Local Client Configuration And Registration; Remote Provisioning Of The Spa9000 - Linksys SPA9000 Administrator's Manual

Chapter 1 Using the Linksys Voice System
For detailed information about using the administration web server, refer to the
Administration Web Server" section on page
administration web server, refer to

Local Client Configuration and Registration

SPA9000 provides a TFTP server to assign configuration information to the locally attached client
stations. When the SPA9000 receives a request for /cfg/init_$MA.xml, it automatically assigns the next
available user id (extension number) to the client station. The initial user ID is configured using the PBX
Phone Parameters:<Next Auto User ID> parameter and is automatically incremented each time a new
number is assigned. Before assigning a new user ID, the SPA9000 also checks if there is any registered
client station using that ID and increases the ID until an unused value is found.

Remote Provisioning of the SPA9000

The SPA9000 provides for secure provisioning and remote upgrade. Provisioning is achieved through
configuration profiles transferred to the device via TFTP, HTTP, or HTTPS. User intervention is not
required to initiate or complete a profile update or firmware upgrade.
The SPA9000 can be configured to automatically resync its internal configuration state to a remote
profile periodically and during power up. The automatic resync is controlled by configuring the profile
URL for the device.
The SPA9000 accepts profiles in XML format, or alternatively in a proprietary binary format, which can
be generated by a profile compiler tool available to qualified VoIP vendors and partners from Linksys.
The SPA9000 supports up to 256-bit symmetric key encryption of profiles. For the initial transfer of the
profile encryption key (initial provisioning stage), the SPA9000 can receive a profile from an encrypted
channel (HTTPS with client authentication), or it can resync to a binary profile generated by the
Linksys-supplied profile compiler. In the latter case, the profile compiler can encrypt the profile
specifically for the target SPA9000, without requiring an explicit key exchange.
Remote firmware upgrade is achieved via TFTP or HTTP (firmware upgrades using HTTPS are not
supported). Remote upgrades are controlled by configuring the desired firmware image URL into the
SPA9000 via a remote profile resync.
For further information about remote provisioning refer to the LVS SPA Provisioning Guide.
Document Version 3.01
2-22. For a description of each parameter provided by the
Chapter 6, "SPA9000 Field Reference"
Linksys SPA9000 Administrator Guide
SPA9000 Architecture
"Using the
1-15