Avaya one-X 9600 Series страница 14 Скачать руководство пользователя | Manualshive

Страница: 14 / 65

background image

Procedure

1. Install the security gateway in accordance with the vendor’s instructions.

2. Configure authentication credentials to allow users to establish a VPN connection.

Configuring the VPN settings

The administrator can populate the 46xxsettings.txt file with all or some of the settings that are used
to create the VPN tunnels and for authentication, depending on whether or not end users will be
given permission to add/change settings.

Note:

For a detailed list of VPN settings in the 46xxsettings.txt file, see Appendix A: VPN Parameters.

At startup, the phone will attempt to establish a VPN connection using the configured VPN
parameters. Users with permission to do so can view, add, or change the VPN parameters.

Simple Enrollment Certificate Protocol (SCEP)

9600 Series SIP Deskphones support Media Encryption (SRTP) and use built-in Avaya SIP
Certificates for trust management. Trust management involves downloading certificates for
additional trusted Certificate Authorities (CA) and the policy management of those CAs. Identity
management is handled by Simple Certificate Enrollment Protocol (SCEP) with phone certificates
and private keys.

SCEP can apply to your VPN operation or to standard enterprise network operation. SCEP is
described in the

Avaya one-X

®

Deskphone Edition for 9600 Series IP Telephones Administrator

Guide

(Document Number 16-300698), however for ease of VPN setup, the applicable parameters

are also included this guide, in

Appendix A - VPN parameters

on page 49. A few pointers

regarding SCEP follow:

• If the SCEP server is outside of the corporate firewall, telephones connecting to the corporate

network over a VPN connection can be configured to establish the SCEP connection using an
HTTP proxy server to reach the SCEP server. In this instance, use the WMLPROXY system
parameter to configure the HTTP proxy server.

• When SCEP is initiated the telephone will attempt to contact an SCEP server via HTTP, using

the value of the configuration parameter MYCERTURL as the URI.

• SCEP supports the use of an HTTP proxy server.

• The telephone creates a private/public key pair, where each key has a length equal to the

value of the configuration parameter MYCERTKEYLEN. The public key and the values of the
configuration parameters MYCERTCAID, MYCERTCN, MYCERTDN and SCEPPASSWORD
are used in the certificate request.

Configuring the VPN

14

VPN Setup Guide for 9600 Series IP Telephones

March 2015

Comments? [email protected]

«
...
12
13
14
15
16
...
»

Содержание one-X 9600 Series

Страница 1: ...VPN Setup Guide for 9600 Series IP Deskphones Release 3 x and 6 x 16 602968 Issue 2 March 2015 ...

Страница 2: ... whether as stand alone products pre installed on hardware products and any upgrades updates patches bug fixes or modified versions thereto Designated Processor means a single stand alone computing device Server means a Designated Processor that hosts a software application to be accessed by multiple users Instance means a single copy of the Software executing at a particular time i on one physica...

Страница 3: ...ral population uncontrolled environment and must not be co located or operated in conjunction with any other antenna or transmitter Cet appareil est conforme RF du Canada FCC et de l Industrie limites d exposition aux rayonnements électromagnétiques pour la population générale environnement non contrôlé et ne doit pas être co placé ou utilisé conjointement avec une autre antenne ou émetteur Japan ...

Страница 4: ...r is encouraged to try to correct the interference by one or more of the following measures Reorient or relocate the receiving antenna Increase the separation between the equipment and receiver Connect the equipment into an outlet on a circuit different from that to which the receiver is connected Consult the dealer or an experienced radio TV technician for help U S FCC Radiation Exposure Statemen...

Страница 5: ...es for authentication 15 Preparing Avaya Aura Communication Manager 15 Installing the 9600 Series IP deskphone 16 Deploying the VPN ready 9600 Series IP deskphone 16 Chapter 4 Viewing VPN settings 18 Introduction 18 Access using the Avaya A menu 18 VPN settings screen fields 19 Chapter 5 Changing VPN settings 23 Introduction 23 Accessing VPN settings 23 Access using the Avaya A menu 23 Access usin...

