Manualshelf

R0106-HP MSR Router Series Voice Configuration Guide(V7)

ManualsBrandsHP ManualsNetwork HardwareHP MSR3024 TAA-compliant AC Router
111112113114115116117118119120
111
# Configure the URL of the registration server in the form of http://host:port/Issuing Jurisdiction ID,
where Issuing Jurisdiction ID is a hexadecimal string generated on the CA server.
[RouterB-pki-domain-voice] certificate request url
http://192.168.2.88:446/bd0683e5a369eb4edbb4ef502eaca6ec42d24e97
# Specify the CA for accepting certificate requests.
[RouterB-pki-domain-voice] certificate request from ca
# Specify the PKI entity name as voice.
[RouterB-pki-domain-voice] certificate request entity aaa
[RouterB-pki-domain-voice] quit
# Generate a local RSA key pair.
[RouterB] public-key local create rsa
# Obtain the CA certificate and save it locally.
[RouterB] pki retrieve-certificate domain voice ca
# Submit a certificate request manually.
[RouterB] pki request-certificate domain voice
# Create an SSL server policy, and specify a PKI domain for the SSL server policy.
[RouterB] ssl server-policy server
[RouterB-ssl-server-policy-server] pki-domain voice
# Create an SSL client policy, and specify a PKI domain for the SSL client policy.
[RouterB] ssl client-policy client
[RouterB-ssl-client-policy-client] pki-domain voice
# Specify SSL policies to be used by TLS.
[RouterB] voice-setup
[RouterB-voice] sip
[RouterB-voice-sip] crypto ssl-server-policy server
[RouterB-voice-sip] crypto ssl-client-policy client
# Configure TLS as the global transport protocol for outgoing SIP calls.
[RouterB-voice-sip] session transport tcp tls
# Enable the TLS listening port.
[RouterB-voice-sip] transport tcp tls
[RouterB-voice-sip] quit
# Configure local number 2222 for POTS entity 2222, and bind FXS interface 2/2/1 to the POTS
entity.
[RouterB-voice] dial-program
[RouterB-voice-dial] entity 2222 pots
[RouterB-voice-dial-entity2222] line 2/2/1
[RouterB-voice-dial-entity2222] match-template 2222
# Configure the destination IP address and port number as 192.168.2.1 and 5061 for VoIP entity
1111, and configure the called number as 1111.
[RouterB-voice-dial] entity 1111 voip
[RouterB-voice-dial-entity1111] address sip ip 192.168.2.1 port 5061
[RouterB-voice-dial-entity1111] match-template 1111
Verifying the configuration
# Place calls to verify that phone 1111 and phone 2222 can call each other over TLS.
# Execute the display voice sip connection tls command to display TLS connection information.