Polycom 1725-31424-001 manual Spnego

Page 26

Deployment Guide for the Polycom CX700 IP Phone

17.

Polycom CX700 phone attempts HTTP request

(Kerberos Auth fails)

 

to download RootCA cert chain using Kerberos

 

 

(SPNEGO)

 

 

 

 

18.

Polycom CX700 phone attempts HTTP request

(Kerberos Auth succeeds)

 

to download RootCA cert chain using Kerberos

 

 

(SPNEGO) w/different key

 

 

 

 

19.

DC streams Base64 certificate chain to Polycom

(URL: /certsrv/certnew.p7b, Using SPNEGO

 

CX700 phone via HTTP

Authentication)

 

 

 

20.

Polycom CX700 phone initiates a TLS

(Client Hello) Note: SHA2 is not supported

 

connection to the pool’s IP address with the

 

 

Ciphers it supports

 

 

 

 

21.

Pool responds with negotiated Cipher spec to

(Server Hello) Note: TLS connection is now

 

complete the TLS handshake

established.

 

 

 

22.

Polycom CX700 phone queries DNS for

(fabrikam.com) Returns IP address of Exchange CAS

 

autodiscover.<SIPDomain> A record

if configured.

 

 

 

23.

Polycom CX700 phone initiates TLS connection

(Used for missed call notification)

 

with Exchange 2007 CAS

 

 

 

 

24.

Polycom CX700 phone sends HTTP 80 POST to

(Payload contains phone vendor info)

 

pool.<DHCPDomain> for

 

 

/RequestHandler/ucdevice.upx

 

Note: This would be an HTTPS 443 POST to

 

 

pool.<DHCPDomain> for

 

 

/RequestHandlerExt/ucdevice.upx for an external

 

 

OCPE device

 

 

 

 

25.

Pool responds with current firmware upgrade

(These values are blank if WMI settings were not

 

version and Internal / External file path info

populated)

 

 

 

<BaseURL> -

 

 

http://pool01.contoso.com/DeviceUpdateFiles_Int/UCPhone/Polycom/CX700/A/ENU/1.0.522.101/CPE

<ExternalBaseURL> -

 

 

https://ocsrp.fabrikam.com/DeviceUpdateFiles_Ext/UCPhone/Polycom/CX700/A/ENU/1.0.522.101/CPE

 

 

26.

Polycom CX700 phone issues an HTTP GET for CPE file if it’s newer than the currently installed version

(HTTP:Request, GET

 

 

/DeviceUpdateFiles_Int/UCPhone/Polycom/CX700/A/ENU/1.0.522.101/CPE/CPE.nbt)

 

 

 

27.

Pool begins streaming CPE.nbt to Polycom

(You will see a lot of TCP traffic)

 

CX700 phone as a binary/octet-stream (approx.

 

 

15MB)

 

 

 

 

28.

Polycom CX700 phone issues one last HTTP Get

(Success!!)

 

and the pool responds with 200 to indicate

 

 

download is complete

 

 

 

 

20

Page 25 Page 27
Image 26
Page 25 Page 27
Contents Deployment Guide for the Polycom CX700 IP Phone Trademark Information About This Guide Deployment Guide for the Polycom CX700 IP Phone Contents Deployment Guide for the Polycom CX700 IP Phone Page Dhcp and the Polycom CX700 IP Phone Dhcp Search OptionsDNS and the Polycom CX700 IP Phone Polycom CX700 Phone QueryingExchange Server 2007 Autodiscover Service NTP Time Provider NTP and the Polycom CX700 IP PhonePolycom CX700 Phone Querying of Exchange Server Server Security Framework Overview Root CA Certificate for the Polycom CX700 Phone Polycom CX700 Phone Certificates Trusted Authorities Cache Vendor Certificate Name Expiry Date Key Length Polycom CX700 Phone on Introduction Assumptions and TerminologyPage Deployment Guide for the Polycom CX700 IP Phone Background \Pool01Data\ClientUpdateStore\DeviceUpdates Page Action Examples / Comments Contoso.com\userAlias instead of just Contoso\userAlias Spnego Polycom CX700 Phone Upgrade Steps Summary Deployment Guide for the Polycom CX700 IP Phone Polycom CX700 Phone Upgrade Steps Details Set Environmental DependenciesConfigure Dhcp DNS Configure Certificates Upload certificate chain Use the Automated Method Page Verify Internal and External Download URLs ?xml version=1.0 ? Response Upgrade Polycom CX700 Phones from 1.0.199.123 to Cab File Deployment Guide for the Polycom CX700 IP Phone Upgrade Polycom CX700 Phones from 1.0.522.101 to Phone will reset and go to the calibration screen Page Deployment Guide for the Polycom CX700 IP Phone Troubleshooting the Polycom CX700 Phone Logs Used for Troubleshooting When to Use Dhcp Option Internal ExternalDeployment Guide Polycom CX700 Configuring Windows Server as an NTP Time Source Net stop w32time && net start w32time Enabling Automatic Certificate Enrollment For Windows Select CN=Configuration,DC=yourDomain,DC=com Deployment Guide Polycom CX700 Confirming the Current Software Version Deployment Guide Polycom CX700
Top Page Image Contents