i'm just checking how to pre-provision and auto-provision the PAP2 and WRP400 like i have done with the SPA922.
In a fist time i need to know how to modify the configuration file (before encrypting) to put the SIP informations (server, Id, passord).
In a second time i need to modify those informations :
1 - Administrator Password
2 - Web Admin external port
3 - TAG TOS to 204 (0xCC Value) (for example the SPA922 configuration extract :
o SIP_TOS/DiffServ_Value "204" ;
o RTP_TOS/DiffServ_Value "204" ;
4 - Modify codecs to G723 and G729 and this codecs only
5 - Disable the "Silent suppression"
For "standard" customers we don't need to modify point 3 to 5, but modify SIP and RTP informations (the other customers are the Internet by Satellite customers, and to get the QOS we need to modify 1 to 5 points).
-> is it possible for you to give me "standard" information files for those 2 products ?
-> could you please give me the resync pre-configuration file ?
You can use the SPC (SPA Profile Compiler) for each product to generate the sample configuration file in XML (or text for compilation if you prefer this method). The SPC (Windows version) is DOS command based, so when you type in the command, it will give you the option to generate the sample configuration file for the product (and the firmware version associated to the SPC).
Procedure can be summarized as follows:
(1) Download the SPC from Cisco Software Center: http://www.cisco.com/en/US/support/index.html
(2) Open the spc in the DOS command window, e.g. wrp400-1-00-02-spc-win32-i386
(3) Run the command to get the sample file
For XML format: wrp400-1-00-02-spc-win-i386 --sample-xml output_filename.xml
For text format (you need to compile it with SPC after modifications): wrp400-1-00-02-spc-win-i386 --sample-profile output_filename.txt
(4) Modify the text or xml file
(5) If using text format, then you need to compile it again: wrp400-1-00-02-spc-win-i386 source_text_file target_binary_file.cfg
If you need further information on the parameters name, I suggest you check the ATA Admin Guide.
I've done all that you have explained, and generated (encrypted) the .cfg file, and have "invited" the routeur to autoprovision with :
But, the router doesn't reboot, and doesn't take his configuration file ...
Could you please help me to find why ?
ps : as attached file, the resync.html, the .txt non encrypted configuration file, and the .cfg encrypted configuration file.
ps2 : to encrypt : wrp400-1-00-06-spc-win32-i386 --target 001d7ed56f7f output_filename_caf.txt wrp400_001d7ed56f7f.cfg
We are almost there! Some small comments...
** For WRP400 (and please note this applies only to this product), you need to use XML format if you are modifying the data (router) parameters. If you want to still provide "targetting" to your voice part because of privacy, then I suggest you use the Profile B for including the provisioning parameters (in binary) for the voice part. So you will have two files: one for the router part, and another for the voice part. It is designed this way for efficiency purposes, typically the router part is common to all customers, so you dont need to repeat it in all files.
** What SPC did you use for the resync.html file? I suggest, if there is no encryption, to use XML, then you will not have issues with SPC versions missmatch.
So, in summary:
(1) Generate XML file and modify or generate XML (data) and text (voice) files and then compile it.
(2) Generate a resync.xml file with both files in the profile rule.
(3) Apply the command http://[phone IP]/admin/resync?http://spa-update.nordnet.fr/wrp400/resync.xml (assuming the above files are posted in the http server)
for provisioning, we have our provisioning system and:
at first i have TXT file with configuration of WRP400 (source_file.txt)
at second i have secret key for crypt file (ab12cd89)
at third i have SPC tools for WRP400 (wrp400spc.exe)
and use this string
wrp400spc.exe --aes --ascii-key ab12cd89 source_file.txt dest_file.cfg
now i have dest_file.cfg (crypted file)
and in phone i must use this in Profile Rule:
[--key ab12cd89] http://www.provisioning.cz/cfg/dest_file.cfg
Yes, this would work ok, the only suggestion (not mandatory but more elegant) is that you place the key in one of the secure parameters (e.g. "SA"), so that people does not see the key, even if they have the admin password (secure keys cannot be seen on the webUI even with admin rights).
The Provisioning guide explains this with great detail.
i trying your tips for secure key, and one question, where i can find key? via WebAdmin? Or i can set key only from provisioning?
Only from previous provisioning...you need to set the key beforehand...you can use one of the secure general purpose parameters.