Certificates and Private Key Information | Aastra Telecom REV 06

5i Series IP Phone Release Notes

Features in Release 2.2

Certificates and Private Key Information

•If the certificates and private key are NOT stored in the phone:

—the phone connects to an open unauthenticated VLAN and the certificates are downloaded.

or

—the phone connects using EAP-MD5 to a restricted VLAN and the certificates are downloaded.

•If the certificates and private key ARE stored in the phone, the phone uses them during the authentication process.

•If the phone uses EAP-TLS for successful authentication, after the phone reboots, it downloads the latest certificates and private key files to the phone.

•The private key uses AES-128 to encrypt the private key file.

•Switch Supplicant Mode - The switch supports the following 2 modes:

—Single supplicant - This mode enables the port once any machine connected to this port is authenticated. For security reasons, the IP phone has the option to disable the pass-through port.

—Multiple supplicants - Using this mode, the switch can support multiple clients connected to same port. The switch distinguishes between the clients based on their MAC address.

•Factory default and recovery mode deletes all certificates and private keys, and sets the EAP type to disabled.

You can configure the 802.1x feature on the IP phone using the configuration files, the IP Phone UI, or the Aastra Web UI.

Note: If configuring 802.1x using the IP Phone UI, the certificates and private keys must already be configured and stored on the phone. Use the configuration files or the Aastra Web UI to load certificates and private keys.

RN-001029-00, Rev 06, Release 2.2

77

Image 81

Aastra Telecom REV 06, RN-001029-00 manual Certificates and Private Key Information

