Showing results for 
Search instead for 
Did you mean: 

Welcome to the Cisco Small Business Community

Have a question? Click on a topic board below to get started in the community.

SPA IP Phone: Extracting Configuration with spacfg.xml


Extracting a Configured Phone's Configuration


If you already have a configured and working phone, you can use the spacfg.xml command to display, in a browser, the phone's configuration. You can use this browser output as input for the xml configuration file. For example: Using Google's Chrome use the following URL:




Copy and paste the contents of the browser into a file named for the MAC address of the phone. For example: spa002584d8d147.xml.


Note: Use the View Source menu option for Internet Explorer and Firefox browsers.


Forcing a Phone to Retrieve a Configuration


At some point in time, you will need to force a previously deployed and operational phone to retrieve a specific configuration. If you have an error in a phone's configuration profile, this is an easy way to direct the phone to the appropriate configuration. The phone will retrieve the configuration and subsequently update its profile rule. Here is how you can achieve this.


Force a phone to update its Provisioning tab > Configuration Profile > Profile Rule.




Rebooting a Remote Phone


It is often more efficient to reboot a phone via the network. This will cause the phone to reboot and request the file specified in its Profile Rule. Here is how to accomplish this:




Note: You cannot force a phone resync if the Admin access has been disabled in a profile.


Note: you cannot factory reset a password protected phone if you do not have its admin password.



Great, but !

How export sip account auth-id / password readable ?


Dan Lukes

No way. Ask your administrator (or Telco operator) for the passwords.

Dan Lukes

Note: if you wish to extract configuration from SPA1xx/SPA2xx devices read Retrieving SPA112 & SPA122 Configuration URL


Hello! I use:


and I receive the following announcement:

405 Method Not Allowed !

What I am doing wrong ?


Thanks for help

Dan Lukes

There's neither xuser nor xpassword parameter mentioned in this document.

Those parameters are used in config retrieval on SPA1x2 which this document is not dedicated to.

Note also the feature request CSCud52670: SPA Phones: No support for xuser and xpassword


That's true. But when I write only 'http://<Phone_IP_Address>/admin/reboot', I receive the login form. After logon, I receive the same effect: 405 Method Not Allowed !

Whether there is some way for reboot SPA112 via network using script language ?

Dan Lukes

This document is dedicated to SPA IP Phones, so it doesn't apply to SPA112 (it is ATA gateway, not SPA IP phone). You didn't mentioned the device model, so I assumed it's an SPA IP phone - which assumption has been wrong. 

I decided not to pollute this document with further unrelated discussion. As your's issue is related to SPA112, create new discussion in ATAs, Gateways and Accessories, please.

Don't forged to mention the firmware of device in question.



I thank for paying attention and the help in solving a problem.

Kind Regards, Wojciech Krakowski

Thanks for this article, the reboot and config extraction are very helpful. However, I can't get the config send to work. After sending that command, the web browser responds with an admin login and password, with none of the passwords I set working. Is there a special password? Are there settings that need to be configured to allow this? Can the .xml file be uploaded from a local file, rather than a server? What would the syntax for that look like?

Thanks for your help!

Dan Lukes
After sending that command

The original article is rather long. Can be more specific, please ? What "that command" of those mentioned in article you have in the mind ?

none of the passwords I set working

It require admin credentials. The same required to log in to WWW UI as administrator (not the just user).

Can the .xml file be uploaded from a local file, rather than a server? 


I'm trying to force the phone to retrieve a configuration, using the http://<Phone_IP_Address>/admin/resync?tftp://<Server_IP_Address>/<new_config> command. I don't have a tftp server, so I used http instead. This successfully uploads the new config file to the phone, but the user and admin passwords are changed to something- not the passwords that were active before. I have no idea what the passwords are, it's nothing I set or any sort of logical default passwords. The phone works with the new config, but I can't use the WWW UI to get into the phone, since the new passwords are unknown. At this point the only thing to do is factory reset the phone, which blows away all configurations and makes the whole process of forcing a configuration rather pointless.

In short, after uploading a new configuration file, what are the passwords?

Dan Lukes
This successfully uploads the new config file to the phone, but the user and admin passwords are changed to something

It's changed to something specified in the configuration file you ordered to retrieve.

NEVER download unknown configurations to your phone. Such configuration may not only change the admin password, but may disable reset to factory defailt at the same time. Your phone may become irreversibly locked with password you don't know. Fortunately, the configuration in question has not disabled the reset to factory default, so you can recover from unknown password.

Moreover, configuration may even turn your phone into dead brick, so you should not import unknown configurations.

Thanks for your quick reply! I should have mentioned that this is not an unknown configuration. The configuration I'm trying to load into the phone is a backup of the phone itself- the configuration is identical. I'm trying to do what a configuration backup is designed for: I configured the phone, then downloaded and saved the configuration. Pretending that the phone's config was corrupted or changed, I upload the saved configuration file back into the same phone. This is when the passwords are changed.

Doing some more testing, it seems that when the phone's config is downloaded and saved, in the XML file, the password fields are "*************", I assume to hide the actual passwords. When uploaded into the phone, this is interpreted by the phone as a literal string, so the password is now "*************, or 13 asterisks. I guess you could get around this by modifying the XML file to remove the 13 asterisks, or change it to the desired password (which would then be visible in the XML file). I'd say that this is a bug. If not a bug, then it's an added step that makes this config backup/restore method somewhat cumbersome.

Dan Lukes

Phone doesn't offer "backup of configuration" service.

Phone can export current configuration, but sensitive values (some passwords and GPP_Sx values) are excluded. It's documented behavior, so it will not be considered bug.

The expected use case is:

1. one common configuration per company, it's provisioned into phone, the source file can be used to recover common configuration of phone anytime

2. per phone configuration file carrying carrying phone specific configuration - like particular SIP account credentials., Such file can be used to recover particular phone.

Casual users are NOT allowed to change admin level of phone's configuration, so those files can be used to recover a phone's configuration.

Exported configuration is here for debugging, not as a backup.

OK, thanks for the clarification!