Manuals / TANDBERG / Computer Equipment / Network Router

TANDBERG D13691.03 user manual Securing the Ldap connection with TLS

Models: D13691.03

1 84
Download 84 pages 43.13 Kb
Page 29
Image 29

TANDBERG Border Controller User Manual

To configure the Border Controller to use the LDAP server directory during authentication issue the following commands:

xConfiguration Authentication Mode: On

xConfiguration Authentication Database: LDAPDatabase

The Border Controller needs to be configured with the area of the directory which will be searched for the communication device information. This should be specified as the Distinguished Name (DN) in the directory under which the H.350 objects reside:

xConfiguration Authentication LDAP BaseDN: "Your base DN"

The Border Controller must also be configured with the location of the LDAP server and the security credentials required to gain access to the LDAP server. The following commands are used to configure the LDAP server details:

xConfiguration LDAP Server Address: "ldap server address"

xConfiguration LDAP Server Port: 389

xConfiguration LDAP UserDN: "Your user DN"

xConfiguration LDAP Password: "password"

The status of the connection between the Border Controller and the LDAP server can be verified using the command:

xstatus LDAP

The details of the LDAP server can also be configured via the web interface on the Border Controller Configuration → Gatekeeper page).

5.2.3 Securing the LDAP connection with TLS

The traffic between the Border Controller and the LDAP server can be encrypted using Transport Layer Security (TLS). To use TLS, the LDAP server must have a valid certificate installed so that the Border Controller can verify the server’s identity. For more information on setting up certificates using common LDAP servers, see Appendix B LDAPS uses port 636 as its default communications port.

Using the terminal interface TLS can be enabled with the following command

xConfiguration LDAP Encryption: TLS

TLS can also be enabled via the web interface using the Border Controller Configuration → Gatekeeper page.

The Border Controller will now only communicate with the LDAP server using TLS. To verify the identity of the LDAP server, the certificate of the Certificate Authority (CA) that issued the LDAP server with its certificate must be uploaded to the Border Controller. To install the CAs certificate, navigate to the Border Controller Configuration → Files page and upload the CA certificate as a Trusted CA certificate.

22

Page 28 Page 30
Page 29
Image 29
TANDBERG D13691.03 user manual Securing the Ldap connection with TLS
Page 28 Page 30