V7122 Gateway User Guide
345
SSL/TLS
SSL, also known as TLS, is the method used to secure the gateway’s SIP Signaling
connections, Embedded Web Server and Telnet server. The SSL protocol provides
confidentiality, integrity and authenticity between two communicating applications over
TCP/IP.
Specifications for the SSL/TLS implementation:
Supports transports:
SSL 2.0, SSL 3.0, TLS 1.0
Supports ciphers:
DES, RC4 compatible
Authentication:
X.509 certificates; CRLs are not supported
SIP Over TLS (SIPS)
The gateway uses TLS over TCP to encrypt SIP transport and (optionally) to authenticate it.
To enable TLS on the gateway, set the selected transport type to TLS (SIPTransportType =
2). In this mode the gateway initiates a TLS connection only for the next network hop. To
enable TLS all the way to the destination (over multiple hops) set EnableSIPS to 1. When a
TLS connection with the gateway is initiated, the gateway also responds using TLS
regardless of the configured SIP transport type (in this case, the parameter EnableSIPS is
also ignored).
TLS and SIPS use the Certificate Exchange process described in
Server Certificate
Replacement
and
Client Certificates
. To change the port number used for SIPS transport (by
default 5061), use the parameter, TLSLocalSIPPort.
When SIPS is used, it is sometimes required to use two-way authentication. When acting as
the TLS server (in a specific connection) it is possible to demand the authentication of the
client’s certificate. To enable two-way authentication on the gateway, set the
ini
file
parameter, SIPSRequireClientCertificate = 1. For information on installing a client certificate,
see
Client Certificates
.
Embedded Web Server Configuration
For additional security, you can configure the Embedded Web Server to accept only secured
(HTTPS) connections by changing the parameter HTTPSOnly to 1 (described in
Table 37
).
You can also change the port number used for the secured Web server (by default 443) by
changing the
ini
file parameter, HTTPSPort (described in
Table 37
).
Содержание VCX V7122
Страница 28: ...28 V7122 GatewayUser Guide ...
Страница 39: ...V7122 Gateway User Guide 39 Reader s Notes ...
Страница 40: ...40 V7122 GatewayUser Guide ...
Страница 58: ...58 V7122 GatewayUser Guide Reader s Notes ...
Страница 66: ...66 V7122 GatewayUser Guide Reader s Notes ...
Страница 144: ...144 V7122 GatewayUser Guide Reader s Notes ...
Страница 239: ...V7122 Gateway User Guide 239 Reader s Notes ...
Страница 240: ...240 V7122 GatewayUser Guide ...
Страница 246: ...246 V7122 GatewayUser Guide Reader s Notes ...
Страница 270: ...270 V7122 GatewayUser Guide Reader s Notes ...
Страница 287: ...V7122 Gateway User Guide 287 Reader s Notes ...
Страница 288: ...288 V7122 GatewayUser Guide ...
Страница 294: ...294 V7122 GatewayUser Guide Reader s Notes ...
Страница 300: ...300 V7122 GatewayUser Guide Figure 88 Gateway s Startup Process ...
Страница 315: ...V7122 Gateway User Guide 315 Reader s Notes ...
Страница 316: ...316 V7122 GatewayUser Guide ...
Страница 332: ...332 V7122 GatewayUser Guide Reader s Notes ...
Страница 358: ...358 V7122 GatewayUser Guide Reader s Notes ...
Страница 362: ...362 V7122 GatewayUser Guide Reader s Notes ...
Страница 389: ...V7122 Gateway User Guide 389 Reader s Notes ...
Страница 390: ...390 V7122 GatewayUser Guide ...
Страница 398: ...398 V7122 GatewayUser Guide Reader s Notes ...
Страница 406: ...406 V7122 GatewayUser Guide Reader s Notes ...
Страница 408: ...408 V7122 GatewayUser Guide Reader s Notes ...
Страница 409: ...V7122 Gateway User Guide 409 ...
Страница 419: ...V7122 Gateway User Guide 419 Reader s Notes ...
Страница 437: ...V7122 Gateway User Guide 437 Reader s Notes ...
Страница 452: ...452 V7122 GatewayUser Guide Figure 137 UDP2File Utility ...
Страница 453: ...V7122 Gateway User Guide 453 Reader s Notes ...
Страница 459: ...V7122 Gateway User Guide 459 Reader s Notes ...
Страница 475: ...V7122 Gateway User Guide 475 ...