TANDBERG D13691.03 user manual Securing the Ldap connection with TLS

Page 29

TANDBERG Border Controller User Manual

To configure the Border Controller to use the LDAP server directory during authentication issue the following commands:

xConfiguration Authentication Mode: On

xConfiguration Authentication Database: LDAPDatabase

The Border Controller needs to be configured with the area of the directory which will be searched for the communication device information. This should be specified as the Distinguished Name (DN) in the directory under which the H.350 objects reside:

xConfiguration Authentication LDAP BaseDN: "Your base DN"

The Border Controller must also be configured with the location of the LDAP server and the security credentials required to gain access to the LDAP server. The following commands are used to configure the LDAP server details:

xConfiguration LDAP Server Address: "ldap server address"

xConfiguration LDAP Server Port: 389

xConfiguration LDAP UserDN: "Your user DN"

xConfiguration LDAP Password: "password"

The status of the connection between the Border Controller and the LDAP server can be verified using the command:

xstatus LDAP

The details of the LDAP server can also be configured via the web interface on the Border Controller Configuration → Gatekeeper page).

5.2.3 Securing the LDAP connection with TLS

The traffic between the Border Controller and the LDAP server can be encrypted using Transport Layer Security (TLS). To use TLS, the LDAP server must have a valid certificate installed so that the Border Controller can verify the server’s identity. For more information on setting up certificates using common LDAP servers, see Appendix B LDAPS uses port 636 as its default communications port.

Using the terminal interface TLS can be enabled with the following command

xConfiguration LDAP Encryption: TLS

TLS can also be enabled via the web interface using the Border Controller Configuration → Gatekeeper page.

The Border Controller will now only communicate with the LDAP server using TLS. To verify the identity of the LDAP server, the certificate of the Certificate Authority (CA) that issued the LDAP server with its certificate must be uploaded to the Border Controller. To install the CAs certificate, navigate to the Border Controller Configuration → Files page and upload the CA certificate as a Trusted CA certificate.

22

Page 28 Page 30
Image 29
Page 28 Page 30
Contents Tandberg Border Controller Disclaimer Trademarks and copyrightEnvironmental Considerations Environmental IssuesTANDBERG’s Environmental Policy Operator Safety Summary Page Contents Software Upgrade Introduction Tandberg Border Controller Overview Unpacking InstallationPrecautions Switching on the System Connecting CablesInstallation site preparations MountingBorder Controller Initial Configuration Page Getting started System AdministrationAdministrator Account Root Account RegistrationNeighbor Gatekeepers Search Order Alternate Border Controllers Call Control Location decision flow diagram Firewall Traversal Bandwidth Control Page Bandwidth Control and Firewall Traversal Bandwidth Control Examples Network Deployment with firewalls Page Registration Restriction Policy Registration ControlAuthentication using an Ldap server AuthenticationAuthentication using a local database Securing the Ldap connection with TLS Creating DNS SRV records URI DialingPage Simple Enterprise deployment Example Traversal deploymentsDialing Public IP addresses Enterprise GatekeepersURI dialing from within the enterprise Neighbored enterprisesPage Making Decisions Based on Addresses Address-switchCall Policy Subfield Location CPL Script ActionsProxy RejectCPL Examples Unsupported CPL ElementsCall screening Selective Call ScreeningCall Redirection Event log format Controlling what is loggedLogging Logged Events Event LevelsDNS 245,NTP,DNS,LDAP Event dataPage YYYY/MM/DD-HHMMSS Remote LoggingUpgrading Using Https Software UpgradeUpgrading Using SCP Page Status Command ReferenceCalls EthernetFeedback Externalmanager11.1.5 IP LdapPipes 11.1.8 NTPRegistrations ResourceUsage11.2 Configuration AuthenticationSystemUnit ZonesGatekeeper Page 11.2.6 IP HTTP/HTTPSLdap Option Key 11.2.9 Log11.2.10 NTP 11.2.15 SSH SessionSnmp Subzones Traversal TelnetTimeZone Zones Command AllowListAdd BootAllowListDelete CheckBandwidthDefaultValuesSet DefaultLinksAddDenyListAdd DenyListDeleteFeedbackDeregister FeedbackRegisterFindRegistration LinkAddOptionKeyDelete OptionKeyAddPipeAdd PipeDeleteHistory Feedback About Other commandsClear EventlogSyslog RelkeyMicrosoft DNS Server Appendix Configuring DNS ServersVerifying the SRV record Bind 8As expected Microsoft Active Directory Appendix Configuring Ldap ServersPrerequisites Adding H.350 objectsSecuring with TLS OpenLDAPInstalling the H.350 schemas Add the H.350 objects Approvals Electrical SafetyEMC Emission Radiated Electromagnetic Interference EMC ImmunityTechnical Specifications Certification Physical DimensionsPower supply References Glossary Index

D13691.03 specifications

The TANDBERG D13691.03 is a cutting-edge communication device that has been designed to meet the rigorous demands of modern business environments. Known for its reliability and versatility, the D13691.03 offers a comprehensive suite of features that enhance collaboration and productivity for organizations seeking seamless communication solutions.

One of the key characteristics of the TANDBERG D13691.03 is its exceptional video quality. Equipped with advanced video codecs, this device provides users with crystal clear HD video, ensuring that every interaction is as lifelike and engaging as possible. The intelligent bandwidth management technology optimizes the video quality based on the available network conditions, allowing for smooth and uninterrupted communication even in less than ideal network scenarios.

In addition to superior video capabilities, the D13691.03 boasts impressive audio technology. With integrated echo cancellation and noise reduction features, users can enjoy natural and clear audio during calls. This ensures that conversations are not only visually effective but also audibly intelligible, allowing for a more immersive communication experience.

Another notable feature of the TANDBERG D13691.03 is its user-friendly interface. Designed with usability in mind, the device comes with a touchscreen interface that simplifies navigation through the various settings and options. Users can easily connect with colleagues, schedule meetings, and access video conferencing features in just a few taps.

Moreover, the D13691.03 supports various connectivity options, including Ethernet and Wi-Fi, providing users with the flexibility to connect to their networks with ease. The device is also compatible with standard video conferencing protocols, making it an ideal solution for organizations that utilize multiple communication platforms.

The D13691.03 has been designed with security in mind, featuring advanced encryption protocols to protect sensitive data during video calls. This ensures that conversations remain confidential and secure, which is crucial for businesses handling proprietary information.

Overall, the TANDBERG D13691.03 stands out as a robust communication solution that enhances the way organizations interact. With its blend of high-quality video and audio capabilities, user-friendly design, and strong security measures, this device is well-equipped to handle the dynamic needs of modern workplaces, facilitating collaboration and driving productivity. Businesses looking to improve their communication infrastructure will find the TANDBERG D13691.03 to be an invaluable addition to their technology arsenal.
Top Page Image Contents