[asterisk-users] Auto provisioning from public server

Tzafrir Cohen tzafrir.cohen at xorcom.com
Wed Oct 27 05:51:43 CDT 2010


Hi,

On Tue, Oct 26, 2010 at 05:31:00PM +0200, Jonas Kellens wrote:
> Hello,
>
> has anyone experience with auto provisioning IP-phones on different  
> locations through a central public provisioning server ? You use http or  
> https ?

What is it exactly that you want to guarantee?

Authenticating the client? The server?

Avoiding any leak of data to some eavesdropper?

>
> Is there a danger that one uses a different MAC-address in the  
> provisioning link to obtain SIP username / password settings ?

On a LAN it wouls be quite difficult to forge the MAC without it getting
detected. But in your case, the MAC is merely an arbitrary ID of the
client. It can probably serve as a useful unique ID. See the above
question regarding authentication.

I also guess you should not use TFTP. Unless you have some spare time at
boot.

-- 
               Tzafrir Cohen
icq#16849755              jabber:tzafrir.cohen at xorcom.com
+972-50-7952406           mailto:tzafrir.cohen at xorcom.com
http://www.xorcom.com  iax:guest at local.xorcom.com/tzafrir



More information about the asterisk-users mailing list