Yealink Teams Series Скачать руководство пользователя страница 83

Страница: 83 / 112

| Security Features |

These tools also encrypt the plaintext 16-character symmetric keys using a fixed key, which is the same as the one

built in the phone, and generate new files named as <xx_Security>.enc (xx is the name of the configuration file, for

example, y000000000058_Security.enc for y000000000058.cfg file, account_Security.enc for account.cfg). These

tools generate another new file named as Aeskey.txt to store the plaintext 16-character symmetric keys for each

configuration file.

Configuration Files Encryption and Decryption

Encrypted configuration files can be downloaded from the provisioning server to protect against unauthorized access

and tampering of sensitive information (for example, login passwords, registration information).
For security reasons, you should upload encrypted configuration files, <xx_Security>.enc files to the root directory

of the provisioning server. During auto provisioning, the phone requests to download the boot file first and then

download the referenced configuration files. For example, the phone downloads an encrypted account.cfg file. The

phone will request to download <account_Security>.enc file (if enabled) and decrypt it into the plaintext key (for

example, key2) using the built-in key (for example, key1). Then the phone decrypts account.cfg file using key2. After

decryption, the phone resolves configuration files and updates configuration settings onto the phone system.

Encryption and Decryption Configuration

The following table lists the parameters you can use to configure the encryption and decryption.

Parameter

static.auto_provision.update_file_mode

<y0000000000xx>.cfg

Description

It enables or disables the phone only to download the encrypted files.

Permitted Values

-Disabled, the phone will download the configuration files (for example,

sip.cfg, account.cfg, <MAC>-local.cfg) and <MAC>-contact.xml file from the

server during auto provisioning no matter whether the files are encrypted or

not. And then the phone resolves these files and updates the settings onto the

IP phone system.

-Enabled, the phone will only download the encrypted configuration files

(for example, sip.cfg, account.cfg, <MAC>-local.cfg) or <MAC>-contact.xml

file from the server during auto provisioning, and then resolve these files and

update settings onto the phone system.

Default

Parameter

static.auto_provision.aes_key_in_file

<y0000000000xx>.cfg

Description

It enables or disables the phone to decrypt configuration files using the

encrypted AES keys.

Permitted Values

-Disabled, the phone will decrypt the encrypted configuration files using

plaintext AES keys configured on the phone.

-Enabled, the phone will download <xx_Security>.enc files (for example,

<sip_Security>.enc, <account_Security>.enc) during auto provisioning, and

then decrypts these files into the plaintext keys (for example, key2, key3)

respectively using the phone built-in key (for example, key1). The phone

then decrypts the encrypted configuration files using corresponding key (for

example, key2, key3).

Default

Parameter

static.auto_provision.aes_key_in_file

<y0000000000xx>.cfg

Description

It enables or disables the phone to decrypt configuration files using the

encrypted AES keys.

Содержание Teams Series

Страница 1: ......

Страница 2: ...ork 10 IPv4 and IPv6 Network Settings 10 IP Addressing Mode Configuration 11 IPv4 Configuration 11 IPv6 Configuration 13 DHCP Option for IPv4 16 Supported DHCP Option for IPv4 16 DHCP Option 160 and O...

Страница 3: ...layed Elements of Devices 47 Viewing the Device Details 47 Assigning Configuration Profile to Devices 47 Diagnostic Devices 48 Updating Device Software 48 Restarting Your Devices 48 Configuration Prof...

Страница 4: ...rypting Configuration Files 85 Hybrid Mode 86 Hybrid Mode Configuration 86 SIP Account Registration Configuration 87 Account Codec Configuration 89 Local Directory Configuration 92 Troubleshooting Met...

Страница 5: ...k IP phones 110 Time and Date Issues 110 Display time and date incorrectly 110 Display Issues 110 The phone LCD screen blank 110 The phone displays Offline 110 Firmware and Upgrading Issues 111 Fail t...

Страница 6: ...ide for all regulatory and safety guidance Related Documentations Typographic and Writing Conventions Recommended References Related Documentations The following related documents are available Quick...

Страница 7: ...ion on configuring and administering other Yealink products not included in this guide refer to product support page at Yealink Technical Support To access the latest Release Notes or other guides for...

