On 10/26/2010 06:30 PM, Andrew Latham wrote:
snom phones can do http digest authentication...
I think this digest authentication is for accessing the phone's web
interface, not for contacting a provisioning server
Jonas.
--
On Tue, 2010-10-26 at 17:31 +0200, Jonas Kellens wrote:
Hello,
has anyone experience with auto provisioning IP-phones on different
locations through a central public provisioning server ? You use http
or https ?
Is there a danger that one uses a different MAC-address in the
provisioning
On Tue, Oct 26, 2010 at 11:31 AM, Jonas Kellens jonas.kell...@telenet.bewrote:
Hello,
has anyone experience with auto provisioning IP-phones on different
locations through a central public provisioning server ? You use http or
https ?
Is there a danger that one uses a different
On Wed, Oct 27, 2010 at 4:04 AM, Ishfaq Malik i...@pack-net.co.uk wrote:
On Tue, 2010-10-26 at 17:31 +0200, Jonas Kellens wrote:
Hello,
has anyone experience with auto provisioning IP-phones on different
locations through a central public provisioning server ? You use http
or https ?
On Wed, 2010-10-27 at 04:10 -0400, Steve Totaro wrote:
On Wed, Oct 27, 2010 at 4:04 AM, Ishfaq Malik i...@pack-net.co.uk
wrote:
On Tue, 2010-10-26 at 17:31 +0200, Jonas Kellens wrote:
Hello,
has anyone experience with auto provisioning
On 10/27/2010 10:06 AM, Steve Totaro wrote:
On Tue, Oct 26, 2010 at 11:31 AM, Jonas Kellens
jonas.kell...@telenet.be mailto:jonas.kell...@telenet.be wrote:
Hello,
has anyone experience with auto provisioning IP-phones on
different locations through a central public provisioning
Hi,
On Tue, Oct 26, 2010 at 05:31:00PM +0200, Jonas Kellens wrote:
Hello,
has anyone experience with auto provisioning IP-phones on different
locations through a central public provisioning server ? You use http or
https ?
What is it exactly that you want to guarantee?
Authenticating
Jonas
A quick look at the snom wiki will tell you that I am right...
On 10/26/2010 06:30 PM, Andrew Latham wrote:
snom phones can do http digest authentication...
I think this digest authentication is for accessing the phone's web
interface, not for contacting a provisioning server
You can provision over a WAN and access-lists or iptables can limit
the networks allowed. Define what level of security you need first.
For further security you can use an inbound proxy and check the http
headers for agent identification. This can also be faked.
Practice layers of security...
I havent had much auto provisioning experience, however, what about just
using IPTables to create an access list essentially for known IPs to connect
via HTTP/HTTPS and block all other addresses. This would only work if the
phones are coming from a Static IP, but I figured i'd give my 2 cents to
Users Mailing List - Non-Commercial Discussion
Subject: Re: [asterisk-users] Auto provisioning from public server
You can provision over a WAN and access-lists or iptables can limit
the networks allowed. Define what level of security you need first.
For further security you can use an inbound
On 10/26/2010 05:40 PM, Matt Desbiens wrote:
I havent had much auto provisioning experience, however, what about
just using IPTables to create an access list essentially for known IPs
to connect via HTTP/HTTPS and block all other addresses. This would
only work if the phones are coming
Hello,
many SIP phones offer you the possibility to provisioning them over a FTP
connection (with username and password).
Regards
- Bakko
--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to
With the new phones with VPNs you can also do a stepped provision
One provisioning service for the vpn and another for the sip that can
only be reached with the vpn. This is advanced stuff so take your
time and learn about the tech.
--
Think about limiting geographically or use a CDN with good controls.
Thank you for your input, but IP-addresses will change, so this would
then become an administrative and time-consuming job...
Jonas.
--
_
--
On 10/26/2010 05:41 PM, Andrew Latham wrote:
You can provision over a WAN and access-lists or iptables can limit
the networks allowed. Define what level of security you need first.
For further security you can use an inbound proxy and check the http
headers for agent identification. This can
On 10/26/2010 05:52 PM, bakko wrote:
Hello,
many SIP phones offer you the possibility to provisioning them over a FTP
connection (with username and password).
Regards
- Bakko
In this case I will want to use Snom phones. TFTP is available, but no
FTP (with indeed then a username and
On Tue, Oct 26, 2010 at 12:06 PM, Jonas Kellens
jonas.kell...@telenet.be wrote:
On 10/26/2010 05:52 PM, bakko wrote:
Hello,
many SIP phones offer you the possibility to provisioning them over a FTP
connection (with username and password).
Regards
- Bakko
In this case I will want to use
snom phones can do http digest authentication...
In this case I will want to use Snom phones. TFTP is available, but no
FTP (with indeed then a username and password). FTP would be great...
Jonas.
--
_
-- Bandwidth and
Hi!
In this case I will want to use Snom phones. TFTP is available, but no FTP
(with indeed then a username and password). FTP would be great...
You could also consider to use the SNOM Redirection Service for
provisioning:
http://wiki.snom.com/PROVISIONING
Remark: TR-69 provisioning
On 26 Oct 2010, at 16:31, Jonas Kellens wrote:
has anyone experience with auto provisioning IP-phones on different locations
through a central public provisioning server ? You use http or https ?
What handset? That's rather what controls your options. Some support HTTPS with
client
21 matches
Mail list logo