OL-11524-01 | Cisco Systems 7970G guide

Chapter 1 An Overview of the Cisco Unified IP Phone

Understanding Security Features for Cisco Unified IP Phones

•Configure PC Port—The 802.1X standard does not take into account the use of VLANs and thus recommends that only a single device should be authenticated to a specific switch port. However, some switches (including Cisco Catalyst switches) support multi-domain authentication. The switch configuration determines whether you can connect a PC to the phone’s PC port.

–Enabled—If you are using a switch that supports multi-domain authentication, you can enable the PC port and connect a PC to it. In this case, Cisco Unified IP Phones support proxy EAPOL-Logoff to monitor the authentication exchanges between the switch and the attached PC. For more information about IEEE 802.1X support on the Cisco Catalyst switches, refer to the Cisco Catalyst switch configuration guides at: http://www.cisco.com/en/US/products/hw/switches/tsd_products_suppo rt_category_home.html

–Disabled—If the switch does not support multiple 802.1X-compliant devices on the same port, you should disable the PC Port when 802.1X authentication is enabled. See the “Security Configuration Menu” section on page 4-33for more information. If you do not disable this port and subsequently attempt to attach a PC to it, the switch will deny network access to both the phone and the PC.

•Configure Voice VLAN—Because the 802.1X standard does not account for VLANs, you should configure this setting based on the switch support:

–Enabled—If you are using a switch that supports multi-domain authentication, you can continue to use the voice VLAN.

–Disabled—If the switch does not support multi-domain authentication, disable the Voice VLAN and consider assigning the port to the native VLAN. See the “Security Configuration Menu” section on page 4-33for more information.

•Enter MD5 Shared Secret—If you disable 802.1X authentication or perform a factory reset on the phone, the previously configured MD5 shared secret is deleted. See the “802.1X Authentication and Status” section on page 4-42for more information.

		Cisco Unified IP Phone Administration Guide for Cisco Unified CallManager 5.1 (SIP), Cisco Unified IP Phones

1-20		OL-11524-01
1-20		OL-11524-01

Image 54

Cisco Systems 7970G manual OL-11524-01

Contents

Cisco Unified IP Phones 7970G/7971G-GE Page Page Page N T E N T S Products Adding Phones with Cisco Unified CallManager Administration Vii Disabling a Headset Viii Customizing and Modifying Configuration Files Configuring a Custom Background Image Troubleshooting and Maintenance Monitoring the Voice Quality of Calls Xii Xiii Xiv Overview Audience Organization Xvi Cisco Unified IP Phones 7970G/7971G-GE Cisco Unified CallManager AdministrationRelated Documentation Xvii Cisco.com TroubleshootingObtaining Documentation Product Documentation DVD Ordering Documentation Documentation FeedbackCisco Product Security Overview Xix Reporting Security Problems in Cisco Products For emergencies only security-alert@cisco.com Product Alerts and Field Notices Obtaining Technical AssistanceXxi Cisco Technical Support & Documentation Website Xxii Submitting a Service Request Definitions of Service Request SeverityXxiii Obtaining Additional Publications and Information Xxiv Boldface font Document ConventionsConvention Description Italic font Italic screen font Xxvi Waarschuwing Belangrijke Veiligheidsinstructies Varoitus Tärkeitä TurvallisuusohjeitaXxvii Warnung Wichtige Sicherheitshinweise Avvertenza Importanti Istruzioni Sulla SicurezzaXxviii Aviso Instruções Importantes DE Segurança Xxix Varning! Viktiga Säkerhetsanvisningar Xxx Xxxi GEM Disse Anvisninger Xxxii Xxxiii Xxxiv An Overview of the Cisco Unified IP Phone Understanding the Cisco Unified IP Phones 7970G/7971G-GE Cisco Unified IP PhonePage OL-11524-01 What Networking Protocols Are Used? Networking Protocol Purpose Usage NotesUnified CallManager System Guide Authentication on Cisco Unified IP Refer to the SupportingPhones section on page 1-18 for Network Configuration section on Understanding the SIP Protocol Related Topics Feature Overview Configuring Telephony Features Providing Users with Feature Information Refer to Cisco Unified CallManager Security Understanding Security Features for Cisco Unified IP PhonesTopic Reference Guide Topic Reference Overview of Supported Security Features Feature Description More information, see the Device Configuration Menu Authentication on Cisco Unified IP Phones section on Select Security Configuration Identifying Encrypted and Authenticated Phone CallsProcedure Understanding Security Profiles Supporting 802.1X Authentication on Cisco Unified IP Phones Related Topic Required Network Components OL-11524-01 Security Restrictions OL-11524-01 CallManager Administration Task Purpose For More InformationCallManager System Guide Refer to Cisco Unified See the Configuring Softkey See the Setting Up ServicesTemplates section on Installing Cisco Unified IP Phones See the Adding Users toCisco Unified CallManager Page See the Adjusting See the Providing PowerSee the Installing Placement of the Cisco SettingsNetwork Configuration IP Phone 7970 Guide OL-11524-01 A P T E R OL-11524-01 Telephony Features Available for the Phone, Vlan Providing Power to the Phone Power Guidelines Phone Power Consumption and Display BrightnessPower Type Guidelines Brightness Power Outage Obtaining Additional Information about Power Understanding Phone Configuration Files Understanding the Phone Startup Process SIP Dial Rules Step Description Related Topics Unified CallManager Security Guide Understanding Files, Adding Phones to the Cisco Unified CallManager Database Requires MAC Method Address? Adding Phones with Auto-Registration Adding Phones with Auto-Registration and Taps Adding Phones with BAT MAC Address of a Cisco Unified IP Phone section on Using Cisco Unified IP Phones with Different Protocols See the Configuring Startup Network Settings section on Converting a New Phone from Sccp to SIPConverting an In-Use Phone from Sccp to SIP Converting an In-Use Phone from SIP to Sccp Deploying a Phone in an Sccp and SIP Environment Determining the MAC Address of a Cisco Unified IP Phone Setting Up the Cisco Unified IP Phone Cisco Unified CallManager Configuration Before You BeginNetwork Requirements Safety Setting Up the Cisco Unified IP Phone Before You Begin Network and Access Ports Network and Access Ports, Handset, Speakerphone, Headset,Handset Speakerphone Headset Audio Quality Subjective to the User Http//plantronics.com Using External Devices with Your Cisco Unified IP Phone See the Providing Power to Installing the Cisco Unified IP PhoneProcedure Reference See the Headset section on See the Network and Access Ports section on page 3-5 for 130055 Adjusting the Placement of the Cisco Unified IP Phone Adjusting Cisco Unified IP Phone Placement on the Desktop Securing the Phone with a Cable Lock See -2 below Mounting the Phone to the Wall Before You Begin Verifying the Phone Startup Process Parts Used in Wall Mounting the Cisco Unified IP Phone OL-11524-01 Configuring Startup Network Settings Settings on the Cisco Unified IP Phone Before You Begin From the phone, press the Settings Security Configuration OL-11524-01 Configuring Settings on Cisco Unified IP Phone Related Topics Displaying a Configuration Menu Unlocking and Locking Options Editing Values Overview of Options Configurable from a Phone Category Description Network Configuration Menu Values section on Option Description To Change Security Configuration Menu section Refer to Cisco Unified CallManager Option Description To Change Vlan ID Scroll to the Dhcp Address Option Description To Change PC Vlan Device Configuration Menu CallManager Configuration Menu StateBlank Unified CallManager Security Guide Designation DescriptionDevice Pool CallManager Security Guide Device Device Settings SIP Configuration MenuSIP General Configuration Menu, Line Settings Menu, SIP Profile Usecallmanager Line Settings Menu Call Preferences Menu This option can also be Http Configuration Menu URL Locale Configuration Menu Configuration Menu, UI Configuration Menu NTP Configuration Menu Incoming call on the same line when Media Configuration Menu Administration System EnterpriseParameters Enabled or disabled for the phone. If Whose phone has the Recording Tone Receives. The remote party is the party Power Save Configuration