Страница 8: ...arameters from a DHCPv4 You can configure network parameters of the phone manually if any of them are not supplied by the DHCP server Contacting the Provisioning Server If you configure the phone to o...

Страница 9: ...ttention to the following points Any Open SIP build upgrades to Teams build will be required to apply and import the license Any Teams upgrades to Skype for Business will not need to be required addit...

Страница 10: ...ss http 192 168 1 20 Permitted Values String within 99 characters Default Blank Web UI Security License Import License Phone Network Yealink Teams IP Phones operate on an Ethernet local area network L...

Страница 11: ...s parameter the phone will reboot to make the change take effect IPv4 Configuration The following table lists the parameters you can use to configure IPv4 Parameter static network internet_port type 1...

Страница 12: ...Static IP Subnet Mask Parameter static network internet_port gateway 1 MAC cfg Description It configures the IPv4 default gateway Example static network internet_port gateway 192 168 1 254 Note It wor...

Страница 13: ...ary DNS Phone UI Settings Device Settings Network Admin only default password admin WAN Port IPv4 Type Static IP Sec DNS Or Settings Device Settings Network Admin only default password admin WAN Port...

Страница 14: ...Parameter static network ipv6_prefix 1 MAC cfg Description It configures the IPv6 prefix Note It works only if static network ip_address_mode is set to 1 IPv6 or 2 IPv4 IPv6 and static network ipv6_in...

Страница 15: ...P IPv6 Static DNS Enable Pri DNS Parameter static network ipv6_primary_dns 1 MAC cfg Description It configures the secondary IPv6 DNS server Example static network ipv6_secondary_dns 2026 1234 1 1 c3c...

Страница 16: ...Mask 1 Specify the client s subnet mask Time Offset 2 Specify the offset of the client s subnet in seconds from Coordinated Universal Time UTC Router 3 Specify a list of IP addresses for routers on t...

Страница 17: ...ser_options 1 y0000000000xx cfg Description It configures the custom DHCP option for requesting provisioning server address Multiple DHCP options are separated by commas Note It works only if the valu...

Страница 18: ...n server The name may or may not be qualified with the local domain name based on RFC 2132 See RFC 1035 for character restrictions DHCP Option 12 Hostname Configuration DHCP Option 12 Hostname Configu...

Страница 19: ...trieved from DHCPv6 VLAN The purpose of VLAN configurations on the Teams phone is to insert tag with VLAN information to the packets generated by the phone When VLAN is properly configured for the por...

Страница 20: ...UI Settings Device Settings Network Admin only default password admin LLDP LLDP Status Parameter static network lldp packet_interval 1 y0000000000xx cfg Description It configures the interval in seco...

Страница 21: ...reboot to make the change take effect Manual VLAN Configuration VLAN is disabled on the phones by default You can configure VLAN for the Internet port and PC port manually Before configuring VLAN on...

Страница 22: ...on It enables or disables the VLAN for the PC port Note It works only if static network pc_port enable is set to 1 Auto Negotiation It is not applicable to CP960 Phones Permitted Values 0 Disabled 1 E...

Страница 23: ...option used to request the VLAN ID The following table lists the parameters you can use to configure DHCP VLAN discovery Parameter static network vlan dhcp_enable 1 y0000000000xx cfg Description It en...

Страница 24: ...Fi feature enables you to connect the phones to the organization s wireless network Wi Fi feature is only applicable to VP59 Teams phones Wi Fi Configuration Wi Fi Configuration The following table li...

Страница 25: ...ption It configures the security mode of a specific wireless network Note It works only if static wifi function enable and static wifi enable are set to 1 Enabled Permitted Values NONE WEP WPA WPA2 PS...

Страница 26: ...ifi enable are set to 1 Enabled Permitted Values String within 64 characters Default Blank 1 If you change this parameter the phone will reboot to make the change take effect 2 X is Wi Fi ID X 1 5 Int...

Страница 27: ...ull Duplex 100Mbps 3 Half Duplex 10Mbps 4 Half Duplex 100Mbps 5 Full Duplex 1000Mbps not applicable to CP960 phones Default 0 Web UI Network Advanced Port Link WAN Port Link Parameter static network p...

