User`s manual

ManualsBrandsAudioCodes ManualsNetworkingMediant 1000

321

322

323

324

325

326

327

328

329

330

Mediant 1000

H.323 User's Manual 330 Document #: LTRT-83401

13.2 SSL/TLS

SSL, also known as TLS, is the method used to secure the Mediant 1000 Embedded Web

Server and Telnet server. The SSL protocol provides confidentiality, integrity and

authenticity between two communicating applications over TCP/IP.

Specifications for the SSL/TLS implementation include the following:

 Supports transports: SSL 2.0, SSL 3.0, TLS 1.0

 Supports ciphers: DES, RC4 compatible

 Authentication: X.509 certificates; CRLs are not supported

13.2.1 Embedded Web Server Configuration

For additional security, you can configure the Embedded Web Server to accept only

secured (HTTPS) connections by changing the parameter HTTPSOnly to 1 (described in

Table 5-35 on page 168).

You can also change the port number used for the secured Web server (by default 443), by

changing the ini file parameter, HTTPSPort (described in Section 6.5.4 on page 223).

13.2.1.1 Using the Secured Embedded Web Server

¾ To use the secured Embedded Web Server, take these 3 steps:

1. Access the Mediant 1000 using the following URL:

https://[host name] or [IP address]

Depending on the browser's configuration, a security warning dialog may be

displayed. The reason for the warning is that the Mediant 1000 initial certificate is not

trusted by your PC. The browser may allow you to install the certificate, thus skipping

the warning dialog the next time you connect to the Mediant 1000.

2. If you are using Internet Explorer, click View Certificate and then Install Certificate.

3. The browser also warns you if the host name used in the URL is not identical to the

one listed in the certificate. To solve this, add the IP address and host name

(ACL_nnnnnn where nnnnnn is the serial number of the Mediant 1000) to your hosts

file, located at /etc/hosts on UNIX or C:\Windows\System32\Drivers\ETC\hosts on

Windows; then use the host name in the URL (e.g., https://ACL_280152).The figure

below is an example of a host file:

Figure 13-8: Example of a Host File

# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.

# Location: C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts

127.0.0.1 localhost

10.31.4.47 ACL_280152

13.2.2 Secured Telnet

To enable the embedded Telnet server on the Mediant 1000, set the parameter

TelnetServerEnable (described in Table 5-23 on page 133) to 1 (standard mode) or 2 (SSL

mode); no information is transmitted in the clear when SSL mode is used.