Authentication; About Authentication; Configuring Authentication - TANDBERG VCS Administration Manual

Registration Control Text goes here

About Authentication

The VCS can be configured to use a username
and password-based challenge-response
scheme to permit endpoint registrations. This
process is known as authentication.
In order to authenticate with the VCS, the
endpoint must supply it with a username.
For TANDBERG endpoints using H.323, the
username is the endpoint's

Authentication

for TANDBERG endpoints using SIP it is the
endpoint's Authentication Username.
For details of how to configure
endpoints with a username and
password, please consult the
endpoint manual.
In order to verify the identity of the device,
the VCS needs access to a database on
which all authentication credential information
(usernames, passwords, and other relevant
information) is stored. This database may
be located either locally on the VCS, or on
an LDAP Directory Server. The VCS looks up
the endpoint's username in the database
and retrieves the authentication credentials
for that entry. If the credentials match those
supplied by the endpoint, the registration is
allowed to proceed.
The VCS supports the ITU H.235 specification
[1] for authenticating the identity of H.323
network devices with which it communicates.
Getting System
Introduction
Started Overview
D 14049.01
07.2007

Configuring Authentication

To configure Authentication options:
•
VCS Configuration > Authentication > Configuration
You will be taken to the Authentication Configuration
•
xConfiguration Authentication
ID;
Authentication username
The Authentication Username is the name that the VCS uses when authenticating with other systems. For example, when forwarding an invite from an
endpoint to another VCS, that other system may have authentication enabled and will therefore require your local VCS to provide it with a username
and password. Traversal clients must always successfully authenticate with traversal servers before they can be used.
The authentication username and password for your local VCS must be stored on either the local database or LDAP database (depending on which has
been enabled), along with all the other authentication usernames and passwords. When your local VCS receives an authentication request, it looks up
its own username in the database and sends the corresponding authentication credentials, along with the username, to the system that requested it.
If the username and authentication credentials match those stored on the requesting system's database, the communication can continue.
System H.323 & SIP
Configuration Configuration
Authentication
page (shown below).
Registration Registration Zones and Call
Control Control Neighbors Processing
4
TANDBERG TANDBERG VIDEO COMMUNICATION SERVER VIDEO COMMUNICATION SERVER
ADMINISTRATOR GUIDE ADMINISTRATOR GUIDE
Mode
On: all endpoints must authenticate with the
VCS before registering.
Off: no authentication is required for
endpoints.
The default is Off.
Authentication database
Determines which database the VCS will use
during authentication.
LocalDatabase: the local database is used.
You must configure the Local database
this option.
LDAP: A remote LDAP database is used. You
must configure the LDAP server
option.
The default is LocalDatabase.
Authentication password
Specifies the password to be used by the
VCS (in conjunction with the Authentication
username) when the VCS is authenticating
with another system.
Firewall Bandwidth
Maintenance
Traversal Control
to use
to use this
Appendices