Страница 28: ...Phones support the following protocols for 802 1X authentication EAP MD5 EAP TLS requires Device and CA certificates requires no password EAP PEAP MSCHAPv2 requires CA certificates EAP TTLS EAP MSCHA...

Страница 29: ...static network 802_1x md5_password admin123 Note It works only if static network 802_1x mode is set to 1 3 4 5 6 or 7 Permitted Values String within 32 characters Default Blank Web UI Network Advance...

Страница 30: ...phones and enables you to store the configuration on the server You can set up a provisioning server on the local area network LAN or anywhere on the Internet Related information Provisioning Phone o...

Страница 31: ...and renaming the boot template file y000000000000 boot For example if your phone MAC address is 00156574B150 rename the template file as 00156574b150 boot lowercase Tip MAC address a unique 12 digit s...

Страница 32: ...configuration files and downloads other model unspecified configuration files 1 Enabled ExcludeMode the phone attempts to download its own model specific configuration files if there is no own model...

Страница 33: ...t start with a prefix static for example phone_setting phone_lock enable You can deploy and maintain a mass of Yealink Teams IP Phones automatically through configuration files stored in a provisionin...

Страница 34: ...he file updates This file enables the users to keep their personalized configuration settings even though the phone performs auto provisioning Note The non static changes that you made before enabling...

Страница 35: ...the configuration template file and create your own configuration files with parameters you want This flexibility is especially useful when you want to apply specific settings to a group of phones Cus...

Страница 36: ...to make any comment in the boot file Resource Files Resource files are optional but if the particular feature is being employed these files are required You need to place resource files on the provis...

Страница 37: ...g Methods Teams IP Phones can be configured using the following methods with your provisioning server Central Provisioning configuration files stored on a central provisioning server Manual Provisioni...

Страница 38: ...ning Phone on the Microsoft Teams Skype for Business Admin Center Manual Provisioning This method enables you to perform configuration changes on a per phone basis Web User Interface Access Phone User...

Страница 39: ...enables or disables the user to access the web user interface of the phone using the HTTP protocol Permitted Values 0 Disabled 1 Enabled Default 1 Web UI Network Advanced Web Server HTTP Phone UI Sett...

Страница 40: ...lect a CFG configuration file from your local system 3 Click Import to import the configuration file Exporting CFG Configuration Files from Phone You can export the phone s configuration file to local...

Страница 41: ...but the Settings Device Settings Admin only option is only available to administrators and requires an administrator password default admin You can configure the phones via phone user interface on a p...

Страница 42: ...Parameter static network attempt_expired_time 1 y0000000000xx cfg Description It configures the timeout interval in seconds to transfer a file for HTTP HTTPS connection Permitted Values Integer from 1...

Страница 43: ...sday 4 Thursday 5 Friday 6 Saturday Default 0123456 Web UI Settings Auto Provision Day of Week Parameter static auto_provision weekly begin_time static auto_provision weekly end_time y0000000000xx cfg...

Страница 44: ...ocol the resulting response may contain option 66 for IPv4 or the custom option if configured that contains the provisioning server address Static You can manually configure the server address via pho...

Страница 45: ...uto_provision server url y0000000000xx cfg Description It configures the access URL of the provisioning server Permitted Values URL within 511 characters Default Blank Web UI Settings Auto Provision S...

Страница 46: ...Teams IP Phones With the device management platform you can customize configuration profiles and update all of your devices that are used Note You can only manage the devices that login with the onlin...

Страница 47: ...igate to Device Manage Devices All device 2 Click the corresponding device name in the All devices list to enter the device details page You can click Details to view software update status or click H...

Страница 48: ...e corresponding device name in the All devices list to enter the device details page 6 Select History and then click Download to download the log file Updating Device Software You can update all softw...

Страница 49: ...United States Chinese_S Simplified PRC Chinese_T Traditional Taiwan French France German Italian Polish Portuguese Portugal Spanish Turkish and Russian are supported by the phone The language configur...

Страница 50: ...erver for a mass of phones Upgrade all device software to the latest version with one click on the Microsoft Teams Skype for Business Admin Center It is only applicable to IP Phones running the Teams...

Страница 51: ...ss URL of the firmware file Example static firmware url http 192 168 1 20 58 15 0 20 rom Permitted Values URL within 511 characters Default Blank Web UI Settings Upgrade Select And Upgrade Firmware 1...

