Cisco Cisco TelePresence MCU 4510 Maintenance Manual
For each successful 'ping', the time taken for the ICMP echo packet to reach the host and for the reply packet to
return to the MCU is displayed in milliseconds (the round trip time). The TTL (Time To Live) value on the echo reply is
also displayed.
return to the MCU is displayed in milliseconds (the round trip time). The TTL (Time To Live) value on the echo reply is
also displayed.
For each intermediate host (typically routers) on the route between the MCU and the remote device, the host's IP
address and the time taken to receive a response from that host is shown. Not all devices will respond to the
messages sent by the MCU to analyse the route; routing entries for non-responding devices is shown as <unknown>.
Some devices are known to send invalid ICMP response packets (e.g. with invalid ICMP checksums); these
responses are not recognized by the MCU and therefore these hosts' entries are also shown as <unknown>.
address and the time taken to receive a response from that host is shown. Not all devices will respond to the
messages sent by the MCU to analyse the route; routing entries for non-responding devices is shown as <unknown>.
Some devices are known to send invalid ICMP response packets (e.g. with invalid ICMP checksums); these
responses are not recognized by the MCU and therefore these hosts' entries are also shown as <unknown>.
Note
: The ping message is sent from the MCU to the IP address of the endpoint that you enter. Therefore, if the MCU
has an IP route to the given IP address, regardless of whether that route lies out of port A or port B, the ping will be
successful. This feature allows the MCU s IP routing configuration to be tested, and it has no security implications.
successful. This feature allows the MCU s IP routing configuration to be tested, and it has no security implications.
Note
: If you are unable to ping the device then check your network configuration especially any firewalls using NAT.
Related Topics
■
Configuring SSL Certificates
The MCU supports certificate-based user authentication over HTTPS, and is capable of mutual TLS authentication
with the client. The client presents a certificate, signed by a certificate authority (CA), which the MCU trusts if it
recognizes the CA from its trust store. Similarly, the client requests the MCU's local certificate and checks the signing
CA against its own trust store.
with the client. The client presents a certificate, signed by a certificate authority (CA), which the MCU trusts if it
recognizes the CA from its trust store. Similarly, the client requests the MCU's local certificate and checks the signing
CA against its own trust store.
To manage the MCU's local certificate and its trust stores for HTTPS and SIP TLS, and optionally to configure OCSP
checks (Online Certificate Status Protocol) for HTTPS connections, go to Network > SSL certificates.
checks (Online Certificate Status Protocol) for HTTPS connections, go to Network > SSL certificates.
The SSL certificates page is also used to allow or enforce certificate-based login in place of standard, password-
based login. Any attempts to authenticate with a revoked certificate are recorded in the MCU's Audit log.
based login. Any attempts to authenticate with a revoked certificate are recorded in the MCU's Audit log.
In this topic:
■
■
■
■
■
■
■
■
Prerequisites
You should have your own local certificate and trust store(s), which must be in .pem format (Base64 encoded text).
HTTPS access to the web user interface requires the following prerequisites:
■
The Secure management (HTTPS) or Encryption feature key must be installed on the MCU.
■
HTTPS must be enabled on the Network > Services page.
To make SIP TLS calls between the MCU and remote parties requires the following prerequisites:
■
The Encryption feature key must be installed on the MCU.
■
A SIP username and password that are known by the registrar must be added to the Settings > SIP page.
224
Cisco TelePresence MCU Series Online Printable Help