MITEL 6900, 6970, 6800, AND 6700 SIP TERMINALS FOR MIVOICE MX-ONE
71 26/1531-ANF 901 14 Uen S 2019-10-18
https user certificates:ca.pem[,<ca signing sw server>, <ca signing CMG
server>]
https client method:"TLS 1.0" #MX-ONE only supports TLS
If the XML keys provisioned by MX-ONE shall use https, the following setting is
required. port 22223 will trigger MX-ONE to provision XML keys for Logon/Logoff
and Diversion as “https” and port 22223, which is the TLS port for Mitel-XML.
action uri startup:
”https://$$PROXYURL$$:22223/Startup?user=$$SIPUSERNAME$$”
services script:
https://$$PROXYURL$$:22223/Services?user=$$SIPUSERNAME$$&voice-
mailnr=<voice mail number>
#download protocol HTTP,HTTPS,FTP,TFTP
download protocol:HTTPS
https server:<IP address of sw server>
https port:443 #443 is the standardport for https
https path:aastra67xxi #path on sw servert
Phone <model>.cfg:
Either the Logon keys are removed. Then you rely on that the users logon when
prompted due to reboot (triggered by action uri startup in aastra.cfg/startup.cfg),
or the /Logon key value needs to be set to
“https://$$PROXYURL$$:22223/Logon?user=$$SIPUSERNAME$$”.
Check the CMG documentation if Corporate directory is to use https (TLS), for
example:
https://<CMG host name>/xml/directory/CorpDir.php
5. Per default a time server (using NTP as protocol) needs to be enabled via DHCP
Option 42 or via configuration parameters. The configuration parameter has
precedence over Option 42. The phone must have a valid date and time in order
to verify the server certificate’s expiry time. As TLS is a per-hop protocol. It is the
server certificate of ‘outbound proxy ip’ which is verified. In this example this
would be an MX-ONE server.
Configuration parameters
time server disabled:0 #0-enabled,1-disabled
time server1:<ip address or host>
#ref: http://www.pool.ntp.org/en/use.html
6. If no NTP servers are accessible for some reason it is possible to disable the
check for expire date via WebGUI(Network) or configuration parameter. This will
also have the effect that there is no date and time indication on the phone.
https validate expires: 0 #0-disabled, 1-enabled
7. # MX-ONE controls the padlock symbol when a call is encrypted call server over-
rides srtp detection: 1.
8. Use latest startup.cfg or add this manually.
Note: Padlock displays (indicating encryption of media) on Mitel 6900/6800 SIP termi-
nals is enhanced and it can be controlled from the Service Node for gateway use
cases.
To Next Page
Loading...
