Grandstream Networks SIP Device Provisioning Manual Download | Manualshive

Page: 9 / 9

background image

Grandstream Networks, Inc.

SIP Device Provisioning Guide

Page

9 of 9

www.grandstream.com

Last Updated: 9/2012

S

ECURE

P

ROVISIONING

Although the XML configuration file can be encrypted and the encryption algorithm itself is
regarded as safe and strong by using AES with 256-bit key length, it remains a question on how
to bootstrap and provision the initial XML encryption password. There are several methods to
provide solutions to this:

1.

Use legacy binary configuration file to set the initial XML encryption password. The
legacy binary file is encrypted and it generally regarded safe.

2.

Use HTTPS and use client side authentication. This is the industry standard approach and
has the strongest safety.

«
...
7
8
9

Summary of Contents for SIP Device

Page 1: ...Grandstream Networks Inc SIP Device Provisioning Guide www grandstream com ...

Page 2: ...RATION FILE ENCRYPTION 4 FIRMWARE AND CONFIGURATION FILE PREFIX AND POSTFIX 4 FIRMWARE SERVER AND CONFIGURATION FILE SERVER 5 MANAGING FIRMWARE AND CONFIGURATION FILE DOWNLOAD 5 PRE CONFIGURATION AND CONFIGURATION REDIRECTION 6 AUTOMATIC PROVISIONING WITHIN LAN 6 XML PROVISIONING SCHEMA AND EXAMPLE FILE 7 XML FILE ENCRYPTION 8 SECURE PROVISIONING 9 TABLE OF FIGURES SIP DEVICE PROVISIONING GUIDE FI...

Page 3: ... based configuration file When Grandstream device boots up or reboots it issues a request for a configuration file named cfgMAC where MAC is the MAC address of the device for example cfg000b820102ab The configuration file name should be in lower case The file cfgMAC is a proprietary binary format configuration file that must be generated by Grandstream configuration tools For devices that support ...

Page 4: ...r field in the web configuration page A parameter consists of a Capital letter P and 2 to 3 Could be extended to 4 in the future digit numeric numbers i e P2 is associated with Admin Password in the Advanced Page For a detailed parameter list please refer to the corresponding firmware release configuration template GENERATE CONFIGURATION FILES Grandstream offers free Configuration File generator s...

Page 5: ...ix of _1 0 7 5 belong to the firmware version 1 0 7 5 Same rule applies to configuration files i e for configuration file named cfg000b82000001 there can be 3 versions gs_cfg000b82000001_cfg001 gs_cfg000b82000001_cfg002 and gs_cfg000b82000001_cfg003 Here the BASIC NAME of the configuration file is cfg000b82000001 but there are 3 different versions the one that will be accepted is the one with matc...

Page 6: ...ress 3 Your company name and address Here is what service providers should do 1 Create configuration files for all the devices and put them on your TFTP HTTP server 2 Download the latest official release from http www grandstream com support firmware and put them on your TFTP HTTP server same directory as above 3 After we inform you that the devices have been entered into our central provisioning ...

Page 7: ...While all Grandstream SIP devices support DHCP Option 66 only new product series GXP21xx 14xx GXV31xx HT50x and GXW40xx support this additional flexibility XML PROVISIONING SCHEMA AND EXAMPLE FILE The general XML syntax consists of a list of name value pairs P Value is the element and the value of the element is represents the value for that particular configuration that the corresponding P Value ...

Page 8: ...File Password of the configuration file The encryption may use salt to enhance security The algorithm to derive the key and IV from a password is the same as the one used by OpenSSL The OpenSSL command line to encrypt the file is as follows Openssl enc e aes 256 cbc k password in config xml out cfgxxxxxxxxxxxx xml Alternatively users can also set the XML Config File Password in the web UI of the p...

Page 9: ... by using AES with 256 bit key length it remains a question on how to bootstrap and provision the initial XML encryption password There are several methods to provide solutions to this 1 Use legacy binary configuration file to set the initial XML encryption password The legacy binary file is encrypted and it generally regarded safe 2 Use HTTPS and use client side authentication This is the industr...

Reviews:

No comments

Related manuals for SIP Device

Brand: JANE Pages: 6

Brand: Dakota Alert Pages: 2

Brand: DAINCUBE Pages: 38

Brand: Obelink Pages: 2

Brand: M-S Cash Drawer Pages: 2

Brand: M-Audio Pages: 61

Brand: Oki Pages: 2

Brand: Oki Pages: 20

Brand: Oki Pages: 2

Brand: YOKOGAWA Pages: 15

Brand: Öhlins Pages: 10

Brand: +GF+ Pages: 36

Brand: JANE Pages: 21

Brand: Fronius Pages: 56

Brand: Hyena Pages: 13

Brand: Kolpin Pages: 25

Brand: aquatherm Pages: 32

Brand: Metz Pages: 112

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands