User`s manual

ManualsBrandsAudioCodes ManualsAcousticsMEDIAPACK VERSION 6.2

211

212

213

214

215

216

217

218

219

220

MediaPack SIP

MediaPack SIP User’s Manual 214 Document #: LTRT-65405

12.1.2.1 Using the Secured Embedded Web Server

¾ To use the secured Embedded Web Server, take these 3 Steps:

1. Access the MP-11x using the following URL:

https://[host name] or [IP address]

Depending on the browser's configuration, a security warning dialog may be displayed. The

reason for the warning is that the MP-11x initial certificate is not trusted by your PC. The

browser may allow you to install the certificate, thus skipping the warning dialog the next

time you connect to the MP-11x.

2. If you are using Internet Explorer, click View Certificate and then Install Certificate.

3. The browser also warns you if the host name used in the URL is not identical to the one

listed in the certificate. To solve this, add the IP address and host name (ACL_nnnnnn where

nnnnnn is the serial number of the MP-11x) to your hosts file, located at /etc/hosts on UNIX

or C:\Windows\System32\Drivers\ETC\hosts on Windows; then use the host name in the

URL (e.g., https://ACL_280152).The figure below is an example of a host file:

Figure

12-1: Example of a Host File

# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.

# Location: C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts

127.0.0.1 localhost

10.31.4.47 ACL_280152

12.1.3 Secured Telnet

To enable the embedded Telnet server on the MP-11x, set the parameter TelnetServerEnable

(described in Table

5-29 on page 117) to 1 (standard mode) or 2 (SSL mode); no information is

transmitted in the clear when SSL mode is used.

If the Telnet server is set to SSL mode, a special Telnet client is required on your PC to connect

to the Telnet interface over a secured connection; examples include C-Kermit for UNIX, Kermit-95

for Windows, and AudioCodes' acSSLTelnet utility for Windows (that requires prior installation of

the free OpenSSL toolkit). Contact AudioCodes to obtain the acSSLTelnet utility.

12.1.4 Server Certificate Replacement

The MP-11x is supplied with a working SSL configuration consisting of a unique self-signed

server certificate. When the MP-11x is upgraded to firmware version 4.6, a unique self-signed

server certificate is created. If an organizational Public Key Infrastructure (PKI) is used, you may

wish to replace this certificate with one provided by your security administrator.

¾ To replace the MP-11x self-signed certificate, take these 9 steps:

1. Your network administrator should allocate a unique DNS name for the MP-11x (e.g.,

dns_name.corp.customer.com). This name is used to access the device, and should

therefore be listed in the server certificate.

2. Access the following URL (case-sensitive):

https://dns_name.corp.customer.com/SSLCertificateSR.

Note that you should use the DNS name provided by your network administrator. The

Certificate Signing Request screen is displayed (Figure

12-2).