Страница 6: ...ion Failed 38 VPN Tunnel Failure 38 Need IKE ID PSK 38 Need phone certificate 39 Invalid Configuration 39 No DNS Server Response 39 Bad Gateway DNS Name 40 Gateway certificate invalid 40 Phone certificate invalid 41 IKE Phase 1 No Response 41 IKE ID PSK invalid 42 IKE Phase 1 failure 42 IKE Phase 2 No Response 42 IKE Phase 2 failure 43 IKE keep alive failure 44 IKE SA expired 44 IPSec SA expired 4...

Страница 7: ...IP Telephones Administrator Guide Document Number 16 300698 Note This guide applies to versions 3 1 and 6 2 of the 9600 Series IP Telephones The content is the same for both versions unless otherwise indicated Note The 9610 IP Telephone is not VPN capable you cannot use it as part of your VPN Intended audience This guide provides network administrator and end user information for a Virtual Private...

Страница 8: ...ng your Communication Manager solution Avaya one X Deskphone Edition for 9600 Series IP Telephones Administrator Guide 16 300698 This document provides a detailed description of how to administer the 9600 Series IP Telephones for use in your Enterprise environment including VPN administration Avaya one X Deskphone Edition for 9600 Series IP Telephones Installation and Maintenance Guide 16 300694 T...

Страница 9: ...rovide a significant improvement of the communications capabilities of SOHO users 9600 Series IP Telephone Release 3 1 provides the capability to implement a VPN in Enterprise networks with third party devices For more information regarding third party devices see Third Party Security Gateways interopability limitations on page 10 Figure 1 illustrates a possible corporate network configuration wit...

Страница 10: ...aft procedures VPN users are assigned a unique VPN password which can be administered to be erased on VPN termination or telephone reset this measure prevents unauthorized users from automatically re establishing a VPN tunnel Users with valid VPN credentials can be prevented from using each other s telephones by setting the NVVPNUSERTYPE parameter to allow the VPN user name to be changed only thro...

Страница 11: ...Exchange IKE and Internet Security Association and Key Management ISAKMP Pre Shared Key PSK with or without XAUTH RSA Rivest Shamir Adleman signatures with or without XAUTH NAT traversal and SCEP Note Refer to Avaya DevConnect for application notes regarding VPN gateways and IP deskphones Vendors who are not Avaya DevConnect Certified are encouraged to contact Avaya and certify through the program...

Страница 12: ...gs The possible VPN configuration methods are Centralized administration of some or all VPN functionality by trained technicians administrators using either the settings file and or the local Craft procedure for VPNs The administered telephone is then passed to the user Remote administration of VPN functionality by users who are either trained in or who have been provided specific documentation to...

Страница 13: ...rocedure Procedure 1 Allow access into and out of the corporate firewall through VPN tunnels see Preparing the Security Gateway on page 13 2 Configure the VPN parameters to meet the configuration parameters for each remote site see Configuring VPN system parameters on page 15 3 If necessary create and administer a new extension on Avaya Aura Communication Manager Release 5 1 or higher For addition...

Страница 14: ...ertificates and private keys SCEP can apply to your VPN operation or to standard enterprise network operation SCEP is described in the Avaya one X Deskphone Edition for 9600 Series IP Telephones Administrator Guide Document Number 16 300698 however for ease of VPN setup the applicable parameters are also included this guide in Appendix A VPN parameters on page 49 A few pointers regarding SCEP foll...

Страница 15: ...ion NVVPNUSER Specifies the user name to use during VPN authentication can be null and entered on the VPN User Name Entry screen NVVPNPSWD Specifies the user s VPN password can initially be null and entered on the VPN Password Entry screen if NVVPNUSER contains a non null value and NVVPNUSERTYPE is set to 1 user can edit the user name NVVPNPSWDTYPE Specifies whether the VPN user password will be s...

Страница 16: ... this value if a remote telephone will also be used within the enterprise environment Deploying the VPN ready 9600 Series IP deskphone Deploy the telephone to the end user When the end user installs the phone in the home network what displays is dependent on the authentication policy you have set up and on the permission you have assigned to VPN users in the VPNPROC parameter Typically users of a ...

