Provisioning without endpoint manager

Hi there! How could I set up provisioning without using the endpoint manager? I’m trying to connect Polycom VVX phones. Help is greatly appreciated.

polycoms have a built in web server login admin/456, set one up as you want and download it’s configuration, copy it with revisions and changed name to the macaddress of the other phone, use http or https or ftp or tftp to provision

1 Like

Polycom phones are perhaps the most complicated IP phones to provision. Unless you are doing this on your own time for your own edification I strongly suggest that you license Endpoint Manager.

Everything that @dicko said is correct but it’s just an overview. The whole subject is too
large for a forum post. If you want to get into it, download the Polycom tech bulletins on
provisioning best practices (I think there are two). You’ll also need to download and study
the UCS Admin Guide for your version of UCS.

One FreePBX thing that’s not documented AFAIK: Don’t use the Polycom default
username/password PlcmSpIp * for provisioning server login credentials. FreePBX
automatically locks out that username due to a history of attempts to steal provisioning
files to get endpoint login credentials.

* At least that was the default for Soundpoint IP and UCS 4.0.x and earlier. It may have
changed since.

To expand on what Dicko said.

Put everything in the /tftpboot folder of your FreePBX install., and turn it into a private git repository to let you easily manage the files from anyplace.

Assuming it is over the internet, the only one of these you should use it https.

As the OP is specifically NOT using an EPM then

…FreePBX automatically locks out … PlcmSpIp. . .

Is just random nonsense for at least the OP who would not even need that caution!!.

(Even if Sangoma’s EPM does, caveate, I don’t know if that is so, I’ve never used it :wink: )

I’ve been provisioning Poly’s for years using https with certificates (not shared by any other service on the PBX), pretty well using sed and 'cp` (and R’ingTFM) , so yes, it’s an overview, but it JustWFM and likely will for @jessiemhadaller :slight_smile:

This has nothing to do with Endpoint Manager and you are mistaken. Here is the thread with replies from Andrew Nagy and Rob Thomas RE what you are calling “random nonsense”:
https://community.freepbx.org/t/updating-sangoma-pbx-package-locks-password-for-local-user-account/56359

I don’t doubt it, but you stated very plainly “FreePBX” which is NOT the same as the “Sangoma Distro” Which I neither use. Further, limiting a ‘local user’s name’ while installing has nothing to do with provisioning a phone.

Yes, it applies to FreePBX Distro, and not to FreePBX in general. We don’t know which one the OP is using, though.

When the local username is part of the credentials that a phone needs to log in to the provisioning server, said username is an essential part of provisioning a phone.

Thanks for letting me know that :wink: But the local username would never be part of particularly a Polycom’s phone provisioning unless you went through contortions to force that.

Not all provisioning data comes from provisioning files. In general, it may come from these sources: manual, DHCP options, zero touch provisioning, provisioning files. Provisioning server IP and credentials obviously can’t be in a provisioning file: that would be Catch 22. That still leaves three possible sources. No matter which of those three sources the provisioning server IP and credentials come from, for FreePBX Distro, the username must not be PlcmSpIp.

In the case where the provisioning server and all of the endpoints are on the same switched LAN, the most convenient method for getting provisioning server IP and credentials to the phones is with DHCP Option tftp-server-name. Note that this would be a security risk with a network topology where the DHCP response to the endpoint could be snooped.

I disagree with you

If you care, I will tell you how I do Polycoms, Out Of The Box they will have a password of 456 and a user name of PlcmSpIp and will be asking for ftp as the protocol they will accept an DHCP address.

In your walled garden, you can set up an ftp server with an appropriate login account and a name resolution that resolves the provisioning server locally., in that environment you provide a basic xml file called 000000000000.cfg that will reset the username pass word provisioning server and protocol as you want on a reboot, all without worrying about DHCP options be they insecure or not.

Polycoms do NOT get their ‘provisioning’ from other than those constraints, your family jewels will be in tha later macbeadbeef.cfg file you will generate.

If you have access , you can do the same with

The phones themselves will always prefer any ‘local provisioning’ done over the local webserver

If that is too complicated then you can just plug those three things into the phones web config, I would suggest you add a none standard port “:nnnnn” to the server for added security.

OK, let’s agree to disagree. Over and out.

No prob, but will always be intrigued as to where your phones are getting their credentials from .

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.