Cisco SPA Provisioning issue

Status
Not open for further replies.
J

junction1153

Member
Jul 15, 2020
52
11
8
33
I am having an issue where Cisco SPA5xx attempts to download the config file, but the proxy/domain, username, password, protocol, and port number variables refuse to get pushed to the Cisco phone. If I navigate to the appropriate URL with chrome/firefox, the file looks perfect.

Anyone have any idea what's going on? I can duplicate this issue on a brand new debian 10 install, with and without http authentication

Cannot reproduce this issue with polycom. have not yet tested other vendors.
 
bcmike

bcmike

Active Member
Jun 7, 2018
326
54
28
53
A couple of simple things to try:

First Cisco SPA phones will not do https provisioning without a special cert, so if your provisioning URL is https it won't work. You need to do http.

Second make sure your phone is getting a good DNS server. This seems obvious but its bit me before.

Other than that the provisioning URL in the documentation should work as described. You'll probably need to modify the templates though as they're a mess.
 
J

junction1153

Member
Jul 15, 2020
52
11
8
33
Thank you. All that was tried. Funny part is that the phone can read the other variables like the dial plan and some other settings. But the registration information refuses to pick up only from the phone. No other possibilities?
 
bcmike

bcmike

Active Member
Jun 7, 2018
326
54
28
53
On the Fusion machine install ngrep and try this:

ngrep -d ens18 port 80 -W byline

Where ens18 is the adapter you're serving the provisioning information from. From there at least you can see what the phone is pulling.
 
J

junction1153

Member
Jul 15, 2020
52
11
8
33
Thanks for your response, please see the result below:

Code: 
interface: ens3 (45.x.x.x/255.255.254.0)
filter: ( port 80 ) and ((ip || ip6) || (vlan && (ip || ip6)))
^Cexit
0 received, 0 matched
root@pbx02:~# ngrep -d ens3 port 80 -W byline
interface: ens3 (45.77.98.0/255.255.254.0)
filter: ( port 80 ) and ((ip || ip6) || (vlan && (ip || ip6)))
####
T CLIENT-IP:15869 -> SERVER-IP:80 [AP] #4
GET /app/provision/?mac=c472956671c9 HTTP/1.1.
Host: demo.pbx02.domain.net:80.
User-Agent: Cisco/SPA504G-7.6.2f (C472956671C9)(CCQ19280CM5).
x-CiscoIPPhoneModelName: SPA504G.
x-CiscoIPPhoneDisplay: 128x64.
x-CiscoIPPhoneSDKVersion: NA.
Connection: close.
.

##
T SERVER-IP:80 -> CLIENT-IP:15869 [AP] #6
HTTP/1.1 401 Authorization Required.
Server: nginx/1.14.2.
Date: Tue, 15 Sep 2020 21:04:28 GMT.
Content-Type: text/html;charset=UTF-8.
Content-Length: 23.
Connection: close.
Set-Cookie: PHPSESSID=mobm3tam1c8hm6qimijhokough; path=/.
Expires: Thu, 19 Nov 1981 08:52:00 GMT.
Cache-Control: no-store, no-cache, must-revalidate.
Pragma: no-cache.
WWW-Authenticate: Digest realm="demo.pbx02.domain.net", qop="auth", nonce="5f612c5ce8a72", opaque="d75624157db9359c06b74ff9f9acb0ab".
.
Authorization Cancelled
#########
T CLIENT-IP:37296 -> SERVER-IP:80 [AP] #15
GET /app/provision/?mac=c472956671c9 HTTP/1.1.
Host: demo.pbx02.domain.net:80.
User-Agent: Cisco/SPA504G-7.6.2f (C472956671C9)(CCQ19280CM5).
Authorization: Digest username="demounits2",realm="demo.pbx02.domain.net",nonce="5f612c5ce8a72",uri="/app/provision/?mac=c472956671c9",algorithm=MD5,qop=auth,nc=00000001,cnonce="98a608b7",response="8fb32d2780c3cc2539c4d8eefc19f425",opaque="d75624157db9359c06b74ff9f9acb0ab".
Connection: close.
.

##
T SERVER-IP:80 -> CLIENT-IP:37296 [A] #17
HTTP/1.1 200 OK.
Server: nginx/1.14.2.
Date: Tue, 15 Sep 2020 21:04:29 GMT.
Content-Type: text/xml; charset=utf-8.
Content-Length: 2873.
Connection: close.
Set-Cookie: PHPSESSID=1m83mo6cr6bq36a0efm9sr6prc; path=/.
Expires: Thu, 19 Nov 1981 08:52:00 GMT.
Cache-Control: no-store, no-cache, must-revalidate.
Pragma: no-cache.
.
<?xml version="1.0" encoding="utf-8"?><flat-profile>



<Proxy_1_ ua="na">:</Proxy_1_>

<Line_Enable_1_ group="Ext_1/General">Yes</Line_Enable_1_>
<Share_Ext_1_ group="Ext_1/Share_Line_Appearance">private</Share_Ext_1_>
<NAT_Mapping_Enable_1_ group="Ext_1/NAT_Settings">Yes</NAT_Mapping_Enable_1_>
<NAT_Keep_Alive_Enable_1_ group="Ext_1/NAT_Settings">Yes</NAT_Keep_Alive_Enable_1_>
<SIP_Transport_1_ group="Ext_1/SIP_Settings"></SIP_Transport_1_>
<SIP_Port_1_ ua="na"></SIP_Port_1_>
<Auth_Resync-Reboot_1_ group="Ext_1/SIP_Settings">Yes</Auth_Resync-Reboot_1_>
<SIP_Remote-Party-ID_1_ group="Ext_1/SIP_Settings">No</SIP_Remote-Party-ID_1_>
<Feature_Key_Sync_1_ group="Ext_1/Call_Feature_Settings">No</Feature_Key_Sync_1_>
<Use_Outbound_Proxy_1_ ua="na">No</Use_Outbound_Proxy_1_>
<Outbound_Proxy_1_ ua="na"></Outbound_Proxy_1_>
<Alternate_Proxy_1_ ua="na">:</Alternate_Proxy_1_>
<Alternate_Outbound_Proxy_1_ ua="na"></Alternate_Outbound_Proxy_1_>
<Use_OB_Proxy_In_Dialog_1_ ua="na">Yes</Use_OB_Proxy_In_Dialog_1_>
<Register_Expires_1_ group="Ext_1/Proxy_and_Registration"></Register_Expires_1_>
<Ans_Call_Without_Reg_1_ group="Ext_1/Proxy_and_Registration">No</Ans_Call_Without_Reg_1_>

<Display_Name_1_ group="Ext_1/Subscriber_Information"></Display_Name_1_>
<User_ID_1_ group="Ext_1/Subscriber_Information"></User_ID_1_>
<Password_1_ group="Ext_1/Subscriber_Information"></Password_1_>
<Preferred_Codec_1_ group="Ext_1/Audio_Configuration">G722</Preferred_Codec_1_>
<Use_Pref_Codec_Only_1_ group="Ext_1/Audio_Configuration">No</Use_Pref_Codec_Only_1_>
<Second_Preferred_Codec_1_ group="Ext_1/Audio_Configuration">Unspecified</Second_Preferred_Codec_1_>
<Third_Preferred_Codec_1_ group="Ext_1/Audio_Configuration">Unspecified</Third_Preferred_Codec_1_>
<G729a_Enable_1_ group="Ext_1/Audio_Configuration">Yes</G729a_Enable_1_>
<G722_Enable_1_ group="Ext_1/Audio_Configuration">Yes</G722_Enable_1_>
<G726-16_Enable_1_ group="Ext_1/Audio_Configuration">Yes</G726-16_Enable_1_>
<G726-24_Enable_1_ group="Ext_1/Audio_Configuration">Yes</G726-24_Enable_1_>
<G726-32_Enable_1_ group="Ext_1/Audio_Configuration">Yes</G726-32_Enable_1_>
<G726-40_Enable_1_ group="Ext_1/Audio_Configuration">Yes</G726-40_Enable_1_>
<Codec_Negotiation_1_ group="Ext_1/Audio_Configuration">List All</Codec_Negotiation_1_>
<Rx_Payload_In_18x_Media_Session_1_ group="Ext_1/Audio_Configuration">Use Local SDP</Rx_Payload_In_18x_Media_Session_1_>
<Release_Unused_Codec_1_ group="Ext_1/Audio_Configuration">Yes</Release_Unused_Codec_1_>
<DTMF_Process_AVT_1_ group="Ext_1/Audio_Configuration">Yes</DTMF_
#
T SERVER-IP:80 -> CLIENT-IP:37296 [AP] #18
Process_AVT_1_>
<Silence_Supp_Enable_1_ group="Ext_1/Audio_Configuration">No</Silence_Supp_Enable_1_>
<DTMF_Tx_Method_1_ group="Ext_1/Audio_Configuration">Auto</DTMF_Tx_Method_1_>
<Dial_Plan_1_ group="Ext_1/Dial_Plan">(*x.|**x.|[2-9]11S0|[2-9]xxxxxxxxx|1xxxxxxxxxx|011x.)</Dial_Plan_1_>
</flat-profile>

#####^Cexit
23 received, 5 matched


And my mac.xml file I dumbed it down for now until I can figure it out:

Code: 
<?xml version="1.0" encoding="utf-8"?>
<flat-profile>

{foreach $keys["line"] as $row}
{if $row.device_key_category == "line"}
{if $row.device_key_type == "line"}
<Extension_{$row.device_key_id}_ group="Phone/Line_Key_{$row.device_key_id}">{$row.device_key_line}</Extension_{$row.device_key_id}_>
<Short_Name_{$row.device_key_id}_ group="Phone/Line_Key_{$row.device_key_id}">{$row.device_key_label}</Short_Name_{$row.device_key_id}_>
<Share_Call_Appearance_{$row.device_key_id}_ group="Phone/Line_Key_{$row.device_key_id}">{if $row.device_key_type == "shared"}shared{else}private{/if}</Share_Call_Appearance_{$row.device_key_id}_>
<Extended_Function_{$row.device_key_id}_ group="Phone/Line_Key_{$row.device_key_id}"/>
{else}
<Extension_{$row.device_key_id}_ group="Phone/Line_Key_{$row.device_key_id}">Disabled</Extension_{$row.device_key_id}_>
<Short_Name_{$row.device_key_id}_ group="Phone/Line_Key_{$row.device_key_id}">{$row.device_key_label}</Short_Name_{$row.device_key_id}_>
<Extended_Function_{$row.device_key_id}_ group="Phone/Line_Key_{$row.device_key_id}">{$row.device_key_value}</Extended_Function_{$row.device_key_id}_>

{/if}
{/if}
{/foreach}


<Proxy_1_ ua="na">{$account.1.server_address}:{$account.1.sip_port}</Proxy_1_>

<Line_Enable_1_ group="Ext_1/General">Yes</Line_Enable_1_>
<Share_Ext_1_ group="Ext_1/Share_Line_Appearance">{if $account.1.shared_line == "shared"}shared{else}private{/if}</Share_Ext_1_>
<NAT_Mapping_Enable_1_ group="Ext_1/NAT_Settings">Yes</NAT_Mapping_Enable_1_>
<NAT_Keep_Alive_Enable_1_ group="Ext_1/NAT_Settings">Yes</NAT_Keep_Alive_Enable_1_>
<SIP_Transport_1_ group="Ext_1/SIP_Settings">{$account.1.sip_transport|upper}</SIP_Transport_1_>
<SIP_Port_1_ ua="na">{$account.1.sip_port}</SIP_Port_1_>
<Auth_Resync-Reboot_1_ group="Ext_1/SIP_Settings">Yes</Auth_Resync-Reboot_1_>
<SIP_Remote-Party-ID_1_ group="Ext_1/SIP_Settings">No</SIP_Remote-Party-ID_1_>
<Feature_Key_Sync_1_ group="Ext_1/Call_Feature_Settings">{$spa_feature_key_sync}</Feature_Key_Sync_1_>
<Use_Outbound_Proxy_1_ ua="na">{if isset($account.1.outbound_proxy_primary)}Yes{else}No{/if}</Use_Outbound_Proxy_1_>
<Outbound_Proxy_1_ ua="na">{$account.1.outbound_proxy_primary}</Outbound_Proxy_1_>
<Alternate_Proxy_1_ ua="na">{$account.1.server_address}:{$account.1.sip_port}</Alternate_Proxy_1_>
<Alternate_Outbound_Proxy_1_ ua="na">{$account.1.outbound_proxy_secondary}</Alternate_Outbound_Proxy_1_>
<Use_OB_Proxy_In_Dialog_1_ ua="na">Yes</Use_OB_Proxy_In_Dialog_1_>
<Register_Expires_1_ group="Ext_1/Proxy_and_Registration">{$account.1.register_expires}</Register_Expires_1_>
<Ans_Call_Without_Reg_1_ group="Ext_1/Proxy_and_Registration">No</Ans_Call_Without_Reg_1_>