Страница 52: ...sian lang Russian 11 Russian js 11 Russian_note xml Language Display Configuration Language Customization Example Setting a Custom Language for Phone Display Language Display Configuration The default...

Страница 53: ...ist available for phone display by loading language packs to the phone Customizing a Language Pack for Phone Display Custom Language for Phone Display Configuration Customizing a Language Pack for Pho...

Страница 54: ...gures the access URL of the custom language pack for the phone user interface You can also download multiple language packs to the phone simultaneously Permitted Values URL within 511 characters Defau...

Страница 55: ...the desired language template pack for example 1 English js using an ASCII editor 2 Modify the characters within the double quotation marks on the right of the colon Do not modify the translation ite...

Страница 56: ..._lang url y0000000000xx cfg Description It configures the access URL of the custom language pack for the web user interface Permitted Values URL within 511 characters For example http localhost X GUI...

Страница 57: ...n also find a new language selection English_15 and English_16 on the phone user interface Settings Device Settings Language Screen Saver The screen saver will automatically start when the phone is id...

Страница 58: ...ground y0000000000xx cfg Description It configures the background for the screen saver Permitted Values Default jpg 01 png 02 png 03 png 04 png 05 png 06 png 07 png 08 png Default Default jpg Phone UI...

Страница 59: ...alues Integer from 1 to 10 Default 8 Phone UI Settings Device Settings Display Backlight Backlight Active Level Web UI Settings Preference Backlight Backlight Active Level Parameter phone_setting back...

Страница 60: ...es Mountain Time 6 30 Myanmar Naypyitaw 6 Guatemala El Salvador Honduras Nicaragua Costa Rica Belize Canada Manitoba Winnipeg Chile Easter Islands Mexico Mexico City Acapulco United States Central Tim...

Страница 61: ...eirut Moldova Kishinev Romania Bucharest Russia Kaliningrad Syria Damascus Turkey Ankara Ukraine Kyiv Odessa 13 Tonga Nukualofa 3 East Africa Time Iraq Baghdad Russia Moscow 13 30 Chatham Islands 3 30...

Страница 62: ...me ntp_server2 MAC cfg Description It configures the IP address or the domain name of the NTP server 2 If the NTP server 1 is not configured configured by the parameter local_time ntp_server1 or canno...

Страница 63: ...urations exist in the AutoDST file If the DST is set to Automatic the phone obtains the DST configuration from the AutoDST file You can customize the AutoDST file if required The AutoDST file allows y...

Страница 64: ...Integer from 300 to 300 The offset time in minutes of DST Customizing Auto DST File Procedure 1 Open the AutoDST file 2 To add a new time zone add DST szTime szZone iType szStart szEnd szOffset betwe...

Страница 65: ...ice Settings Time Date General Daylight Saving Web UI Settings Time Date Daylight Saving Time Parameter local_time dst_time_type MAC cfg Description It configures the Daylight Saving Time DST type Not...

Страница 66: ...ocal_time summer_time is set to 1 Enabled Permitted Values Month Day Hour DST by Date use the following mapping Month 1 January 2 February 12 December Day 1 the first day in a month 31 the last day in...

Страница 67: ...ate from manual settings Default 0 Web UI Settings Time Date Manual Time Phone UI Settings Device Settings Time Date General Tpye Manual Settings Time and Date Format Configuration You can customize t...

Страница 68: ...four digit year and YY represents a two digit year Default 0 Phone UI Settings Device Settings Time Date Time Date Format Date Format Web UI Settings Time Date Date Format Tones When the phone is in...

Страница 69: ...0xx cfg Description It configures the country tone for the phone Example voice tone country Custom Note It is not applicable to CP960 Phones Permitted Values Custom Australia Austria Brazil Belgium Ch...

Страница 70: ...Saver is enabled on your phone power saving mode will still occur For example if a screen saver is configured to start after the phone has been idle for 5 minutes and power saving mode is configured t...

Страница 71: ...isabled the phone automatically enters the power saving mode to protect the screen when the phone is inactive for 72 hours Image persistence may be caused on LCD 1 Enabled Default 1 Web UI Settings Po...

