From 951842aa6fa0a423a115b888845a0a94be92ae6b Mon Sep 17 00:00:00 2001
From: FusionPBX <markjcrane@gmail.com>
Date: Mon, 25 Jan 2021 11:56:13 -0700
Subject: [PATCH] Merge pull request #5741 from nemerald-voip/master

Updated Polycom config with more features and enhanced security. This request also has a fix for Polycom TLS issue for Debian 9 not matching Polycom default ciphers.
---
 .../provision/polycom/6.x/{$mac}.cfg          | 55 ++++++++++++++++++-
 1 file changed, 53 insertions(+), 2 deletions(-)

diff --git a/resources/templates/provision/polycom/6.x/{$mac}.cfg b/resources/templates/provision/polycom/6.x/{$mac}.cfg
index b3888bafb4..bcd08bb267 100644
--- a/resources/templates/provision/polycom/6.x/{$mac}.cfg
+++ b/resources/templates/provision/polycom/6.x/{$mac}.cfg
@@ -53,11 +53,18 @@
 		sec.srtp.require="{$polycom_srtp_require}"
 		{if isset($polycom_root_cert)}sec.TLS.customCaCert.5="{$polycom_root_cert}"{/if}
 		{if isset($polycom_cert_validation)}sec.TLS.SIP.strictCertCommonNameValidation="{$polycom_cert_validation}"{/if}
-		{if isset($polycom_provision_cert_validate)}
+		{if isset($polycom_provision_cert_validate)} 
 		device.sec.TLS.prov.strictCertCommonNameValidation.set ="1" 
 		device.sec.TLS.prov.strictCertCommonNameValidation="{$polycom_provision_cert_validate}"
 		{/if}
+		{if isset($polycom_platform_profile_cipher_suite)} 
+		device.sec.TLS.profile.cipherSuiteDefault1.set="1"
+		device.sec.TLS.profile.cipherSuiteDefault1="0"
+		device.sec.TLS.profile.cipherSuite1.set="1"
+		device.sec.TLS.profile.cipherSuite1="{$polycom_platform_profile_cipher_suite}"
+		{/if}		
 	/>
+
 	<DEVICE_SETTINGS
 		device.set="1"
 		device.baseProfile.set="1"
@@ -91,6 +98,12 @@
 		device.prov.password="{$http_auth_password}"
 		device.prov.tagSerialNo.set="1"
 		device.prov.tagSerialNo="1"
+		device.prov.redunAttemptLimit.set="1"
+		device.prov.redunAttemptLimit="10"
+		device.prov.redunInterAttemptDelay.set="1"
+		device.prov.redunInterAttemptDelay="150"
+		device.prov.abortSWUpgradeAfterFailures.set="1"
+		device.prov.abortSWUpgradeAfterFailures="3"
 		{if isset($polycom_syslog_server)}
 		device.syslog.serverName.set="1"
 		device.syslog.serverName="{$polycom_syslog_server}"
@@ -174,6 +187,7 @@
 	/>
 	<MULTICAST_PAGING
 		ptt.pageMode.enable="{$polycom_page_enable}"
+		ptt.pageMode.group.1.label="Page All"
 	/>
 	<REMOTE_PACKET_CAPTURE
 		diags.pcap.enabled="0"
@@ -183,7 +197,8 @@
 		{if isset($polycom_nat_ip)}
 		nat.ip="{$polycom_nat_ip}"
 		{/if}
-		nat.keepalive.interval="30"
+		{if isset($polycom_keep_alive)}nat.keepalive.interval="{$polycom_keep_alive}"
+		{else}nat.keepalive.interval="30"{/if}
 		voIpProt.SIP.specialEvent.checkSync.alwaysReboot="1"
 		voIpProt.SIP.requestValidation.1.method="{$polycom_request_validation_method}"
 		voIpProt.SIP.requestValidation.1.request="{$polycom_request_validation_request}"
@@ -202,6 +217,9 @@
 		voice.volume.persist.handset="1"
 		voice.volume.persist.handsfree="1"
 		voice.volume.persist.headset="1"
+		voice.volume.persist.usbHeadset="1"
+		voice.volume.persist.bluetooth.headset="1"
+		voice.volume.persist.usb.handsfree="1"
 		feature.nonVolatileRingerVolume.enabled="1"
 		up.headsetMode="{$polycom_headset_mode}"
 		{if isset($polycom_analog_headset_option)}up.analogHeadsetOption="{$polycom_analog_headset_option}"{/if}
@@ -227,6 +245,8 @@
 		msg.mwi.{$row.line_number}.callBackMode="contact"
 		msg.mwi.{$row.line_number}.callBack="{$voicemail_number}"
 		feature.intercom.enable="{$polycom_intercom_enable}"
+		{if isset($polycom_diversion_header)}voIpProt.SIP.header.diversion.enable="{$polycom_diversion_header}"{/if}
+		
 	/>
 	<SOFT_KEYS
 		softkey.1.label="VMTransfer"
@@ -245,4 +265,35 @@
 	<LANGUAGE
 		lcl.ml.lang="{$polycom_display_language}"
 	/>
+	
+	<NETWORK_SETTINGS
+		{if isset($polycom_dns_server)} 
+		device.dns.serverAddress.set="1"
+		device.dns.serverAddress="{$polycom_dns_server}"
+		{/if}
+		{if isset($polycom_dns_alt_server)} 
+		device.dns.altSrvAddress.set="1"
+		device.dns.altSrvAddress="{$polycom_dns_alt_server}"
+		{/if}
+		{if isset($polycom_boot_server_option)}
+		device.dhcp.bootSrvUseOpt.set="1"
+		device.dhcp.bootSrvUseOpt="{$polycom_boot_server_option}"
+		{/if}
+		{if isset($polycom_boot_server_option)}
+		device.dhcp.bootSrvUseOpt.set="1"
+		device.dhcp.bootSrvUseOpt="{$polycom_boot_server_option}"
+		{/if}
+		{if isset($polycom_lldp_enabled)}
+		device.net.lldpEnabled.set="1"
+		device.net.lldpEnabled="{$polycom_lldp_enabled}"
+		{/if}
+		{if isset($polycom_cdp_enabled)}
+		device.net.cdpEnabled.set="1"
+		device.net.cdpEnabled="{$polycom_cdp_enabled}"
+		{/if}
+		{if isset($polycom_dhcp_vlan_discovery)}
+		device.dhcp.dhcpVlanDiscUseOpt.set="1"
+		device.dhcp.dhcpVlanDiscUseOpt="{$polycom_dhcp_vlan_discovery}"
+		{/if}
+	/>
 </PHONE>