Filter
Top Products
6-15
Cisco IP Phone Models 7905G and 7912G Administrator Guide (SIP)
OL-4277-01
Chapter 6 Configuring the Cisco IP Phone Models 7905G and 7912G Using a TFTP Server
Using Encryption
Step 5 Put the binary file in the root directory on the TFTP server
When the Cisco IP Phone powers up or refreshes, the phone will download this
file as its profile file unless it first finds a phone-specific profile.
If you want to refresh the phone immediately, see the “Refreshing or Resetting the
Cisco IP Phone” section on page 6-17.) If you do not perform a refresh procedure,
the phone will update its configuration the next time it contacts the TFTP server.
Related Topics
• Creating a Phone-Specific Profile, page 6-11
• Using Encryption, page 6-15
• Refreshing or Resetting the Cisco IP Phone, page 6-17
Using Encryption
The EncryptKey parameter encrypts binary files that are transferred over TFTP.
You can change this key for each Cisco IP Phone so that only one specific phone
can decode the information.
By default, the phone-specific profile is not encrypted. If encryption is required,
you must manually configure the phone with the encryption key. Use either the
Profile Encrypt Key parameter on the phone’s Network Configuration menu or the
EncryptKey key parameter in the Network Parameters area on a phone’s web
page.
Note Because the factory-fresh phone cannot accept encrypted configuration files, the
first unencrypted file, if intercepted, can easily be read. (You would still have to
know the data structure format in order to decode the binary information from the
unencrypted file.) Therefore, the new encryption key in the unencrypted file can
be compromised.
When the EncryptKey parameter is set to a nonzero value, the Cisco IP Phone
assumes that the binary configuration file on the TFTP server is to be encrypted
with this key by means of the RC4 cipher algorithm. The phone will use this key
to decrypt the configuration file.