Страница 72: ...rsday features power_saving office_hour friday features power_saving office_hour saturday features power_saving office_hour sunday y0000000000xx cfg Description It configures the start time and end ti...

Страница 73: ...il Power Light Flash Parameter phone_setting talk_and_dial_power_led_enable y0000000000xx cfg Description It enables or disables the power LED indicator to be turned on when the phone is busy Permitte...

Страница 74: ...features bluetooth_enable is set to 1 On It is not applicable to CP960 phones Permitted Values String within 64 characters Default For T58A Teams IP Phones SIP T58 For T56A Teams IP Phones SIP T56A F...

Страница 75: ...e admin y0000000000xx cfg Description It configures the user name of the administrator for phone s web user interface access Permitted Values String within 32 characters Default admin Parameter static...

Страница 76: ...the access URL of the file which defines 3 level access permissions Permitted Values URL within 511 characters Default Blank Phone Lock You can lock the Teams phone to prevent it from unauthorized us...

Страница 77: ...nd connect to the HTTPS URL for provisioning in a way that is designed to prevent eavesdropping and tampering Yealink Teams IP phones support TLS 1 0 TLS 1 1 and TLS 1 2 Supported Cipher Suites Suppor...

Страница 78: ...e old server certificate will be overridden by the new one The format of the server certificate files must be pem and cer and the maximum file size is 5MB A unique server certificate It is unique to a...

Страница 79: ...ority G3 VeriSign Universal Root Certification Authority ISRG Root X1 Let s Encrypt Authority X1 and Let s Encrypt Authority X2 certificates are signed by the root certificate ISRG Root X1 Baltimore C...

Страница 80: ...to your phone TLS Configuration The following table lists the parameters you can use to configure TLS Parameter static security trust_certificates 1 y0000000000xx cfg Description It enables or disable...

Страница 81: ...ss URL of the custom trusted certificate used to authenticate the connecting server Example static trusted_certificates url http 192 168 1 20 tc crt Note The certificate you want to upload must be in...

Страница 82: ...on files MAC Oriented CFG file MAC cfg Common CFG file y0000000000xx cfg MAC local CFG file MAC local cfg or other custom CFG files for example sip cfg account cfg To encrypt decrypt files you may hav...

Страница 83: ...the parameters you can use to configure the encryption and decryption Parameter static auto_provision update_file_mode y0000000000xx cfg Description It enables or disables the phone only to download t...

Страница 84: ...he downloaded MAC Oriented file is encrypted and the parameter static auto_provision aes_key_16 mac is left blank the phone will try to encrypt decrypt the MAC Oriented file using the AES key configur...

Страница 85: ...file s for example account cfg from your local system in the Select File s field To select multiple configuration files you can select the first file and then press and hold the Ctrl key and select o...

Страница 86: ...ith each other in their groups Note It is not applicable to T55A VP59 Teams phones Hybrid Mode Configuration SIP Account Registration Configuration Account Codec Configuration Local Directory Configur...

Страница 87: ...el to be displayed on the LCD screen Permitted Values String within 99 characters Default Blank Web UI Account Register Label Parameter account X display_name 1 MAC cfg Description It configures the d...

Страница 88: ...xy Y port 1 2 MAC cfg Description It configures the port of the outbound proxy server Y Permitted Values Integer from 0 to 65535 Default 5060 Web UI Account Register Outbound Proxy Server Y Port Param...

Страница 89: ...nteger from 0 to 20 Default 3 Web UI Account Register SIP Server Y Server Retry Counts Parameter account X sip_server Y transport_type 1 2 MAC cfg Description It configures the type of transport proto...

Страница 90: ...When the audio codec is G 722 1c 24kb s the default value is 1 When the audio codec is G 722 1 48kb s the default value is 1 When the audio codec is G722 the default value is 1 When the audio codec i...

Страница 91: ...o codec The name payload_type of the audio codec g722_1c_48kpbs G 722 1c 48kb s g722_1c_32kpbs G 722 1c 32kb s g722_1c_24kpbs G 722 1c 24kb s g722_1_24kpbs G 722 1 24kb s g722 G722 pcmu PCMU pcma PCMA...

