![background image](http://html1.mh-extra.com/html/3com/vcx-v7122/vcx-v7122_user-manual_440856345.webp)
V7122 Gateway User Guide
345
SSL/TLS
SSL, also known as TLS, is the method used to secure the gateway’s SIP Signaling
connections, Embedded Web Server and Telnet server. The SSL protocol provides
confidentiality, integrity and authenticity between two communicating applications over
TCP/IP.
Specifications for the SSL/TLS implementation:
Supports transports:
SSL 2.0, SSL 3.0, TLS 1.0
Supports ciphers:
DES, RC4 compatible
Authentication:
X.509 certificates; CRLs are not supported
SIP Over TLS (SIPS)
The gateway uses TLS over TCP to encrypt SIP transport and (optionally) to authenticate it.
To enable TLS on the gateway, set the selected transport type to TLS (SIPTransportType =
2). In this mode the gateway initiates a TLS connection only for the next network hop. To
enable TLS all the way to the destination (over multiple hops) set EnableSIPS to 1. When a
TLS connection with the gateway is initiated, the gateway also responds using TLS
regardless of the configured SIP transport type (in this case, the parameter EnableSIPS is
also ignored).
TLS and SIPS use the Certificate Exchange process described in
Server Certificate
Replacement
and
Client Certificates
. To change the port number used for SIPS transport (by
default 5061), use the parameter, TLSLocalSIPPort.
When SIPS is used, it is sometimes required to use two-way authentication. When acting as
the TLS server (in a specific connection) it is possible to demand the authentication of the
client’s certificate. To enable two-way authentication on the gateway, set the
ini
file
parameter, SIPSRequireClientCertificate = 1. For information on installing a client certificate,
see
Client Certificates
.
Embedded Web Server Configuration
For additional security, you can configure the Embedded Web Server to accept only secured
(HTTPS) connections by changing the parameter HTTPSOnly to 1 (described in
Table 37
).
You can also change the port number used for the secured Web server (by default 443) by
changing the
ini
file parameter, HTTPSPort (described in
Table 37
).
Summary of Contents for VCX V7122
Page 28: ...28 V7122 GatewayUser Guide ...
Page 39: ...V7122 Gateway User Guide 39 Reader s Notes ...
Page 40: ...40 V7122 GatewayUser Guide ...
Page 58: ...58 V7122 GatewayUser Guide Reader s Notes ...
Page 66: ...66 V7122 GatewayUser Guide Reader s Notes ...
Page 144: ...144 V7122 GatewayUser Guide Reader s Notes ...
Page 239: ...V7122 Gateway User Guide 239 Reader s Notes ...
Page 240: ...240 V7122 GatewayUser Guide ...
Page 246: ...246 V7122 GatewayUser Guide Reader s Notes ...
Page 270: ...270 V7122 GatewayUser Guide Reader s Notes ...
Page 287: ...V7122 Gateway User Guide 287 Reader s Notes ...
Page 288: ...288 V7122 GatewayUser Guide ...
Page 294: ...294 V7122 GatewayUser Guide Reader s Notes ...
Page 300: ...300 V7122 GatewayUser Guide Figure 88 Gateway s Startup Process ...
Page 315: ...V7122 Gateway User Guide 315 Reader s Notes ...
Page 316: ...316 V7122 GatewayUser Guide ...
Page 332: ...332 V7122 GatewayUser Guide Reader s Notes ...
Page 358: ...358 V7122 GatewayUser Guide Reader s Notes ...
Page 362: ...362 V7122 GatewayUser Guide Reader s Notes ...
Page 389: ...V7122 Gateway User Guide 389 Reader s Notes ...
Page 390: ...390 V7122 GatewayUser Guide ...
Page 398: ...398 V7122 GatewayUser Guide Reader s Notes ...
Page 406: ...406 V7122 GatewayUser Guide Reader s Notes ...
Page 408: ...408 V7122 GatewayUser Guide Reader s Notes ...
Page 409: ...V7122 Gateway User Guide 409 ...
Page 419: ...V7122 Gateway User Guide 419 Reader s Notes ...
Page 437: ...V7122 Gateway User Guide 437 Reader s Notes ...
Page 452: ...452 V7122 GatewayUser Guide Figure 137 UDP2File Utility ...
Page 453: ...V7122 Gateway User Guide 453 Reader s Notes ...
Page 459: ...V7122 Gateway User Guide 459 Reader s Notes ...
Page 475: ...V7122 Gateway User Guide 475 ...