beautypg.com

Tls support, Tls support -70 – AASTRA 6700i series, 9143, 9480i, 9480i CT SIP Administrator Guide EN User Manual

Page 157

background image

3-70

41-001343-01 Rev 03, Release 3.2.2

TLS Support

The IP Phones support a transport protocol called Transport Layer Security (TLS) and

Persistent TLS

. TLS is a protocol that ensures communication privacy between the SIP phones

and the Internet. TLS ensures that no third party may eavesdrop or tamper with any message. An

Administrator can configure the following parameters for TLS Support.

Parameter

In

IP Phone UI

Parameter in

Aastra Web UI

Parameters in

Configuration Files

Description

N/A

Transport Protocol

sip transport protocol

Specifies the protocol that the RTP port on the IP phone
uses to send out SIP signaling packets. Default is USP.

Notes:
1.

If you set the value of this parameter to 4 (TLS), the

phone checks to see if the “sips persistent tls” is
enabled. If it is enabled, the phone uses Persistent TLS on
the connection. If “sips persistent tls” is disabled, then
the phone uses TLS on the connection. If TLS is used, you
must specify the Root and Intermediate Certificates, the
Local Certificate, the Private Key, and the Trusted
Certificates.
2.

If the phone uses Persistent TLS, you MUST specify

the Trusted Certificates; the Root and Intermediate
Certificates, the Local Certificate, and the Private Key are
optional.

For more information, see Chapter 6, the section,

“Transport Layer Security (TLS)”

on

page 6-26

.

N/A

N/A

sips persistent tls

Enables or disables the use of Persistent Transport Layer
Security (TLS).

Persistent TLS sets up the connection to the server once
and re-uses that connection for all calls from the phone.
The setup connection for Persistent TLS is established
during the registration of the phone. If the phones are set
to use Persistent TLS, and a call is made from the phone,
this call and all subsequent calls use the same
authenticated connection. This significantly reduces the
delay time when placing a call.

Notes:
1.

Persistent TLS requires the outbound proxy server

and outbound proxy port parameters be configured in
either the configuration files or the Aastra Web UI
(Advanced Settings->Global SIP->Basic SIP Network
Settings

). There can be only one persistent TLS

connection created per phone. The phone establishes the
TLS connection to the configured outbound proxy.
2.

If you configure the phone to use Persistent TLS, you

must also specify the Trusted Certificate file to use. The
Root and Intermediate Certificates, Local Certificate, and
Private Key files are optional.

For more information, see Chapter 6, the section,

“Transport Layer Security (TLS)”

on

page 6-26

.

See also other documents in the category AASTRA Accessories communication: