![background image](http://html1.mh-extra.com/html/3com/v6100/v6100_user-manual-manual_3139483337.webp)
V6100 and V7122 User Guide
337
SSL/TLS
SSL, also known as TLS, is the method used to secure the V7122 SIP Signaling
connections, Embedded Web Server and Telnet server. The SSL protocol provides
confidentiality, integrity and authenticity between two communicating applications over
TCP/IP.
Specifications for the SSL/TLS implementation:
Supports
transports:
SSL
2.0, SSL 3.0, TLS 1.0
Supports ciphers:
DES, RC4 compatible
Authentication:
X.509
certificates; CRLs are not supported
SIP Over TLS (SIPS)
The V7122 uses TLS over TCP to encrypt SIP transport and (optionally) to authenticate it. To
enable TLS on the V7122, set the selected transport type to TLS (SIPTransportType = 2). In
this mode the gateway initiates a TLS connection only for the next network hop. To enable
TLS all the way to the destination (over multiple hops) set EnableSIPS to 1. When a TLS
connection with the gateway is initiated, the gateway also responds using TLS regardless of
the configured SIP transport type (in this case, the parameter EnableSIPS is also ignored).
TLS and SIPS use the Certificate Exchange process described in
Server Certificate
Replacement
and
Client Certificates
. To change the port number used for SIPS transport (by
default 5061), use the parameter, TLSLocalSIPPort.
When SIPS is used, it is sometimes required to use two-way authentication. When acting as
the TLS server (in a specific connection) it is possible to demand the authentication of the
client’s certificate. To enable two-way authentication on the V7122, set the
ini
file parameter,
SIPSRequireClientCertificate = 1. For information on installing a client certificate, see
Client
Certificates
.
Embedded Web Server Configuration
For additional security, you can configure the Embedded Web Server to accept only secured
(HTTPS) connections by changing the parameter HTTPSOnly to 1 (described in
Table 44
).
You can also change the port number used for the secured Web server (by default 443) by
changing the
ini
file parameter, HTTPSPort (described in
Table 44
).
Summary of Contents for V6100
Page 28: ...28 V6100 and V7122 User Guide Reader s Notes...
Page 48: ...48 V6100 and V7122 User Guide Reader s Notes...
Page 72: ...72 V6100 and V7122 User Guide Reader s Notes...
Page 80: ...80 V6100 and V7122 User Guide Reader s Notes...
Page 152: ...152 V6100 and V7122 User Guide Reader s Notes...
Page 262: ...262 V6100 and V7122 User Guide Reader s Notes...
Page 284: ...284 V6100 and V7122 User Guide Reader s Notes...
Page 291: ...V6100 and V7122 User Guide 291 Figure 95 V7122 Startup Process...
Page 324: ...324 V6100 and V7122 User Guide Reader s Notes...
Page 354: ...354 V6100 and V7122 User Guide Reader s Notes...
Page 374: ...374 V6100 and V7122 User Guide Reader s Notes...
Page 382: ...382 V6100 and V7122 User Guide Figure 130 Example of a User Information File Reader s Notes...
Page 392: ...392 V6100 and V7122 User Guide Reader s Notes...
Page 409: ...V6100 and V7122 User Guide 409 Reader s Notes...
Page 413: ...V6100 and V7122 User Guide 413 Reader s Notes...
Page 425: ...V6100 and V7122 User Guide 425 Figure 145 UDP2File Utility Reader s Notes...
Page 431: ...V6100 and V7122 User Guide 431 Reader s Notes...
Page 447: ...V6100 and V7122 User Guide 447 Reader s Notes...
Page 483: ...V6100 and V7122 User Guide 483 Reader s Notes...