Страница 17: ...h these users can use the procedures in Chapter 5 to view settings as well you may also want to provide them with Chapter 4 Viewing VPN Settings to allow them to view the VPN Summary screen instead of the individual filtered screens Chapter 6 User Authentication and VPN Sleep Mode if you have established authentication parameters as covered in Administrative Pre Requisites for Authentication Confi...

Страница 18: ... VPN Settings on page 23 for information Note As a security feature the first time you use your remote phone over the Virtual Private Network or following a telephone reset or reboot you may be asked to identify yourself so that you can be verified as a valid user and your user credentials can be validated Chapter 6 User Authentication and VPN Sleep Mode on page 18 explains the authentication proc...

Страница 19: ...ystem Parameter VPN If 1 the Virtual Private Network is enabled If 0 VPN is disabled NVVPNMODE VPN Vendor Name of the security gateway vendor NVVPNSVENDOR Gateway Address IP address of the VPN security gateway This value allows the telephone to access the VPN tunnel NVSGIP External Phone IP Address External outer IP address of the telephone in VPN mode NVEXTIPADD External Router External outer rou...

Страница 20: ...red and how 1 Password can be alphanumeric and is stored in reprogrammable non volatile memory as the NVVPNPSWD value 2 Password can be alphanumeric and is stored in volatile memory but will be cleared when the phone resets 3 Password can be numeric only and is stored in volatile memory that is cleared immediately after first time password use 4 Password can be alphanumeric and is stored in volati...

Страница 21: ...072 bit MODP Group NVIKEDHGRP IKE Encryption Alg Algorithm 0 Any 1 AES CBC 128 2 3DES CBC 3 DES CBC 4 AES CBC 192 5 AES CBC 256 NVIKEP1ENCALG IKE Auth Alg Authentication algorithm for IKE 0 Any 1 MD5 2 SHA NVIKEP1AUTHALG IKE Config Mode 1 Use the ISAKMP configuration method for setting certain applicable values 2 This setting is turned off disabled because a generic PSK profile is in effect NVIKEC...

Страница 22: ...VIKEP2AUTHALG Protected Network Specifies the IP address range that will use the VPN tunnel If a list the first value of NVIPSECSUBNET IKE over TCP This field displays only if your VPN meets the conditions for displaying IKE Over TCP Specifies whether and when to use TCP as a transport protocol for IKE Never Never use TCP as a transport protocol for IKE Auto Use IKE over UDP first and if that isn ...

Страница 23: ...ion to change settings has been granted by setting the VPNPROC parameter to 2 Invoking the VPN Settings option from the Avaya A Menu or the Home screen for a 9670 using the VPN Access Code if VPNPROC is set to 2 Note All 9600 Series IP Telephones except the 9670G require you to select a line or desired action and press a button softkey to act upon your selection On 9670G IP Telephones all actions ...

Страница 24: ... displays See Viewing the VPN Settings Screen for a description of this screen Access using the VPN special procedure Use this procedure if your administrator has instructed you to use the VPN Special Procedure to update VPN settings The VPN Special Procedure is a series of filtered screens showing settings applicable to your specific VPN setup Procedure 1 At any time following telephone login pre...

Страница 25: ...Related Links Access using the Local Administrative Craft procedure menu on page 24 During normal telephone operation Procedure 1 Invoke the local procedures Craft menu by pressing the Mute button A 6 second timeout is in effect between button presses after pressing the Mute button If you do not press a valid button within 6 seconds of pressing the previous button the collected digits are discarde...

Страница 26: ...nds on the type of security gateway used to connect the telephone to the corporate network and how your Virtual Private Network VPN is administered For example settings information is filtered to show settings applicable to your specific VPN environment Like a PC style wizard settings display on a series of screens the display of which is dependent on the actions you take on the current screen Rel...

Страница 27: ...ou want to change a line containing an IP Address the IP Address screen displays to allow that type of entry After entering text or an IP address press Save to post your entry and return to the previous screen where you can then press the Right Arrow to save your change s and display the next applicable settings screen After changing one or more fields lines on the current screen press the Right A...

