1. Manuals
  2. Brands
  3. AudioCodes Manuals
  4. Gateway
  5. MediaPack MP-124
  6. User manual

Configuring The Ipsec Table - AudioCodes MediaPack MP-124 User Manual

Mediapack mp-11 series cpe & access analog gateways
Hide thumbs Also See for MediaPack MP-124:
Table of Contents

Advertisement

Parameter
TLS Client Verify Server Certificate
[VerifyServerCertificate]
TLS Remote Subject Name
[TLSRemoteSubjectName]
3.4.3.6

Configuring the IPSec Table

The 'IPSec Table' page allows you to configure the Security Policy Database (SPD)
parameters for IP security (IPSec).
Note:
SIP User's Manual
server or client for the TLS connection.
When a remote certificate is received and this parameter is not
disabled, the SubjectAltName value is compared with the list of
available Proxies. If a match is found for any of the configured
Proxies, the TLS connection is established.
The comparison is performed if the SubjectAltName is either a
DNS name (DNSName) or an IP address. If no match is found
and the SubjectAltName is marked as 'critical', the TLS
connection is not established. If DNSName is used, the
certificate can also use wildcards ('*') to replace parts of the
domain name.
If the SubjectAltName is not marked as 'critical' and there is no
match, the CN value of the SubjectName field is compared with
the parameter TLSRemoteSubjectName. If a match is found,
the connection is established. Otherwise, the connection is
terminated.
Determines whether the device, when acting as client for TLS
connections, verifies the Server certificate. The certificate is
verified with the Root CA information.
[0] Disable (default).
[1] Enable.
Note: If Subject Name verification is necessary, the parameter
PeerHostNameVerificationMode must be used as well.
Defines the Subject Name that is compared with the name
defined in the remote side certificate when establishing TLS
connections.
If the SubjectAltName of the received certificate is not equal to
any of the defined Proxies Host names/IP addresses and is not
marked as 'critical', the Common Name (CN) of the Subject
field is compared with this value. If not equal, the TLS
connection is not established. If the CN uses a domain name,
the certificate can also use wildcards ('*') to replace parts of the
domain name.
The valid range is a string of up to 49 characters.
Note: This parameter is applicable only if the parameter
PeerHostNameVerificationMode is set to 1 or 2.
You can also configure the IPSec table using the ini file table parameter
IPSEC_SPD_TABLE (refer to ''Security Parameters'' on page 252).
Description
94
MediaPack Series
Document #: LTRT-65411
Show Quick Links

Hide quick links:

Advertisement

Table of Contents
loading

Related Manuals for AudioCodes MediaPack MP-124

Related Content for AudioCodes MediaPack MP-124

This manual is also suitable for:

Mediapack mp-11xMediapack mp-114Mediapack mp-118Mediapack mp-112

Table of Contents