Страница 92: ...the audio codec is G723_63 the default value is 0 When the audio codec is Opus the default value is 0 When the audio codec is iLBC the default value is 0 Web UI Account Codec Audio Codec Parameter acc...

Страница 93: ...Log Local Log You can enable local log specify the severity level and choose to keep the log locally or upload the local log files to the provisioning server The local log files can be exported via we...

Страница 94: ...nfiguration Local Log Level Phone UI Settings Device Settings Debug Admin only default password admin Log level Parameter static local_log max_file_size y0000000000xx cfg Description It configures the...

Страница 95: ...60 Note It works only if static auto_provision local_log backup enable is set to 1 Enabled Permitted Values Integer from 30 to 86400 Default 30 Parameter static auto_provision local_log backup path y...

Страница 96: ...on the provisioning server or a specific server Example static auto_provision local_log backup append max_file_size 1025 Permitted Values Integer from 200 to 65535 Default 1024 Parameter static auto_p...

Страница 97: ...you got the correct log through the following key fields 0 emerg 1 alert 2 crit 3 error 4 warning 5 notice 6 info The default local log level is 6 The following figure shows a portion of a boot log f...

Страница 98: ...to log You can also choose to prepend the phone s MAC address to log messages Syslog Logging Configuration Viewing the Syslog Messages on Your Syslog Server Syslog Logging Configuration The following...

Страница 99: ...ransport Type Parameter static syslog level y0000000000xx cfg Description It configures the lowest level of syslog information that displays in the syslog When you choose a log level it includes all e...

Страница 100: ...al use 3 local3 20 local use 4 local4 21 local use 5 local5 22 local use 6 local6 23 local use 7 local7 Default 16 Web UI Settings Configuration Syslog Syslog Facility Parameter static syslog prepend_...

Страница 101: ...ts Normal Export the packets file after stopping capturing Enhanced Export the packets file while capturing Capturing the Packets in Normal Way Capturing the Packets in Enhanced Way Capturing the Pack...

Страница 102: ...file download window and then save the file to your local system Ethernet Software Capturing Configuration You can choose to capture the packets using the Ethernet software in two ways Receiving data...

Страница 103: ...file s to check the current configuration of the phone and troubleshoot if necessary You can also import configuration files for a quick and easy configuration We recommend you to edit the exported C...

Страница 104: ...oblem You can export these files at a time and troubleshoot if necessary The file format of the exported diagnostic file is tar Procedure 1 From the web user interface navigate to Settings Configurati...

Страница 105: ...ubleshooting suggestions but still do not solve the problem Resetting the phone to factory configurations clears the flash parameters removes log files user data and cached data and resets the adminis...

Страница 106: ...the Custom Factory Configuration feature Permitted Values 0 Disabled 1 Enabled Import Factory Configuration item will be displayed on the phone s web user interface at the path Settings Configuration...

Страница 107: ...one 3 Tap OK Rebooting the Phone via Web User Interface Procedure 1 Click Settings Upgrade 2 Click Reboot to reboot the phone The web user interface prompts the message Reboot the system 3 Click OK to...

Страница 108: ...ce Settings Debug Admin only default password admin Screen Capture 2 Enable Screen Capture Capturing the Current Screen of the Phone via Web User Interface Before you begin Before capturing the phone...

Страница 109: ...m Log Issues Password Issues IP Address Issues The IP phone does not get an IP address IP Conflict Specific format in configuring IPv6 on Yealink IP phones The IP phone does not get an IP address Do o...

Страница 110: ...t IPv6 and the format of the access URL of the provisioning server can be tftp IPv6 address or domain name For example if the provisioning server address is 2001 250 1801 1 the access URL of the provi...

Страница 111: ...configuration is applicable to the phone model The configuration may depend on the support from a server System Log Issues Fail to export the system log from a provisioning server FTP TFTP server Fail...

Страница 112: ...Troubleshooting Solutions 112 Restore the administrator password Factory reset can restore the default password All custom settings will be overwritten after reset...

Результаты поиска

Содержание Teams Series

Отзывы:

Похожие инструкции для Teams Series

Бренды по названию

Популярные бренды

Yealink Teams Series, Руководство администратора

Результаты поиска

Содержание Teams Series

Отзывы:

Похожие инструкции для Teams Series

Бренды по названию

Популярные бренды