Страница 28: ...ode NVVPNAUTHTYPE is This description displays 3 PSK 4 PSK with XAUTH 5 RSA signatures with XAUTH 6 Hybrid XAUTH 7 RSA signatures When the Authorization Type is PSK with XAUTH RSA signatures with XAUTH or Hybrid XAUTH the next screen displayed is the User Credentials screen If the Authorization Type is PSK the next screen displayed is the IKE PSK screen If the Authorization Type is RSA signatures ...

Страница 29: ... other than the above descriptions and the type of authentication NVVPNAUTHTYPE is RSA Signatures with XAUTH or Hybrid XAUTH the IKE Phase 1 screen displays instead If none of those passwords types is applicable the IKE PSK screen displays Changing your VPN password Before you begin The system administrator must give you permission to change your VPN password About this task If you already have a ...

Страница 30: ...lay depending on the value of the NVIKEIDTYPE parameter If the IKE ID Type is 1 IPV4_ADDR displays If the IKE ID Type is 2 FQDN displays If the IKE ID Type is 3 USER_FQDN displays If the IKE ID Type is 9 DER_ASN1_DN displays If the IKE ID Type is 11 KEY_ID displays NVIKEIDTYPE IKE Xchg Mode Aggressive Mode 1 or ID Protect 2 NVIKEXCHGMODE IKE DH Group 1 denotes First Oakley Group 2 denotes Second O...

Страница 31: ... Diffie Hellman Group to be used for establishing the IPsec SA also known as PFS If this value is not 0 a new Diffie Hellman exchange will be initiated for each IKE Phase 2 Quick Mode exchange where the proposed DH group will be as specified by the value of NVPFSDHGRP and the meaning of the values will be the same as those specified above for NVIKEDHGRP NVPFSDHGRP IPsec Encryption Alg The encrypti...

Страница 32: ...IKE Over TCP Specifies whether and when to use TCP as a transport protocol for IKE NVIKEOVERTCP IKE over TCP screen field descriptions If the IKE over TCP NVIKEOVERTCP value is This description displays 0 Never use TCP as a transport protocol form IKE 1 Auto IKE over UDP is tried first if not successful IKE over TCP is used 2 Always use TCP as the transport protocol for IKE VPN text entry screen P...

Страница 33: ...e current setting and a blank area for you to enter the new IP Address 3 Use the dialpad to enter the IP Address as you would on a cellular phone in the following format 0 0 0 0 four numbers separated by decimals with each number being between 0 and 255 Use the asterisk key to enter the decimals 4 Press touch Save to post the entry to the screen from which it came and return to that screen 5 Press...

Страница 34: ...xample text numeric entry uses an on screen keyboard and actions are taken or confirmed by touching the applicable line feature icon or softkey on the screen The procedures that follow apply to non 9670G phones and should be adjusted accordingly for the 9670 s touch screen User Authentication VPN user name entry screen This screen displays to validate the user name or to allow an existing user nam...

Страница 35: ... To accept the current password press touch Enter Authentication of the user name and password occurs and if successful the VPN Tunnel setup screen redisplays If authentication is unsuccessful the VPN Authentication Failure screen displays press touch Continue to reenter the user name and or password 2 To delete the current password and enter a new password press touch Clear to display the VPN Pas...

Страница 36: ...VPN Password value if NVPNPSWDTYPE is 1 or Store the password in volatile memory if NVVPNPSWDTYPE is not 1 Result Authentication of the user name and password occurs If authentication is successful the VPN Tunnel setup screen redisplays press touch Continue to reenter the user name and or password If authentication is unsuccessful the VPN Authentication Failure screen displays Press touch Continue...

Страница 37: ... touch the LightOff softkey at any time to turn off the display backlight regardless of being connected for VPN operation or not When you see the VPN Tunnel Failure screen the right softkey is labeled Sleep Pressing or touching if you have a 9670G phone this softkey turns off the display backlight and displays the message VPN tunnel terminated One softkey Wake Up is available Pressing touching Wak...

Страница 38: ...annot establish a link with the VPN tunnel Resolution Procedure Press Retry to attempt connection again If that fails press Details for more information as to why the VPN tunnel could not be established Need IKE ID PSK Problem description The value of system parameter NVPNAUTHTYPE is 3 or 4 indicating a Pre Shared Key but the value of one or both system parameters NVIKEID or NVIKEPSK is null 38 VP...

