User's Manual

ManualsBrandsAvaya ManualsIP phonesSIP Software 3.1 for 1100 Series

201

202

203

204

205

206

207

208

209

210

Certificate requirements

For the IP

Deskphone to validate that the server certificate provided by the TLS-enabled proxy

matches the connected address, the certificate must contain the IP Addresses of the IP

Deskphone.

The server certificate has a Subject Alternative Name field, which contains the IPv4 and IPv6

IP addresses that correspond with the proxy. For example:

subjectAltName=IP:192.168.100.100subjectAltName=IP:

2001:0db8:0000:0000:0000:0000:1428:5 7ab

Important:

The IP Deskphone must have a device certificate loaded. If the device certificate is not loaded,

the IP Deskphone fails to establish a TLS connection with the system.

IP Deskphone security configuration

The following table lists the various security parameters for the IP

Deskphone.

Table 30: Provisioning parameters summary

Parameter Purpose Default Allowed

SERVER_TCP_PORT1_

SERVER_TCP_PORT1_2

SERVER_TCP_PORT2_1

SERVER_TCP_PORT2_2

SERVER_TCP_PORT3_1

SERVER_TCP_PORT3_2

SERVER_TCP_PORT4_1

SERVER_TCP_PORT4_2

SERVER_TCP_PORT5_1

SERVER_TCP_PORT5_2

Configures the

TCP and TLS

ports used when

connecting to the

SIP domain.

TCP: 5060

TLS: 5061

Integer

SERVER_TLS_PORT1_1

SERVER_TLS_PORT1_2

SERVER_TLS_PORT2_1

SERVER_TLS_PORT2_2

SERVER_TLS_PORT3_1

SERVER_TLS_PORT3_2

SERVER_TLS_PORT4_1

SERVER_TLS_PORT4_2

SERVER_TLS_PORT5_1

SERVER_TLS_PORT5_2

TCP/TLS operation overview

SIP Software for Avaya 1100 Series IP Deskphones-Administration November 2012 205