OmniPCX Enterprise
APPENDIX 1
INSTALLATION PROCEDURE FOR VERSION
J1.410.34.c – RELEASE 10.0
NEW HARDWARE AND FEATURES
Ed. 02 / 22 June 2011 9 TC1449
Important points
• For existing configuration where the SSM-RM module doesn’t have a default digital certificate
(serial number lower than 02768), it is mandatory to install a digital certificate (X509v3
format) from an external PKI. This PKI can be the one provided by OmniVista 8770 NMS
(optional feature).
• SSM box model and MSM box model are not compatible with the SIP TLS feature. These boxes
must be replaced by new Thales gates SSM-RM (with a serial number greater than 02768)
and MSM-RM.
Limitations
• It is not possible to configure secure SIP Trunks with TLS and SRTP and encryption for
Applications (OmniTouch ICS) on the same OmniPCX Enterprise node.
• SRTP one key and SRTP two keys are not compatible. All the nodes of the network must
operate with the same protocol.
• As of Release 10.0, the TLS/SRTP (two keys) is not available in an ABC-F network, if a Public
SIP Trunks is secured with TLS and SRTP on a OmniPCX Enterprise node in Release 10.0,
network encryption (meaning encryption over OmniPCX Enterprise ABC IP network) between
nodes mustn’t be activated.
• Those limitations apply to both Public SIP Trunk (interconnection of an OmniPCX Enterprise
with a Carrier or Service Provider network) and Private SIP Trunk (connection of a SIP gateway
on the OXE node for secure PSTN accesses).
• Those limitations do not exist if SIP TLS and RTP are configured.
To Next Page
Loading...
Need help?
General
