V7122 Gateway User Guide
349
To install a client certificate:
1
Before continuing, set HTTPSOnly = 0 to ensure you have a method of accessing the
device in case the client certificate doesn’t work. Restore the previous setting after
testing the configuration.
2
Open the ‘Certificates’ screen (
Advanced Configuration
menu >
Security Settings
submenu >
Certificates
option); the ‘Certificates’ screen is displayed (
Figure 110
).
3
To load the Trusted Root Certificate file locate the trusted root certificate loading section.
4
Click
Browse
, navigate to the file, and then click
Send File
.
5
When the operation is completed, set the
ini
file parameter,
HTTPSRequireClientCertificates = 1.
6
Save the configuration (see
Saving Configuration
) and restart the gateway.
When a user connects to the secure Web server:
If the user has a client certificate from a CA listed in the Trusted Root Certificate file, the
connection is accepted and the user is prompted for the system password.
If both the CA certificate and the client certificate appear in the Trusted Root Certificate
file, the user is not prompted for a password (thus providing a single-sign-on experience -
the authentication is performed using the X.509 digital signature).
If the user doesn’t have a client certificate from a listed CA, or doesn’t have a client
certificate at all, the connection is rejected.
•
The process of installing a client certificate on your PC is beyond the scope of
this document. For more information, see your Web browser or operating
system documentation, and/or consult your security administrator.
•
The root certificate can also be loaded using ini file using the parameter
‘HTTPSRootFileName’.
SRTP
The gateway supports Secured RTP (SRTP) according to RFC 3711. SRTP is used to
encrypt RTP and RTCP transport since it is best-suited for protecting VoIP traffic.
SRTP requires a Key Exchange mechanism that is performed according to <draft-ietf-
mmusic-sdescriptions-12>. The Key Exchange is executed by adding a ‘Crypto’ attribute to
the SDP. This attribute is used (by both sides) to declare the various supported cipher suites
and to attach the encryption key to use. If negotiation of the encryption data is successful,
the call is established.
Use the parameter MediaSecurityBehaviour (described in
Security Parameters
) to select the
gateway’s mode of operation: Must or Prefer. These modes determine the behavior of the
gateway if negotiation of the cipher suite fails.
Содержание VCX V7122
Страница 28: ...28 V7122 GatewayUser Guide ...
Страница 39: ...V7122 Gateway User Guide 39 Reader s Notes ...
Страница 40: ...40 V7122 GatewayUser Guide ...
Страница 58: ...58 V7122 GatewayUser Guide Reader s Notes ...
Страница 66: ...66 V7122 GatewayUser Guide Reader s Notes ...
Страница 144: ...144 V7122 GatewayUser Guide Reader s Notes ...
Страница 239: ...V7122 Gateway User Guide 239 Reader s Notes ...
Страница 240: ...240 V7122 GatewayUser Guide ...
Страница 246: ...246 V7122 GatewayUser Guide Reader s Notes ...
Страница 270: ...270 V7122 GatewayUser Guide Reader s Notes ...
Страница 287: ...V7122 Gateway User Guide 287 Reader s Notes ...
Страница 288: ...288 V7122 GatewayUser Guide ...
Страница 294: ...294 V7122 GatewayUser Guide Reader s Notes ...
Страница 300: ...300 V7122 GatewayUser Guide Figure 88 Gateway s Startup Process ...
Страница 315: ...V7122 Gateway User Guide 315 Reader s Notes ...
Страница 316: ...316 V7122 GatewayUser Guide ...
Страница 332: ...332 V7122 GatewayUser Guide Reader s Notes ...
Страница 358: ...358 V7122 GatewayUser Guide Reader s Notes ...
Страница 362: ...362 V7122 GatewayUser Guide Reader s Notes ...
Страница 389: ...V7122 Gateway User Guide 389 Reader s Notes ...
Страница 390: ...390 V7122 GatewayUser Guide ...
Страница 398: ...398 V7122 GatewayUser Guide Reader s Notes ...
Страница 406: ...406 V7122 GatewayUser Guide Reader s Notes ...
Страница 408: ...408 V7122 GatewayUser Guide Reader s Notes ...
Страница 409: ...V7122 Gateway User Guide 409 ...
Страница 419: ...V7122 Gateway User Guide 419 Reader s Notes ...
Страница 437: ...V7122 Gateway User Guide 437 Reader s Notes ...
Страница 452: ...452 V7122 GatewayUser Guide Figure 137 UDP2File Utility ...
Страница 453: ...V7122 Gateway User Guide 453 Reader s Notes ...
Страница 459: ...V7122 Gateway User Guide 459 Reader s Notes ...
Страница 475: ...V7122 Gateway User Guide 475 ...