Grandstream Networks SIP Device Provisioning Manual Download | Manualshive

Page: 8 / 9

background image

Grandstream Networks, Inc.

SIP Device Provisioning Guide

Page

8 of 9

www.grandstream.com

Last Updated: 9/2012

</gs_provision>
The mac element is not mandatory. It is designed this way because not all provision systems
support MAC address. If it is present, the provision program will validate the mac element with
the actual MAC address on the device.

XML

F

ILE

E

NCRYPTION

The XML configuration file  may be encrypted using AES-256-CBC algorithm. The encryption
password  is  defined  in  P1359  (XML  Config  File  Password)  of  the  configuration  file.  The
encryption  may  use  salt  to  enhance  security.  The  algorithm  to  derive  the  key  and  IV  from  a
password is the same as the one used by OpenSSL:

The OpenSSL command-line to encrypt the file is as follows:
Openssl enc –e –aes-256-cbc –k password –in config.xml –out cfgxxxxxxxxxxxx.xml

Alternatively, users can also set the XML Config File Password in the web UI of the phone.

Figure 2: Using web UI to define the XML Configuration File Password

When the XML configuration file is encrypted using this method, the phone would only be able
to decrypt and parse the file if user set the XML Config File Password in P1349 of binary
configuration file or in the web UI.

«
...
6
7
8
9
»

Summary of Contents for SIP Device

Page 1: ...Grandstream Networks Inc SIP Device Provisioning Guide www grandstream com ...

Page 2: ...RATION FILE ENCRYPTION 4 FIRMWARE AND CONFIGURATION FILE PREFIX AND POSTFIX 4 FIRMWARE SERVER AND CONFIGURATION FILE SERVER 5 MANAGING FIRMWARE AND CONFIGURATION FILE DOWNLOAD 5 PRE CONFIGURATION AND CONFIGURATION REDIRECTION 6 AUTOMATIC PROVISIONING WITHIN LAN 6 XML PROVISIONING SCHEMA AND EXAMPLE FILE 7 XML FILE ENCRYPTION 8 SECURE PROVISIONING 9 TABLE OF FIGURES SIP DEVICE PROVISIONING GUIDE FI...

Page 3: ... based configuration file When Grandstream device boots up or reboots it issues a request for a configuration file named cfgMAC where MAC is the MAC address of the device for example cfg000b820102ab The configuration file name should be in lower case The file cfgMAC is a proprietary binary format configuration file that must be generated by Grandstream configuration tools For devices that support ...

Page 4: ...r field in the web configuration page A parameter consists of a Capital letter P and 2 to 3 Could be extended to 4 in the future digit numeric numbers i e P2 is associated with Admin Password in the Advanced Page For a detailed parameter list please refer to the corresponding firmware release configuration template GENERATE CONFIGURATION FILES Grandstream offers free Configuration File generator s...

Page 5: ...ix of _1 0 7 5 belong to the firmware version 1 0 7 5 Same rule applies to configuration files i e for configuration file named cfg000b82000001 there can be 3 versions gs_cfg000b82000001_cfg001 gs_cfg000b82000001_cfg002 and gs_cfg000b82000001_cfg003 Here the BASIC NAME of the configuration file is cfg000b82000001 but there are 3 different versions the one that will be accepted is the one with matc...

Page 6: ...ress 3 Your company name and address Here is what service providers should do 1 Create configuration files for all the devices and put them on your TFTP HTTP server 2 Download the latest official release from http www grandstream com support firmware and put them on your TFTP HTTP server same directory as above 3 After we inform you that the devices have been entered into our central provisioning ...

Page 7: ...While all Grandstream SIP devices support DHCP Option 66 only new product series GXP21xx 14xx GXV31xx HT50x and GXW40xx support this additional flexibility XML PROVISIONING SCHEMA AND EXAMPLE FILE The general XML syntax consists of a list of name value pairs P Value is the element and the value of the element is represents the value for that particular configuration that the corresponding P Value ...

Page 8: ...File Password of the configuration file The encryption may use salt to enhance security The algorithm to derive the key and IV from a password is the same as the one used by OpenSSL The OpenSSL command line to encrypt the file is as follows Openssl enc e aes 256 cbc k password in config xml out cfgxxxxxxxxxxxx xml Alternatively users can also set the XML Config File Password in the web UI of the p...

Page 9: ... by using AES with 256 bit key length it remains a question on how to bootstrap and provision the initial XML encryption password There are several methods to provide solutions to this 1 Use legacy binary configuration file to set the initial XML encryption password The legacy binary file is encrypted and it generally regarded safe 2 Use HTTPS and use client side authentication This is the industr...

Reviews:

No comments

Related manuals for SIP Device

Brand: ABB Pages: 14

Brand: Klarstein Pages: 96

Brand: Baicells Pages: 32

Brand: BAFANG Pages: 18

Brand: VANPOWERS Pages: 23

Brand: Yolin Pages: 25

Brand: EAL Pages: 4

Brand: Watts Pages: 8

Brand: HALE Pages: 44

Brand: paramondo Pages: 44

Brand: Jabra Pages: 7

Brand: Jabra Pages: 2

Brand: Jabra Pages: 12

Brand: Valcom Pages: 1

Brand: Valcom Pages: 13

Brand: Valcom Pages: 3

Brand: Valcom Pages: 4

Brand: VARIZOOM Pages: 5

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands