Before we get into how to define these files, there are a few things that need to be configured on your server. Running the right services on your network will ensure your Polycom sets can autoconfigure from the moment you plug them in. There’s a little work involved here, but we promise that the payoff is worth it. Once you’ve done this a few times, it only really takes a few minutes on each new system, and going forward, it’ll save you a lot of mucking about with web interfaces. When you take your new Polycom phone out of the box, plug it into your network, watch it autoconfigure itself, and then successfully register with your Asterisk machine, you will know the sort of joy that only geeks can experience.*
It’s not really that complicated. Where we think people get confused is in making sense of the various ways this can be achieved, because there are a lot of choices.
DHCP server
Typically, a DHCP server is used to configure basic IP parameters for a device (IP ad- dress, default gateway, and DNS), but the DHCP protocol can actually pass many other parameters. In our case, we want it to pass some information to the sets that will tell them where to download their config files from. Here is a sample config from a Linux DHCP server that will do what is required:
ddns-update-style interim; ignore client-updates; subnet 192.168.1.0 netmask 255.255.255.0 { option routers 192.168.1.1; option subnet-mask 255.255.255.0; option domain-name-servers 192.168.1.1; option ntp-servers pool.ntp.org;
* Typically, it’s at 4 A.M. on the morning of a critical 8 A.M. meeting, after having worked all weekend. Red
Bull is probably the most popular drink of the Asterisk developers. Dr. Pepper would be a close second. Red Bull, anyone?
option time-offset -18000;
range dynamic-bootp 192.168.1.128 192.168.1.254; default-lease-time 21600;
max-lease-time 43200; }
Keep in mind that this assumes that the only things on this network are devices that belong to the phone system (this setup will hand out an IP address to any device that requests it). If you have a more complex environment, you will need to configure the DHCP daemon to handle the various devices it is serving. For example, you might want to devise a scope that restricts IP addresses in your voice LAN to Polycom phones. Since all Polycom IP desk phones have 00:04:f2 as their OUI (Organizationally Unique Iden- tifier), you might choose to restrict scope based on that.
In a Microsoft DHCP environment, the tftp-server-name is referred to as Boot server host name. It is defined under option 66.
The DHCP protocol is far more flexible than is often realized, because in most envi- ronments it is not used for complex provisioning tasks. With a little care and attention, you can devise a DHCP environment that serves both your voice and data devices and greatly simplifies administrative workload when adding new devices.
FTP server
FTP is currently our favorite†way to configure Polycom sets. We would recommend it
over TFTP for any set that allows for both. To install it on your CentOS system, the following command will install VSFTPD, the Very Secure FTP Daemon:
# yum -y install vsftpd
Then, in order to lock things down, we need to prevent anonymous logins with a simple change to the vsftpd config file, /etc/vsftpd/vsftpd.conf:
# anonymous_enable=NO
Restart the server with service vsftpd restart. To ensure that the daemon runs after every reboot, run chkconfig vsftpd on.
Now, we have to create a user account and group for the sets to use. In this case, we will create an account for the Polycom sets:
†FTP is preferred over TFTP due to the ability of a Polycom phone to see timestamps on FTP files. This allows
the phone to avoid redownloading configuration files and firmware updates that it already has—thus shortening boot time.
# groupadd PlcmSpIp
# useradd PlcmSpIp -g PlcmSpIp -p PlcmSpIp # passwd PlcmSpIp
Set the password to PlcmSpIp (the default FTP password for Polycom sets). This can be changed, but will then require manual configuration from each set in order to advise them of their nonstandard credentials.‡
For added security, let’s make sure the FTP server keeps that account in a chroot jail: # echo PlcmSpIp >> /etc/vsftpd/vsftpd.chroot_list
That pretty much does it as far as preparing the operating system to provide the required services to the phones.
In the next few sections we have provided instructions for various popular SIP tele- phones. Choose the section that applies best to the phone that you are planning to use (whether a hard- or soft-phone). You will note that we have given all of these phones the exact same unique identifier. If you plan on installing more than one of them, you will need to ensure that they have unique names, and be sure to update your sip.conf file to include those device definitions.