Menu Ethernet Configuration Menu Security Configuration Menu Responses. Disabling the phone’s QoS Configuration Menu Network Configuration WAN by storing images locally Security Configuration Menu Call Statistics Screen, Streaming Statistics, CTL File Screen section on List Screen section onCisco Unified CallManager Security See the 802.1X Authentication CTL File ScreenStatus section on Configuration Menu section on Unlocking the CTL File Trust List Screen 802.1X Authentication and Status Authentication Device Choose Settings SecurityConfiguration Authentication 802.1X Authentication Real-Time Status Configuring Features, Templates Services, and Users Telephony Features Available for the Phone Feature Description Configuration Reference Administration Guide Features and Services GuideSystem Guide, Call Pickup CallManager Features System Guide Changed Information Guide Administration Guide, CallCisco Unified CallManager New Release 5.11, Cisco Unified Text, on the phone screen DND Features and Services Guide section New and Changed Information System Guide, Music on Administration Guide, MusicServices Guide, Presence CallManager System Guide, Cisco Administration Guide , Cisco Unified CallManager System Creating Custom Phone Rings section on System Guide, Time-of-Day Administration Guide, TimeService Application Development Refer to the Cisco Unified IP Phone Configuring Corporate Directories and Personal Directories Configuring Corporate Directories Configuring Personal Directory Configuring Softkey Templates Modifying Phone Button Templates Setting Up Services Adding Users to Cisco Unified CallManager Managing the User Options Web Pages Giving Users Access to the User Options Web Pages User Management End User Customizing the Cisco Unified IP Phone Creating Custom Phone Rings Ringlist.xml File Format Requirements Configuring a Custom Phone Ring PCM File Requirements for Custom Ring Types Creating Custom Background Images List.xml File Format Requirements PNG File Requirements for Custom Background Images List.xml Example Configuring a Custom Background Image Configuring Wideband Headset Codec Configuring the Idle Display OL-11524-01 Page Field Description Field Description OL-11524-01 A P T E R Model Information Screen CTL See the Using Cisco Unified IP Status MenuPhones with Different Protocols Status Messages Screen Select Status Messages Message Description Possible Explanation and Action CallManager Administration section onNetwork Configuration Menu section Adding Phones with Cisco Unified Unified CallManager Administration Guide Authentication and Status section on Settings Security Configuration802.1X Authentication option on the phone Address. See the Network Configuration Message Description Possible Explanation and Action Network Configuration Menu section on Phone. See the Firmware Versions Screen Section on page 7-15 to verify the phoneDevice Phone See the Network Configuration Menu Section on page 4-7 section for details Message Description Possible Explanation and Action Network Statistics Screen Select Network Statistics PC port is in a link up state and has auto-negotiated Firmware Versions Screen Select Firmware Versions Call Statistics Screen Select Call Statistics MOS LQK Monitoring the Voice Quality of Calls section on OL-11524-01 Monitoring the Cisco Unified IP Phone Remotely Accessing the Web Page for a Phone Network Statistics, Device Logs, Streaming Statistics,Http//IPaddress Disabling and Enabling Web Page Access Device Information Choose Device Phone UDI Network Configuration Network Configuration Description Description Description Network Statistics Ethernet Information Area Items Description Device Logs Streaming Statistics MOS LQK Streaming Statistics Related Topics Page OL-11524-01 Troubleshooting and Maintenance Resolving Startup Problems Troubleshooting and Maintenance Resolving Startup Problems Identifying Error Messages Verifying IP Addressing and Routing Cisco CallManager Serviceability Choose Tools Control Center Creating a New Configuration File Symptom Cisco Unified IP Phone Unable to Obtain IP Address Cisco Unified IP Phone Resets Unexpectedly Verifying Physical ConnectionIdentifying Intermittent Network Outages Verifying Dhcp Settings Checking Static IP Address SettingsVerifying Voice Vlan Configuration Eliminating DNS or Other Connectivity Errors Verifying that the Phones Have Not Been Intentionally Reset Checking Power Connection Problem Possible Cause 802.1X Enabled on Phone but Not Authenticating 802.1X Not Enabled General Troubleshooting Tips Summary Explanation Unlocking and Locking Options section on page 4-4 for See the Call Statistics Screen section on page 7-16 for Performing a Basic Reset, Performing a Factory Reset, Halfduxcollisionexceedthreshold Locking Options section on Performing a Basic ResetOperation Performing Explanation Unlocking and Locking Options Performing a Factory Reset Using the Quality Report Tool Monitoring the Voice Quality of Calls Using Voice Quality Metrics Troubleshooting Tips Condition Cleaning the Cisco Unified IP Phone Where to Go for More Troubleshooting Information Website Providing Information to Users Via a How Users Access the Online Help System on the Phone How Users Obtain Support for the Cisco Unified IP Phone How Users Get Copies of Cisco Unified IP Phone Manuals How Users Access a Voice Messaging System Unified CallManager section on How Users Configure Personal Directory Click Next Configuring the Synchronizer OL-11524-01 P E N D I X B Features Cisco Unified IP Phone CMC Calling Features Cisco Unified IP Phone 7970G/7971G-GE Cisco IP Phone Service Application Development Notes for Release 4.13 orCisco Ipma User Guide User Guide Cisco CallManager Features and ServicesCisco CallManager Attendant Console Cisco IP Phone Expansion Module Supporting International Users Adding Language Overlays to Phone Buttons Installing the Cisco Unified CallManager Locale Installer Technical Specifications Specification Value or Range Cable Specifications Network and Access Port Pinouts Network Port Connector Access Port ConnectorPin Number Function Numerics IN-1 IN-2 IN-3 IN-4 IN-5 IN-6 IN-7 IN-8 IN-9 IN-10 IN-11 IN-12 Vlan IN-13 IN-14