Aastra Telecom 57I User Manual
Advanced Operational Features
6-22
41-001160-00, Release 2.1, Rev 04
IP Phone Administrator Guide
Advanced Operational Features
On the IP phones, an Administrator can configure TLS and Persistent TLS on a
global-basis only, using the configuration files or the Aastra Web UI.
global-basis only, using the configuration files or the Aastra Web UI.
SIP Asserted Identity (for Sylantro Servers)
The IP Phones support a private extension to the SIP, Asserted Identity (SAI)
within Trusted Networks (as defined in RFC 3325), inside the User Agent Server
(UA) in the Aastra IP phones.
within Trusted Networks (as defined in RFC 3325), inside the User Agent Server
(UA) in the Aastra IP phones.
This feature allows a network of trusted SIP servers to assert the identity of
authenticated users, and verify that phone messages originate from a Trusted
Identity. Upon receiving a message from a caller in the Trust Network, the IP
phone reads the contents of the P-Asserted-Identity (PAI) header field and
displays it on the phone UI. This field contains a more accurate description of the
caller identity (extension/phone number) than is contained in the SIP message.
authenticated users, and verify that phone messages originate from a Trusted
Identity. Upon receiving a message from a caller in the Trust Network, the IP
phone reads the contents of the P-Asserted-Identity (PAI) header field and
displays it on the phone UI. This field contains a more accurate description of the
caller identity (extension/phone number) than is contained in the SIP message.
When an IP phone receives an incoming call, the IP phone does the following
actions:
actions:
•
Checks to see if the incoming call is from a registered proxy server.
•
If the call is forwarded via a registered proxy server, then the message has
already been verified and authenticated by the server. The caller is part of the
Trust Network. The IP phone UI displays the caller information contained in
the PAI header.
already been verified and authenticated by the server. The caller is part of the
Trust Network. The IP phone UI displays the caller information contained in
the PAI header.
•
If the call is not forwarded via a registered proxy server - and therefore is not
a “Trusted Entity” - the IP phone UI does not display any trust information
contained in the PAI header.
a “Trusted Entity” - the IP phone UI does not display any trust information
contained in the PAI header.
Notes:
1.
Persistent TLS requires the outbound proxy server and outbound
proxy port parameters be configured in either the configuration files or
the Aastra Web UI (Advanced Settings->Global SIP->Basic SIP Network
Settings). There can be only one persistent TLS connection created per
phone. The phone establishes the TLS connection to the configured
outbound proxy.
2.
the Aastra Web UI (Advanced Settings->Global SIP->Basic SIP Network
Settings). There can be only one persistent TLS connection created per
phone. The phone establishes the TLS connection to the configured
outbound proxy.
2.
If you configure the phone to use Persistent TLS, you must also
specify the Trusted Certificate file to use. The Root and Intermediate
Certificates, Local Certificate, and Private Key files are optional.
Certificates, Local Certificate, and Private Key files are optional.