<Display_Name_1_ group="Ext_1/Subscriber_Information">{$account.1.display_name}</Display_Name_1_>
<User_ID_1_ group="Ext_1/Subscriber_Information">{$account.1.user_id}</User_ID_1_>
<Password_1_ group="Ext_1/Subscriber_Information">{$account.1.password}</Password_1_>
<Preferred_Codec_1_ group="Ext_1/Audio_Configuration">G722</Preferred_Codec_1_>
<Use_Pref_Codec_Only_1_ group="Ext_1/Audio_Configuration">No</Use_Pref_Codec_Only_1_>
<Second_Preferred_Codec_1_ group="Ext_1/Audio_Configuration">Unspecified</Second_Preferred_Codec_1_>
<Third_Preferred_Codec_1_ group="Ext_1/Audio_Configuration">Unspecified</Third_Preferred_Codec_1_>
<G729a_Enable_1_ group="Ext_1/Audio_Configuration">Yes</G729a_Enable_1_>
<G722_Enable_1_ group="Ext_1/Audio_Configuration">Yes</G722_Enable_1_>
<G726-16_Enable_1_ group="Ext_1/Audio_Configuration">Yes</G726-16_Enable_1_>
<G726-24_Enable_1_ group="Ext_1/Audio_Configuration">Yes</G726-24_Enable_1_>
<G726-32_Enable_1_ group="Ext_1/Audio_Configuration">Yes</G726-32_Enable_1_>
<G726-40_Enable_1_ group="Ext_1/Audio_Configuration">Yes</G726-40_Enable_1_>

<Codec_Negotiation_1_ group="Ext_1/Audio_Configuration">List All</Codec_Negotiation_1_>
<Rx_Payload_In_18x_Media_Session_1_ group="Ext_1/Audio_Configuration">Use Local SDP</Rx_Payload_In_18x_Media_Session_1_>
<Release_Unused_Codec_1_ group="Ext_1/Audio_Configuration">Yes</Release_Unused_Codec_1_>
<DTMF_Process_AVT_1_ group="Ext_1/Audio_Configuration">Yes</DTMF_Process_AVT_1_>
<Silence_Supp_Enable_1_ group="Ext_1/Audio_Configuration">No</Silence_Supp_Enable_1_>
<DTMF_Tx_Method_1_ group="Ext_1/Audio_Configuration">Auto</DTMF_Tx_Method_1_>
<Dial_Plan_1_ group="Ext_1/Dial_Plan">{$spa_dial_plan}</Dial_Plan_1_>
</flat-profile>
 
J

junction1153

Member
Jul 15, 2020
52
11
8
33
Sorry to waste your time, the last 2 days breaking my head and I inputted the completely wrong MAC address on the fusionpbx side.
 
bcmike

bcmike

Active Member
Jun 7, 2018
326
54
28
53
From your ngrep output I was going to ask if you had entered the device because it didn't seem like you where getting any of the contents of the mac specific file . Glad you figured it out.
 
Status
Not open for further replies.
Top Bottom