Installation guide
Network Settings
4-30 41-001561-00 REV00 – 10.2014
Interactive Connectivity Establishment (ICE) Support
The phones now support the Interactive Connectivity Establishment (ICE) Protocol. ICE makes use of the Session Traver-
sal Utilities for NAT (STUN) protocol and its extension, Traversal Using Relay NAT (TURN).
In an ICE environment, two agent endpoints (or two phones communicating at different locations) are able to communi-
cate via the SIP Protocol by exchanging Session Description Protocol (SDP) messages. At the beginning of the ICE proc-
ess, the agents are ignorant of their own topologies. In particular, they might or might not be behind a NAT (or multiple
tiers of NATs).
ICE allows the agents to discover enough information about their topologies to potentially find one or more paths by
which they can communicate.
The ICE Protocol is automatically enabled if both STUN and TURN servers are configured in the network. The following
occurs when ICE is used on the phone:
• The TURN address/port is always used as the preferred media address in initial INVITES.
• Media is sent through the TURN server prior to the completion of the ICE connectivity check.
• A Re-INVITE is used to adjust media (if required) after the ICE connectivity check is complete.
• When ICE is enabled, call hold is performed via the send only attribute instead of changing the media address to
0.0.0.0.
• The ICE Protocol supports the RTCP SDP attribute (RFC 3605)
STUN and TURN can be enabled using the Mitel Web UI or the configuration files. This automatically enables ICE.
Reference
To configure STUN and TURN (which automatically enables ICE), see “Configuring STUN and TURN Servers Using the
Configuration Files” on page4-28 and “Configuring STUN and TURN Servers Using the Mitel Web UI” on page 4-28.
HTTPS Client/Server Configuration
HTTPS is a Web protocol that encrypts and decrypts user page requests as well as the pages that are returned by the
Web server. HTTPS uses Secure Socket Layer (SSL) or Transport Layer Security (TLS) as a sublayer under its regular HTTP
application layering. SSL is a commonly-used protocol for managing the security of a message transmission on the Inter-
net.
It uses a 40-bit key size for the RC4 stream encryption algorithm, which is considered an adequate degree of encryp-
tion for commercial exchange. TLS is a protocol that ensures privacy between communicating applications and their
users on the Internet. When a server and client communicate, TLS ensures that no third party may eavesdrop or tamper
with any message. TLS is the successor to SSL.
When an HTTPS client opens and closes its TCP socket, the SSL software respectively handshakes upon opening and dis-
connects upon closing from the HTTPS server. The main HTTPS client functions are:
• Downloading of configuration files and firmware images.
• Downloading of script files based on an “HTTPS://” URL supplied by a softkey definition.
The HTTPS server provides HTTP functionality over secure connections. It coexists with the HTTP server but has its own
set of tasks. The main HTTPS server functions are:
• Delivery of web page content to a browser client over a secure connection.
• Execution of HTTP GET and POST requests received over a secure connection.
Using the configuration files, the IP phone UI, or the Mitel Web UI, you can configure the following regarding HTTPS:
• Specify HTTPS security client method to use (TSLv1 or SSLv3)
• Enable or disable HTTP to HTTPS server redirect function
• HTTPS server blocking of XML HTTP POSTS to the phone
Note:
HTTPS uses port 443 instead of HTTP port 80 in its interactions with the TCP/IP lower layer.