[asterisk-users] Polycom XML Files / asterisk

Atis Lezdins atis at iq-labs.net
Thu May 15 15:45:01 CDT 2008 

On Thu, May 15, 2008 at 10:08 PM, Robert McNaught
<asteriskator at gmail.com> wrote:
> The way I understood it is that TFTP does not allow you to set a
> username and password in a URL
> like tftp://username:password@tftp.phonecompany.com is not possible
> when setting option 66
>
> Is it not possible to require a username and password with HTTP?  I
> assumed that you could just like if you were protecting the web root
> directory on a webserver to require authentication credentials,
> although have never tried this.

You can always limit access to HTTP for certain IP range. Isn't that
enough? Then add auth in your request string - for example:
http://provisioning.mysite.com/secure/234sdfsdf3247sd/- unless you
enable directory listing, it should be at same security level as http
with authentication or ftp (any of those can be sniffed)

Another thing I like in HTTP - you can redirect config read to execute
any script, write simple PHP that will generate resulting config, with
lookup of correct extension by MAC. Much like DHCP.

Regards,
Atis

>
> Robert
>
>
>
> On Thu, May 15, 2008 at 10:43 AM, Anthony Francis <anthonyf at rockynet.com> wrote:
>> I am confused how TFTP is less secure than HTTP. TFTP does not allow any
>> browsing, ever. Neither technologies will allow the device to
>> authenticate before downloading a configuration file, and both are
>> easily secured by only permitting connections from specific hosts.
>>
>> Robert McNaught wrote:
>>> Yes, perhaps a script would always be better than hand-touching these
>>> files, and getting an XML editor only really makes it easier on the
>>> eyes.
>>>
>>> On the same subject, I have noticed that Snom and Linksys phones do
>>> not support FTP provisioning - only TFTP and HTTP.  With TFTP being an
>>> insecure option for a hosted architecture, is everyone moving to
>>> provision Polycoms with HTTP, so that both can be auto-provisioned via
>>> Option 66.
>>>
>>> One thing I found is that, with option 66 in a LAN router, you cannot
>>> specify more than one protocol.
>>>
>>> Has anyone had any problems provisioning Polycoms with HTTP?
>>>
>>>
>>> On Thu, May 15, 2008 at 1:35 AM, Philipp Kempgen
>>> <philipp.kempgen at amooma.de> wrote:
>>>
>>>> Robert McNaught schrieb:
>>>>
>>>>
>>>>> Does anyone know how to apply a style sheet to the polycom automatic
>>>>> provisioning XML files?
>>>>>
>>>> Why should applying a stylesheet be different than for any other
>>>> XML files?
>>>>
>>>>
>>>>> Even better, does anyone know of a web-based XML editor where you can
>>>>> just edit the files from a browser directly ie entering in phone
>>>>> number, display name, proxy address etc.  From what I gather, most
>>>>> people are just using Notepad to change the files then upload them, or
>>>>> vi from the command line, which is fiddly and time-consuming.
>>>>>
>>>> Just use your preferred editor. Nobody forces Notepad or vi upon you.
>>>>
>>>> Even better: Generate the config files with Perl/PHP/<insert favorite
>>>> language>.
>>>>
>>>>
>>>> Grüße,
>>>> Philipp Kempgen
>>>> --
>>>> Asterisk-Tag.org 2008, 26.-27. Mai   ->  http://www.asterisk-tag.org
>>>> amooma GmbH - Bachstr. 126 - 56566 Neuwied  ->  http://www.amooma.de
>>>> Geschäftsführer: Stefan Wintermeyer, Handelsregister: Neuwied B14998
>>>>
>>>> _______________________________________________
>>>> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>>>>
>>>> asterisk-users mailing list
>>>> To UNSUBSCRIBE or update options visit:
>>>>   http://lists.digium.com/mailman/listinfo/asterisk-users
>>>>
>>>>
>>>
>>> _______________________________________________
>>> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>>>
>>> asterisk-users mailing list
>>> To UNSUBSCRIBE or update options visit:
>>>    http://lists.digium.com/mailman/listinfo/asterisk-users
>>>
>>
>> --
>> Thank you and have any kind of day you want,
>>
>> Anthony Francis
>> Rockynet VOIP
>> (303) 444-7052 opt 2
>> voip at rockynet.com
>>
>>
>> _______________________________________________
>> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>>
>> asterisk-users mailing list
>> To UNSUBSCRIBE or update options visit:
>>   http://lists.digium.com/mailman/listinfo/asterisk-users
>>
>
> _______________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>   http://lists.digium.com/mailman/listinfo/asterisk-users
>



-- 
Atis Lezdins,
VoIP Project Manager / Developer,
atis at iq-labs.net
Skype: atis.lezdins
Cell Phone: +371 28806004
Cell Phone: +1 800 7300689
Work phone: +1 800 7502835

More information about the asterisk-users mailing list