Contents

SIP IP Phone Page Contents 136 About this Document General Information Number Feature BroadSoft Interoperability Features Dial Plan Support for Secondary Dial Tone Sip dial plan Example sip dial planLocal Dial Plan DND Account-Based Configuration Account-Based Do Not Disturb DND and Call Forward CfwdAccount Phone Custom DND on Important Notes Configuring DND Using the Configuration Files Example Configuring DND Using the Aastra Web UI DND Key Mode ParameterClick on Basic Settings-Preferences-General Click on Basic Settings-Account Configuration Softkeys 1 and 2 configured for DND Using DND Modes via the IP Phone UI Step Action On the 51iOn the 55i, 57i, and 57i CT DND in Phone Mode Indicates DND OnDND Off DND in Custom Mode Cfwd Account-Based Configuration Features in Release Important Notes Configuring Cfwd Using the Configuration Files Options-Call Forward Configuration Files Call forward key mode Softkey1 type call forward Softkey 2 configured for Cfwd Configuring Cfwd Using the Aastra Web UI Call Forward Key Mode Parameter Account All Busy No Answer Shows 1, 2, 3, etc. only Using Cfwd Modes via the IP Phone UI Cfwd Enabled No Cfwd Phone number ConfiguredCfwd Disasbled Screen Cfwd State Cfwd Number Rings Screen Cfwd No Aastra IP Phone UI Cfwd in Phone Mode 51i Cfwd Mode Enabled Busy Indicates Cfwd Mode All DoneNo Cfwd Phone number Cfwd Mode Configured for Busy NoAns Indicates Cfwd NoAns Done Next RN-001029-00, Rev 06, Release Cfwd Number Cfwd No Aastra IP Phone UI No Cfwd Number Indicates Cfwd Disabled Cfwd All Enabled Cfwd Mode Busy Indicates Cfwd Mode All Indicates DoneNo Cfwd Phone number Configured for Cfwd Mode Busy NoAns Indicates Cfwd NoAns Cfwd Mode Enabled All Off Use To view Cfwd Number Cfwd No Aastra IP Phone UI Number configured Mode Screen IndicatesCall Forward No Cfwd phone Aastra IP Phone UI Change StateNo. Rings Aastra IP Phone UI Cfwd in Phone Mode 55i, 57i, and 57i CT Aastra IP Phone UI Call Forward State Screen Aastra IP Phone UI Account Screen Cfwd in Custom Mode 55i, 57i, and 57i CT Mode Screen Indicates Aastra IP Phone UI Change Aastra IP Phone UI How it works Multicast Group Paging Features in Release Receiving End of Page Using the Configuration Files Configuring Group Paging RTP SettingsDefault Value Range Example Paging group listening Receiving End of Page Using the Aastra Web UI Example Sending End of Page Using the Configuration Files Sending End of Page Using the Aastra Web UI To save your changes Using the Configured Paging Key on the IP Phone Simplified Transfer Using BLF and Speeddial Keys BLF/Xfer and BLF BLF/Xfer Key Requirements and FunctionalityBLF/Xfer and Blind Transfer Calls BLF/Xfer and Call forward Speeddial/Xfer and Speeddial Speeddial/Xfer Key Requirements and FunctionalitySpeeddial/Xfer and Blind Transfer Speeddial/Xfer and Call Forward Top Softkey Parameters Examples Aastra Web UI Xfer or Speeddial/Xfer from the Type field Top Keys Tab 57i example Switch focus to ringing line Configuring Switch Focus to Ringing Line Using Aastra Web UI 802.1x Support Security Features Certificates and Private Key Information Eap type Identity Md5 password Pc port passthrough enabled Parameter IP phone UI Identity 802.1x root and intermediate 802.1x trusted certificates Select Network Settings-Ethernet-Enable PassThru Port Configuring the 802.1x Protocol Using the IP Phone UI Select 802.1x Settings Select 802.1x Mode EAP-MD5 EAP-TLS Aastra IP Phone UI Configuring the 802.1x Protocol Using the Aastra Web UI Click on Advanced Settings-802.1x SupportTo configure EAP-MD5 Localcertificate.pem To configure EAP-TLS Aastra Web UI Improved Configuration File Encryption SIP Notify Triggers an XML Event Example of a SIP Notify with XML Content Example of a SIP Notify without XML Content Sip xml notify event Default Value Range Enabling/Disabling the XML SIP Notify Feature Configuring XML SIP Notify Feature Using the Aastra Web UI Action uri xml sip notify Setting an Action URI XML SIP Notify RTP and Multicast RTP via XML RTPRxipv RTPRxStop RTPRxWhere Ensure that this is a number greater than RTPTxip RTPTxStop RTPTx RTPMRxipv RTPMRx RTPMTxip RTPMTx Text Wrap for XML TextMenu Items 51iText Wrapping Prior to Release Configuring the Text Wrapping Parameter WrapList ExampleNon-Blocking Http Connections Default Value Range Example Parameter Aastra Web UI Configuring Polling Action URI via the Configuration FilesPolling Action URI Action uri poll Action uri poll interval Click on Advanced Settings-Action URI Configuring Polling Action URI via the Aastra Web UI SIP Status on the Network Status Screen SIP Registration Status in Aastra Web UI Line SIP Account Status Registrar Used? Status Condition Desription Http port Https port Configuring Http Port Configuring Http and Https Port Using the IP Phone UIPress Options-Administrator Menu Select Configuration Server-HTTP Settings-HTTP Port Configuring Https Port Click on Advanced Settings-Configuration Server-Settings Configuring Http and Https Port Using the Aastra Web UI 112 Ability to Set Tftp and FTP Path for Configuration Servers Example, ipphone\57i\configfilesTftp path Alternate tftp path Ftp path Alternate tftp path Configuring Tftp and Alternate Tftp Path Configuring a Tftp or FTP Path Using the Aastra Web UI Configuring FTP Path Configuring Tftp Path Configuring a Tftp or FTP Path Using the IP Phone UISelect Configuration Server-TFTP Settings-Primary Tftp Path 55i/57i/57i CT 51i/53i For 55i, 57i, and 57i CT Configuring Alternate Tftp Path Select Configuration Server-FTP Settings-FTP Path Sip local port Sip local tls port Configurable SIP and TLS Source Ports Sip local port Configuring SIP and TLS Source Ports Using the Aastra Web UI Rport Support Sip rport Configuring Rport Using the Configuration Files Rport Configuring Rport Using the Aastra Web UI CMS Support BroadSoft Interoperability Features Http digest username How it Works with the BroadSoft CMS Tool 55i, 57i, and 57i CT Login Screens 51i and 53i Login Screens How it Works on the Phone UI ACD Screen for 55i, 57i, and 57i CT ACD Screen for 132 Sip lineN as-feature-event Click on Advanced Settings-LineN-Advanced SIP Settings Notify response from the server side User Interface DEF07873 Issue Number Description of Fix DEF08852DEF08132 DEF08245 Other Robustness Contacting Aastra Telecom Support Page Page Generic SIP IP Phone Model 5i Series