Страница 39: ...the phone Resolution Procedure Use SCEP to provision a digital certificate in the phone Invalid Configuration Problem description A configuration problem not covered by the preceding five messages Resolution Procedure Review settings and reconfigure values as needed No DNS Server Response Problem description The DNS server is out of service Need phone certificate March 2015 VPN Setup Guide for 960...

Страница 40: ...ng of the DNS name for the VPN gateway Gateway certificate invalid Problem description The identity certificate presented by the VPN gateway is not valid Resolution Procedure Either Check whether the TRUSTCERTS parameter has been configured with the name of a file that contains a PEM format copy of the Certificate Authority CA certificate that signed the server s identity certificate or Check whet...

Страница 41: ... cause might be that a Phase 1 parameter is not set correctly causing the VPN gateway to ignore the message from the phone Resolution About this task Either the VPN gateway is experiencing difficulties or network congestion is interfering with communication Procedure If that is not the cause check the following IKE Phase 1 parameters for compatibility NVVPNSVENDOR NVVPNAUTHTYPE NVIKEDHGRP NVIKEP1A...

Страница 42: ...tion Procedure Check the following IKE Phase 1 parameters for compatibility NVIKEDHGRP NVIKEP1AUTHALG NVIKEP1ENCALG NVIKEP1LIFESEC Related Links IKE Phase 1 failure on page 42 IKE Phase 2 No Response Problem description A message was not received from the VPN gateway in response to a message sent by the phone Another cause might be that a Phase 2 parameter is not set correctly causing the VPN gate...

Страница 43: ...AUTHTYPE NVIKEDHGRP NVIKEP2AUTHALG NVIKEP2ENCALG NVIKEP2LIFESEC Related Links IKE Phase 2 No Response on page 42 IKE Phase 2 failure Problem description An IKE Security Association could not be established between the phone and the VPN gateway Resolution Procedure Check the following IKE Phase 2 parameters for compatibility NVIKEDHGRP NVIKEP2AUTHALG NVIKEP2ENCALG NVIKEP2LIFESEC IKE Phase 2 failure...

Страница 44: ... Security Association was not renewed Resolution Procedure Check the security policy configured in the VPN gateway to ensure that it supports renewals for the desired interval IPSec SA expired Problem description The IPSec Security Association was not renewed Resolution Procedure Check the security policy configured in the VPN gateway to ensure that it supports renewals for the desired interval Tr...

Страница 45: ...ver Insert ing title Procedure 1 Check to be sure that the following parameters are configured properly MYCERTURL MYCERTCAID MYCERTCN MYCERTDN SCEPPASSWORD MYCERTKEYLEN 2 If the SCEP server is outside the corporate firewall also check WMLPROXY Next steps If the parameters are properly configured check that the applicable server is setup and running properly VPN tunnel terminated March 2015 VPN Set...

Страница 46: ...lly ensures that related settings are correct Table 1 Security Gateway System Parameters Supported Device as set by the administrator System Parameter Values set automatically Checkpoint Security Gateway NVVPNCFGPROF 2 Sets the following values to NVIKECONFIGMODE 1 NVIKEID Null String NVIKETYPE 11 NVIKEOVERTCP 1 NVIKEXCHANGEMODE 2 NVVPNAUTHTYPE 6 NVVPNSVENDOR 3 Cisco PSK with XAUTH NVVPNCFGPROF 3 ...

Страница 47: ...ues to NVIKECONFIGMODE 1 NVIKEID Null String NVIKETYPE 9 NVIKEXCHANGEMODE 1 NVVPNAUTHTYPE 5 NVVPNSVENDOR 1 Nortel Contivity NVVPNCFGPROF 11 Sets the following values to NVIKECONFIGMODE 11 NVIKEID Null String NVIKETYPE 11 NVIKEXCHANGEMODE 1 NVVPNAUTHTYPE 3 NVVPNSVENDOR 5 Any Security Device Generic with Preshared Key PSK NVVPNCFGPROF 6 Sets the following values to NVIKECONFIGMODE 2 NVIKEID Null Str...

