×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Spa50xg extention mobility url

Answered Question
Mar 26th, 2013
User Badges:

Dear,
I will use in ours environement of 40 cisco spa504g "extention mobility".
When i activate "EM" in the admin page of cisco spa, i have a "login" button and i can put "user and password" in the screen of the phone.

But when i submit, i dont know where this data is send !

Can i provide a URL somewhere in the phone that send "login data" to a url on a webserver ?
All our phone have the last firmware.

Regards

Sent from Cisco Technical Support iPad App

Correct Answer by Dan Lukes about 4 years 4 months ago

You are welcome. If you feel your's question answered, then mark the thread as solved. It doesn't mean the thread is blocked against new messages, it's used as flag announcing "here you can found answer" to others.


According the URL you mentioned - keep in the mind the . It apply to fw 7.5.4 as well. The bug in question is announced to be patched in future 7.5.5.

Correct Answer by Dan Lukes about 4 years 4 months ago

I said no word about PBX. The Profile_rule points to the provisioning server which is any TFTP or FTP or HTTP or HTTPS server you wish. For example, we are using open-source Apache powered with PHP on our network.


I have make a webserver for provide somme service to cisco spa, i can do like "extension mobility"..simply by click to directory, some menu after, you put login/pass who call a php script and i force resync the phone with ciscoiphoneexecute and the good xml profile.


OK, but it's your proprietary implementation of feature you named "extension mobility". It has nothing to do with "extension mobility" as implemented by SPA device. You can create your own XML soft-key, you can name it 'login', but you can't use embedded "login" soft-key as it's dedicated for SPA flavor of "extension mobility", not your's priprietary implementation ...


Well, I'm not sure why you are trying to reimplement the feature already implemented, but there may be legitimate reason not clear to me.


I will try to capture with wireshak and see where go the credential.. I think he go to the proxy (pbx) and i think cisco spa and drayek have some missmatch data somewhere.


I tried to explain it to you already. There is no "defalt magic destination" where the credentials are sent.

Credentials are NOT sent to the PBX. The credentials are sent to provisioning server according your's Profile_rule configuration. Either as HTTP Digest authentication or embedded into URL. If you will not modify the Profile_Rule to be based on the credentials, then credentials will be sent to nowhere. Feel free to verify my claims by wireshark. The extension mobility is not documented in details, so there may be something I missed. If you will found something new, share it, please.

Correct Answer by Dan Lukes about 4 years 4 months ago

As far as I know, you can't. After you hit the 'login' button, the device will ask for provisioning. You can use $EMS, $MUID, ... and some other variables as part of Profile_rule to deliver informations to provisioning server. It's the provisioning server sovereignty to process the information and deliver configration based on user supplied name and password to device.


You can use variables for HTTP Digest Authentication as well.


Read 's description here:



Note:

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (3 ratings)
Loading.
Correct Answer
Dan Lukes Tue, 03/26/2013 - 08:56
User Badges:
  • Red, 2250 points or more
  • Cisco Designated VIP,

    2017 Small Business

As far as I know, you can't. After you hit the 'login' button, the device will ask for provisioning. You can use $EMS, $MUID, ... and some other variables as part of Profile_rule to deliver informations to provisioning server. It's the provisioning server sovereignty to process the information and deliver configration based on user supplied name and password to device.


You can use variables for HTTP Digest Authentication as well.


Read 's description here:



Note:

hanefi.turkoz Tue, 03/26/2013 - 13:28
User Badges:

Thanks Dan, i see i little more with your advice.

My problem js that i dont use a cisco pbx,, i use a draytek ippbx 3510.
I have make a webserver for provide somme service to cisco spa, i can do like "extension mobility"..simply by click to directory, some menu after, you put login/pass who call a php script and i force resync the phone with ciscoiphoneexecute and the good xml profile.

I will try to capture with wireshak and see where go the credential.. I think he go to the proxy (pbx) and i think cisco spa and drayek have some missmatch data somewhere.

Regards
Sent from Cisco Technical Support iPad App

Correct Answer
Dan Lukes Tue, 03/26/2013 - 15:16
User Badges:
  • Red, 2250 points or more
  • Cisco Designated VIP,

    2017 Small Business

I said no word about PBX. The Profile_rule points to the provisioning server which is any TFTP or FTP or HTTP or HTTPS server you wish. For example, we are using open-source Apache powered with PHP on our network.


I have make a webserver for provide somme service to cisco spa, i can do like "extension mobility"..simply by click to directory, some menu after, you put login/pass who call a php script and i force resync the phone with ciscoiphoneexecute and the good xml profile.


OK, but it's your proprietary implementation of feature you named "extension mobility". It has nothing to do with "extension mobility" as implemented by SPA device. You can create your own XML soft-key, you can name it 'login', but you can't use embedded "login" soft-key as it's dedicated for SPA flavor of "extension mobility", not your's priprietary implementation ...


Well, I'm not sure why you are trying to reimplement the feature already implemented, but there may be legitimate reason not clear to me.


I will try to capture with wireshak and see where go the credential.. I think he go to the proxy (pbx) and i think cisco spa and drayek have some missmatch data somewhere.


I tried to explain it to you already. There is no "defalt magic destination" where the credentials are sent.

Credentials are NOT sent to the PBX. The credentials are sent to provisioning server according your's Profile_rule configuration. Either as HTTP Digest authentication or embedded into URL. If you will not modify the Profile_Rule to be based on the credentials, then credentials will be sent to nowhere. Feel free to verify my claims by wireshark. The extension mobility is not documented in details, so there may be something I missed. If you will found something new, share it, please.

hanefi.turkoz Tue, 03/26/2013 - 17:37
User Badges:

Dan,

Tilt ... Your have pointed my error...many thanks ;)
I have never put something in : Profile_rule
Now, i think understand the mecanisme of that.
Now my goal :
Set "EM" to yes
Set Profile_Rule to http://myapache/cisco/spa/em.php?userid=$EMS And maybe other data
My em.php
$id = $_GET['userid'];
echo file_get_contents($id .'.xml');

I think, i am now in the right way.

Regarda

Sent from Cisco Technical Support iPad App

Correct Answer
Dan Lukes Tue, 03/26/2013 - 17:47
User Badges:
  • Red, 2250 points or more
  • Cisco Designated VIP,

    2017 Small Business

You are welcome. If you feel your's question answered, then mark the thread as solved. It doesn't mean the thread is blocked against new messages, it's used as flag announcing "here you can found answer" to others.


According the URL you mentioned - keep in the mind the . It apply to fw 7.5.4 as well. The bug in question is announced to be patched in future 7.5.5.

hanefi.turkoz Wed, 03/27/2013 - 08:47
User Badges:

Dan,

Thanks ;)
Now i have anoter view of the extension mobility and provisioning

Regards
Sent from Cisco Technical Support iPad App

Actions

This Discussion