Configuration File Guide; Guidelines For The Mac-Specific Configuration File; Securing Configuration Files With Aes Encryption - VTech VSP725 Administrator And Provisioning Manual

Configuration File Guide

All configuration settings are initially stored in a configuration template file. Copy,
rename, and edit the template file to create a general configuration file and the MAC-
specific configuration files you will need. You can store the general configuration file
and the MAC-specific files on your provisioning server.
Do not modify the header line that includes the model and firmware version.
To save yourself time and effort, consider which settings will be common to all (or
the majority of) phones. Such settings might include Call settings, language, and
programmable feature key settings. You can then edit those settings in the
configuration template and save it as the general configuration file. The remaining
settings will make up the MAC-specific configuration file, which you will have to copy
and edit for each phone.

Guidelines for the MAC-Specific Configuration File

The phone downloads the MAC-specific configuration file after the Main configuration
file. You must create a MAC-specific configuration file for each phone in your system.
The file name must contain the phone's MAC address, which is printed on a label on
the back of the phone, or available on the MENU > Status > Product Info screen.
For example, a VTech VSP725 phone with the MAC address of 00:11:A0:10:6F:2D
would download the VSP725_0011A0106F2D.cfg file.
NOTE: When renaming a MAC-specific configuration file, ensure the filename is all
upper case.
The MAC-specific configuration file contains settings intended exclusively for that
phone. Such settings will include SIP account settings such as display name, user ID,
authentication ID, and voicemail mailbox ID.

Securing Configuration Files with AES Encryption

You can encrypt your configuration files to prevent unauthorized users modifying the
configuration files. The phone firmware decrypts files using the AES 256 algorithm.
After encrypting a file and placing it on your provisioning server, you can enable the
phone to decrypt the file after fetching it from the server.
The procedures in this section use OpenSSL for file encryption. The illustration
provided shows OpenSSL for Windows.
To decrypt a configuration file, you will need a 16-character AES key that you specified
when you encrypted the file. The key (or passphrase) is limited to 16 characters and
supports special characters ~^`%!&-_+=|.@*:;,?()[]{}<>/\# as well as spaces.
NOTE: The encryption of configuration files is supported only for the auto
provisioning process. Encrypt files only if you intend to store them on a provisioning
server. Do not encrypt files that you intend to manually import to the phone. You
cannot enable decryption for manually imported configuration files.
To encrypt a configuration file:
1. (Optional) Place your configuration file in the same folder as the openssl
executable file. If the configuration file is not in the same folder as the openssl
executable file, you can enter a relative pathname for the [infile] in the next step.
2. On the openssl command line, type:
enc -aes-256-cbc -pass pass:[passphrase123456] -in [infile] -out [outfile] -nosalt -p
VSP725 Administrator and Provisioning Manual
78 Provisioning Using Configuration Files