Configuring startup network settings, Configuring security on the cisco unified ip phone – Cisco 7965G User Manual

3-13

Cisco Unified IP Phone 7965G and 7945G Administration Guide for Cisco Unified Communications Manager 7.0

OL-15427-01

Chapter 3 Setting Up the Cisco Unified IP Phone

Configuring Startup Network Settings

Configuring Startup Network Settings

If you are not using DHCP in your network, you must configure these network settings on the
Cisco Unified IP Phone after installing the phone on the network:

•

IP address

•

IP subnet information

•

Default gateway IP address

•

TFTP server IP address

You may also configure these optional settings as necessary:

•

Domain name

•

DNS server IP address

Collect this information and see the instructions in

Chapter 4, “Configuring Settings on the Cisco

Unified IP Phone.”

Configuring Security on the Cisco Unified IP Phone

The security features protect against several threats, including threats to the identity of the phone and to
data. These features establish and maintain authenticated communication streams between the phone and
the Cisco Unified Communications Manager server, and digitally sign files before they are delivered.

For more information about the security features, see the

“Understanding Security Features for Cisco

Unified IP Phones” section on page 1-9

. Also, refer to Cisco Unified Communications Manager Security

Guide.

A Locally Significant Certificate (LSC) installs on phones after you perform the necessary tasks that are
associated with the Certificate Authority Proxy Function (CAPF). You can use
Cisco Unified Communications Manager Administration to configure an LSC, as described in
Cisco Unified Communications Manager Security Guide.

Alternatively, you can initiate the installation of an LSC from the Security Configuration menu on the
phone. This menu also lets you update or remove an LSC.

Before you begin, make sure that the appropriate Cisco Unified Communications Manager and the
CAPF security configurations are complete:

•

The CTL file should have a CAPF certificate.

•

The CAPF certificate must exist in the /usr/local/cm/.security/certs folder in every server in the
cluster.

•

The CAPF is running and configured.

Refer to Cisco Unified Communications Manager Security Guide for more information.

To configure an LSC on the phone, perform the following procedure. Depending on how you have
configured the CAPF, this procedure installs an LSC, updates an existing LSC, or removes an existing
LSC.

Procedure

Step 1

Obtain the CAPF authentication code that was set when the CAPF was configured.

Step 2

From the phone, press the Settings > Security Configuration.