Hello @Patrick-J,
this is just the Speed Dials
0706134814|curl |1|00|HEADER_OUT: GET /phoneservice/configfiles/000000000000-directory.xml HTTP/1.1
Add them via the Resource Files and it should be able to download.
Please ensure to provide some feedback if this reply has helped you so other users can profit from your experience.
Best Regards
Steffen Baier
Polycom Global Services
If official support is required please check how to phone or open a case here
----------------Sorry - I have lead you astray with the excerpt.
It does not provision using Option 160 but does if I put in the details manually.
Is it a valid test if I paste the URL into a browser?
https://PlcmSpIp:xxxxxxx@rprm-hdvc.greenlnk.net/phoneservice/configfiles/000000000000.cfg
If I do this it asks me to authenticate - even though the username and password are provided inline.
Hello @Patrick-J,
this is getting into support territory now.
I believe using this method with a browser only works for FTP aka the whole URL with username / password.
I suggest you also lower COPY so you see more details.
After this it would be a support ticket of nobody else has any other ideas.
Check => here <= for the RPRM FAQ as it also includes a troubleshooting section.
Please ensure to provide some feedback if this reply has helped you so other users can profit from your experience.
Best Regards
Steffen Baier
Polycom Global Services
If official support is required please check how to phone or open a case here
----------------Steffen
Thank you for your input and yes, I will submit a more detailed log file to support in order to progress.
Hello @Patrick-J,
as I answered the Resellers question in this case I may also share this with the community.
As already explained the URL with the Username and Password embedded only works for FTP but not for HTTP via a browser aka as for example was changed in Chrome:
The same is applicable for other browsers like IE or Edge.
Using FTP with a username / password combination can be seen in a wireshark trace like this:
220-Steffen Baier 220-EMEA T3 Senior Product Support Specialist Team Leader Voice, EMEA Escalatio 220-FileZilla Server 0.9.59 beta 220-written by Tim Kosse (tim.kosse@filezilla-project.org) 220 Please visit https://filezilla-project.org/ USER 580d 331 Password required for 580d PASS test 230 Logged on
Using HTTP instead:
GET /phoneservice/configfiles/0004f275d2a6.cfg HTTP/1.1 Host: 10.252.122.65 Accept: */* User-Agent: FileTransport PolycomVVX-VVX_410-UA/5.8.0.12848 Type/Application HTTP/1.1 401 Unauthorized X-Powered-By: RealPresence Resource Platform Cache-Control: no-store,max-age=0,must-revalidate Pragma: no-cache Expires: Wed, 31 Dec 1969 23:59:59 GMT X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Strict-Transport-Security: max-age=31536000; includeSubDomains; Content-Security-Policy: default-src 'self'; WWW-Authenticate: Basic Transfer-Encoding: chunked Date: Tue, 10 Jul 2018 09:45:31 GMT Server: false 0 GET /phoneservice/configfiles/0004f275d2a6.cfg HTTP/1.1 Authorization: Basic UGxjbVNwSXA6UGxjbVNwSXA= Host: 10.252.122.65 Accept: */* User-Agent: FileTransport PolycomVVX-VVX_410-UA/5.8.0.12848 Type/Application HTTP/1.1 200 OK X-Powered-By: RealPresence Resource Platform Cache-Control: no-store,max-age=0,must-revalidate Pragma: no-cache Expires: Wed, 31 Dec 1969 23:59:59 GMT X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Strict-Transport-Security: max-age=31536000; includeSubDomains; Content-Security-Policy: default-src 'self'; Content-Length: 1643 Date: Tue, 10 Jul 2018 09:45:31 GMT Server: false
Once you look at the transaction at a byte level you can still see the username / password combination:
Hypertext Transfer Protocol GET /phoneservice/configfiles/0004f275d2a6.cfg HTTP/1.1\r\n [Expert Info (Chat/Sequence): GET /phoneservice/configfiles/0004f275d2a6.cfg HTTP/1.1\r\n] [GET /phoneservice/configfiles/0004f275d2a6.cfg HTTP/1.1\r\n] [Severity level: Chat] [Group: Sequence] Request Method: GET Request URI: /phoneservice/configfiles/0004f275d2a6.cfg Request Version: HTTP/1.1 Authorization: Basic UGxjbVNwSXA6UGxjbVNwSXA=\r\n Credentials: PlcmSpIp:PlcmSpIp
If you want a truly "secure" environment you would need to setup a secure staging LAN with only a limited DHCP scope and provision phones individually to provide them a new Username / Password. You could also add 802.1x on top for a fully secure environment.
Or you could use Polycom ZTP which has a fully secure HTTPS connectivity to the Polycom Cloud and make these changes to the Username / Password and them let the Phone connect to your Setup and the DHCP Server only provides the URL.
As the phone talks already HTTPS to the server this is the most secure way.
Best Regards
Steffen Baier
Polycom Global Services
If official support is required please check how to phone or open a case here
----------------