prevent you from opening up your ftp (unencrypted!) server
> >>to the internet at large (using a firewall, etc.).
> >
> >
> > Well, since the phones don't support scp or sftp, then I don't suppose
> > those options are available.
> >
> >
> >>This is why the Cisco and Polycom's use CDP for VLAN configuration - you
> >>can set the VLAN BEFORE the DHCP request is made - to make sure that you
> >>get to the proper network (and DHCP server) in the first place.
> >
> >
> > But of course, the phones may not all be on your lan! They could be
> > anywhere on the internet. This is the whole point of VoIP.
> >
> >
> >>The only way that I see your problem working is if Polycom adds the
> >>option to set username and password via custom DHCP options to the
> >>firmware.  That way you would have the username and password BEFORE you
> >>needed to login to the FTP server.  Maybe an idea for them?
> >
> >
> > Precisely, I think this is what the original poster wanted to know. How
> > to set the ftp user/pass from DHCP.
> >
> > PS, of course, if the phone is elsewhere, then you also can't set the
> > ftp user/pass via DHCP, since it isn't your DHCP server. Also, wherever
> > I mentioned setting FTP user/pass via DHCP, you should add setting the
> > FTP server name via DHCP as well. This means you can look at the box of
> > a polycom phone (since the MAC address is on the outside of the box),
> > configure the phone extensions/registrations/etc, hand the box to the
> > user and tell them to go back to their desk and plug it in. Currently,
> > you need to unpack the phone, configure the FTP servername, user,
> > passwd, re-pack the box, and then tell the user to go plug it in etc...
> >
> > Regards,
> > Adam
> >
> 
> Adam,
> 
> 	I understand that the premise with VoIP phones can be placed
> anywhere
> on the internet.  I don't think that phones like the Polycom are
> optimally designed to be used at locations that are not connected to a
> lan not specifically designed for them.  I picture Polycoms, Ciscos,
> etc. used in traditional office settings, or branch offices with VPNs
> anyways.  Lets face it - they speak SIP only, and their NAT functions
> are severely limited anyways (no NAT mapping, STUN, etc.).  All of this
> combined do not make for a very good single remote location phone.  I
> would love to see someone be able to unplug the phone from their desk
> and plug it in at home (with no prior setup, knowledge, etc.), but I
> understand why that just won't work (right now).  Sipuras can download
> their config and store it in non-volatile memory.  I don't know why
> Polycoms don't have this option, and why Cisco has such a limited
> version of it.  I just got done re-reading the Polycom admin manual and
> I saw no way to set either the FTP server, username or password via DHCP
> or config file.  I hope that answers the OP's question.
> 
> --
> Kristian Kielhofner
> 
> _______________________________________________
> Asterisk-Users mailing list
> Asterisk-Users at lists.digium.com
> http://lists.digium.com/mailman/listinfo/asterisk-users
> To UNSUBSCRIBE or update options visit:
>    http://lists.digium.com/mailman/listinfo/asterisk-users

More information about the asterisk-users mailing list