Tls Parameters - AudioCodes Mediant 600 User Manual
Voip media gateways analog & digital lines
Hide thumbs
Also See for Mediant 600:
- User manual (744 pages) ,
- Installation manual (52 pages) ,
- Hardware installation manual (32 pages)
Table of Contents
Advertisement
Parameter
52.4.4 TLS Parameters
The Transport Layer Security (TLS) parameters are described in the table below.
Parameter
Web/EMS: TLS Version
[TLSVersion]
Web: TLS Client Re-
Handshake Interval
EMS: TLS Re
Handshake Interval
[TLSReHandshakeInter
val]
Web: TLS Mutual
Authentication
EMS: SIPS Require
Client Certificate
[SIPSRequireClientCert
ificate]
Web/EMS: Peer Host
Name Verification Mode
User's Manual
This feature ensures that the roll-over counter (ROC), one of the
parameters used in the SRTP encryption/decryption process of the
SRTP packets, is synchronized on both sides for transmit and receive
packets.
[0] = (Default) Disabled. ROC is not reset on the device side.
[1] = Enabled. If the session expires causing a session refresh
through a re-INVITE, the device or server generates a new key and
the device resets the ROC index (and other SRTP fields) as done by
the server, resulting in a synchronized SRTP.
Notes:
This feature can also be configured for an IP Profile.
If this feature is disabled and the server resets the ROC upon a re-
key generation, one-way voice may occur.
TLS Parameters
Determines the supported versions of SSL/TLS (Secure Socket
Layer/Transport Layer Security.
[0] SSL 2.0-3.0 and TLS 1.0 = (Default) SSL 2.0, SSL 3.0, and TLS
1.0 are supported.
[1] TLS 1.0 Only = only TLS 1.0 is used.
When set to 0, SSL/TLS handshakes always start with SSL 2.0 and
switch to TLS 1.0 if both peers support it. When set to 1, TLS 1.0 is the
only version supported; clients attempting to contact the device using
SSL 2.0 are rejected.
Note: For this parameter to take effect, a device reset is required.
Defines the time interval (in minutes) between TLS Re-Handshakes
initiated by the device.
The interval range is 0 to 1,500 minutes. The default is 0 (i.e., no TLS
Re-Handshake).
Determines the device's behavior when acting as a server for TLS
connections.
[0] Disable = (Default) The device does not request the client
certificate.
[1] Enable = The device requires receipt and verification of the client
certificate to establish the TLS connection.
Notes:
For this parameter to take effect, a device reset is required.
The SIPS certificate files can be changed using the parameters
HTTPSCertFileName and HTTPSRootFileName.
Determines whether the device verifies the Subject Name of a remote
certificate when establishing TLS connections.
640
Mediant 600 & Mediant 1000
Description
Description
Document #: LTRT-83313
Advertisement
Table of Contents
Troubleshooting