Страница 48: ...me for EXTIPADD will be set to the value of option 59 if received If the value of NVVPNMODE is 1 and the value of VPNACTIVE is 1 the values of the following parameters will be set based on the fields and options received in the DHCPACK message converting from binary to ASCII as necessary The parameters TLSSRVR and HTTPSRVR will be set to the value of the siaddr field if and only if the siaddr fiel...

Страница 49: ... HTTPSRVR Null IP Address es or DNS Name s of HTTP file servers used to download telephone files Dotted decimal or DNS format separated by commas 0 255 ASCII characters including commas MYCERTCAID CAIdentifier Certificate Authority Identifier to be used in a certificate request 0 to 255 ASCII characters MYCERTCN SERIALNO Common Name of the Subject of a certificate request 0 to 255 ASCII characters...

Страница 50: ...nted or rejected or until a response is received indicating that the request is pending for manual approval NORTELAUTH 1 Specifies user authentication method for Nortel security gateways 1 ASCII numeric digit Valid values are 1 Local credentials 2 RADIUS credentials 3 RADIUS SecurID 4 RADIUS Axent NVHTTPSRVR 0 0 0 0 VPN and non VPN HTTP file server IP addresses used to initialize HTTPSRVR the next...

Страница 51: ...P and NVIPSECSUBNET will be set from received value s of INTERNAL_IP4_SUBNET 2 Disable turn off this setting because a generic PSK profile is in effect NVIKEDHGRP 2 Specifies the Diffie Hellman Group to be used for establishing the IKE SA 1 or 2 ASCII numeric digits Valid values are 1 First Oakley Group 2 Second Oakley Group 5 1536 bit MODP Group 14 2048 bit MODP Group 15 3072 bit MODP Group For m...

Страница 52: ...UDP first and if that isn t valid use IKE over TCP 2 Always use TCP as the transport protocol for IKE NVIKEP1AUTHALG 0 Specifies the authentication algorithm to use during IKE Phase 1 negotiation 1 ASCII numeric digit Valid values are 0 Any 1 MD5 per RFC 2403 2 SHA per RFC 2404 NVIKEP1ENCALG 0 Specifies the encryption algorithm to use during IKE Phase 1 negotiation 1 ASCII numeric digit Valid valu...

Страница 53: ...1 3 DES CBC per RFC 2405 4 AES CBC 192 per RFC 3602 5 AES CBC 256 per RFC 3602 NVIKEP2LIFESEC 432000 Specifies the IKE SA lifetime in seconds 3 to 8 ASCII numeric digits Valid values are 600 through 15552000 NVIKEPSK Null Specifies the pre shared key to be used during IKE Phase 1 negotiation also called the group password in XAUTH Zero to 30 ASCII characters NVIKEXCHGMODE 1 Specifies the IKE Phase...

Страница 54: ... bit MODP Group 15 3072 bit MODP Group For more information see Section 4 in RFC 3526 NVSGIP Null VPN security gateway IP addresses 0 to 255 ASCII characters zero or more IP addresses in dotted decimal or DNS name format separated by commas without any intervening spaces NVTLSSRVR 0 0 0 0 VPN and non VPN HTTPS file server IP addresses used to initialize TLSSRVR the next time the phone starts up 0 ...

Страница 55: ...ecifies port numbers used for IKE and IPsec UDP encapsulation and support for NAT traversal 1 ASCII numeric digit Valid values are 0 Procedures for the negotiation of NAT traversal will be supported as specified in IETF RFC 3947 except that IKE negotiation will begin with a source port of 2070 instead of 500 and that source port will continue to be used unless the source and destination port numbe...

Страница 56: ...rce and destination port numbers that were used during the final phase of IKE NVVPNMODE 0 Specifies whether VPN is supported 1 ASCII numeric digit Valid values are 0 VPN is not supported 1 VPN is supported See DHCPACK Messages for additional information NVVPNPSWD Null User password for VPN If the user password can be stored in NV memory see NVVPNPSWDTYPE below it is stored as the value of NVVPNPSW...

Страница 57: ... VPN Sleep Mode and when the telephone resets NVVPNSVENDOR 4 Specifies the IKE implementation to use 1 ASCII numeric digit Valid values are 1 Juniper PSK with XAUTH or Juniper Cert with XAUTH 2 Cisco PSK with XAUTH or Cisco Cert with XAUTH 3 Checkpoint Security Gateway 4 Generic PSK 5 Nortel Contivity See VPN configuration profiles on page 46for information on automatically set parameters based on...

Страница 58: ...II numeric digits Valid values are 80 through 65535 TLSSRVRID 1 Controls whether the identity of a TLS server is checked against its certificate 1 ASCII numeric digit Valid values are 1 Provides additional security by checking to verify that the server certificate s DNS name matches the DNS name used to contact the server 0 Certificate is not checked against the DNS name used to contact the server...

Страница 59: ... VPN procedure at all in view only mode or in view modify mode 1 ASCII numeric digit Valid values are 0 User cannot access VPN settings information 1 The user can view the VPN Settings Screen but cannot change VPN settings 2 User has the ability to view and change VPN settings VPNTTS 0 Turns off Time to Service TTS support when a VPN gateway may not allow TTS functionality to work Valid values are...

Страница 60: ...tion process the public key goes through to determine if the claim of the subject is correct and depends on the level of certification and the CA Digital Signature A digital signature is an encrypted digest of the file being signed The file can be a message a document or a driver program The digest is computed from the contents of the file by a one way hash function such as MD5 or SHA 1 and then e...

Страница 61: ...s it is often used to encrypt a symmetric session key that is then used by a less computationally intensive algorithm to encrypt protocol data during a session You can also use RSA for authentication by creating a digital signature for which the private key of the sender is used for encryption and the public key of the sender is used for decryption RTP Real time Transport Protocol Provides end to ...

Страница 62: ...ers to procedures in deskphone software that are specific to the call server with which the software is to be used TCP IP Transmission Control Protocol Internet Protocol a network layer protocol used on LANs and internets TFTP Trivial File Transfer Protocol used to provide downloading of upgrade scripts and application files to certain IP telephones TLS Transport Layer Security an enhancement of S...

Страница 63: ...ring telephone startup 25 Current password accepting 36 Accepting the current password 36 Customer support 8 D Data changing 26 Changing data 26 DHCPACK messages 48 Documentation online 8 related 8 E Entering new VPN user name 35 F Functionality time to service 48 G Gateway certificate invalid 40 General VPN settings 27 Generic authentication type screen 28 I IKE 42 44 SA expired 44 IKE ID PSK inv...

Страница 64: ...ral 27 VPN text entry 32 VPN user name entry 34 Security Gateway preparing 13 Settings viewing 19 VPN 19 Simple enrollment certificate protocol 14 Sleep mode VPN 37 Supported third party security gateways 10 T Third party security gateways supported 10 Time to service 48 U User authentication 34 User credentials screen 28 User name accepting 35 V Viewing the VPN settings screen 19 Viewing VPN sett...

Страница 65: ...m parameters configuring 15 VPN text entry screen 32 VPN tunnel failure 38 terminated 45 VPN user name entry screen 34 Index March 2015 VPN Setup Guide for 9600 Series IP Telephones 65 Comments infodev avaya com ...

Отзывы:

Нет отзывов

Похожие инструкции для one-X 9600 Series

Yealink SIP-T22P

Бренд: Yealink Страницы: 4

Yealink SIP-T22P

Бренд: Yealink Страницы: 2

Бренд: Yealink Страницы: 12

Бренд: Yealink Страницы: 8

Yealink SIP-T21P

Бренд: Yealink Страницы: 144

Yealink SIP-T41P

Бренд: Yealink Страницы: 178

Бренд: Icemobile Страницы: 21

Бренд: Archos Страницы: 75

Бренд: FutureCall Страницы: 11

Бренд: Proolin VoIP Tech Страницы: 25

Бренд: Sony Ericsson Страницы: 75

Бренд: NTT docomo Страницы: 211

Бренд: Samsung Страницы: 126

Бренд: Samsung Страницы: 119

Бренд: Zte Страницы: 91

AQUOS ZETA SH-01G

Бренд: NTT docomo Страницы: 106

Бренд: GENERAL MOBILE Страницы: 107

Бренд: Plum Mobile Страницы: 18

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды