A
ASTRA
6700
I
SIP T
ERMINALS
FOR
MX-ONE
78
26/1531-ANF 901 14 Uen E10 2014-01-22
means that the phone will setup a TLS session which it will keep as long
as it is registered (logged on). Both the server and the phone will make
use of the session to setup calls. Persistent mutual TLS is referering to
the additional mutuality in the TLS handshake where the server requests
the the client’s signed certificate. Otherwise only the client requests the
servers certificate.
19.3
SRTP
The IP Phones include support for Secure Real-time Transfer Protocol
(SRTP), using Session Description Protocol Security (SDES) key nego-
tiation, for encryption and authentication of RTP/RTCP messages sent
and received by the Aastra IP phones on your network.
The administrator can choose among the following options:
•
SRTP Disabled (default): IP phone generates and receives non
secured RTP calls. If the IP phone gets a call from a SRTP enabled
phone, it ignores SRTP and tries to answer the call using RTP. If
the receiving phone has
SRTP only
enabled, the call fails; however,
if it has SRTP preferred enabled, it will accept RTP calls.
•
SRTP Preferred: IP phone generates RTP secured calls, and
accepts both secured and non-secured RTP calls. If the receiving
phone is not SRTP enabled, it sends non-secured RTP calls
instead.
•
SRTP Only: IP phone generates and accepts SRTP secured calls
only; all other calls are rejected (fail)
SRTP Only: IP phone generates and accepts SRTP secured calls
only; all other calls are rejected (fail).
19.4
How to enable security on 6700i terminals
and MX-ONE
A number measures have to be done in MX-ONE and in the configura-
tion file in the phone.
There is support in MTS for enabling security in MX-ONE and in the
6700i phones.
The steps to enable security are:
1.
MX-ONE: For setup of security and security policy, see operational
directions VoIP Security (82/15431-ANF90114) in the CPI library.
