Zero-touch autoprovisioning (recommended)

Zero-touch autoprovisioning (recommended)

You are here:
Estimated reading time: 1 min.

Axeos PBX 4.0 supports zero-touch autoprovisioning for Yealink and Snom SIP phones, greatly reducing installation time.

PBX Address

Please check the PBX Address setting in menu Communication/Phones/Global Settings and if neccessary choose an address (dns must resolve).


If you want a phone to be zero-touch provisioned you need to set vendor auto-provisioning to ‘on’ in the phone (Communication/Phones), choose the phone type and enter the phone device MAC address.

Settings (zero-touch provisioning)

You can enable/disable zero-touch provisioning in Communication/Provisioning through Setttings.

You can enable or disable auto-provisioning by setting this option on/off Provisioning host (the pbx IP or pbx hostname).

Secure provisioning host CA list: currently snom and yealink are supported.

Snom phone firmware caveats

  • Please be aware that the TLS implementation is broken in Snom firmware In order to use provisioning we recommend upgrading your Snom devices to at least
  • If you wish to use V10 Snom firmware, you will need to upgrade to Axeos PBX release 4.1.9 (available soon).
    • As of firmware version 10, Snom has decided to force server identity verification. This verification cannot be disabled because that would create a security weakness for the Snom Phones. The phone will reject all secure connections from peers offering an unknown certificate that could not be verified by one of the built-in CAs of the Snom phone, or one that is uploaded as a custom certificate and set as an exception.
      • Let’s Encrypt or e.g. Comodo DST root certificates are built-in in the v10 firmware, so you use Let’s Encrypt or Comodo certificates in the vpbx all is expected to work well. Most commonly used CAs are okay.
      • Self-signed pbx certificates are uploaded to the Snom device in our provisioning process as a custom certificate and set as an exception.
    • Snom V10 firmware uses a different equipment certificate which we included in 4.1.9 to properly zero-touch provision Snom devices that run v10 firmware.
Was this article helpful?