EasyManua.ls Logo

Avaya 9600 Series - Record Your Name

Avaya 9600 Series
162 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Note:
The MAC option SET MYCERTCN $MACADDR supports the MYCERTCN parameter in H.
323 Release 6.2 Service Pack 1.
For H.323 Release 6.2 Service Pack 1, after the phone starts with EAP-TLS mode, the
user does not need to enter device Id or password as in MD5.
Related links
EAP-TLS support for authentication on page 105
Scenarios for using EAP-TLS based authentication
You can deploy the EAP-TLS method for authentication that requires an identity certificate that is
stored in the phone.
The following sections describe the authentication scenarios where you might need to deploy
EAP-TLS. Before deploying EAP-TLS, you must set the phones to a default state that can be one
of the following:.
Phones not running any type of 802.1x authentication
Phones using 802.1x using MD5 as the authentication method
Related links
EAP-TLS support for authentication on page 105
Deploying EAP-TLS based authentication for phones using 802.1x and MD5
Before you begin
The administration of EAP-TLS requires the installation of an identity certificate. So, the initial
network for phone installation can be a phone, an Ethernet switch, and a computer in the IT
department. The computer must be connected to the internet if you use an external CA for signing
the certificates. You can configure the settings file on the network to configure DOT1XSTAT to 1 or
2. This change takes effect the next time that the phone resets. The phone must be connected to
that network without resetting until a certificate is successfully installed. Or, you can enable 802.1x
manually by using the 802.1x craft procedure after you install a certificate.
Procedure
1. Clear the phones and ensure that the phones authenticate using MD5.
2. Connect the phones on a network that does not support 802.1X access control (switch and
phone), modify the 46xxsettings.txt file, and incorporate the following SCEP parameters:
a. SET TRUSTCERTS < RootCert >
b. SET MYCERTURL http:// <IP of CA server > /certsrv/mscep/mscep.dll
c. SET MYCERTWAIT 0
d. SET SCEPPASSWORD <password>#### optional
e. SET DOT1XEAPS TLS
f. SET DOT1XSTAT 2 #### optional
Administering Deskphone Options
March 2018 Administering Avaya 9608/9608G/9611G/9621G/9641G/9641GS IP Deskphones H.
323 107
Comments on this document? infodev@avaya.com

Table of Contents

Other manuals for Avaya 9600 Series

Preview: Manual
Manual187 pages
Preview: Installing And Administering
Installing And Administering268 pages
Preview: User Guide
User Guide178 pages
Preview: Setup Guide
Setup Guide65 pages
Preview: Instruction Manual
Instruction Manual98 pages
Preview: Configuring
Configuring51 pages
Preview: Application Notes
Application Notes14 pages
Preview: Brochure
Brochure4 pages

Related product manuals