Configuring programmable keys and workgroup status – AltiGen MAXCS 7.0 Update 1 ACM Administration User Manual

Chapter 17: IP Phone Configuration

214

MaxCS 7.5 Administration Manual

Configuring Programmable Keys and Workgroup Status

After setting parameters on the General tab, go to the tab that corresponds to the phone type, and configure
the programmable keys (plus the Display Workgroup Status field on the Alti-IP 600, IP 705, and IP 805
phones). Programmable key settings are described in the next table.

SIP Transport

These settings secure the SIP signaling messages and the RTP. SIP signaling is secured
using transport layer security (TLS). RTP or SIP-associated media is secured using the
secure RTP (SRTP) protocol.

•

Persistent TLS

– Check this setting to have the selected extension communicate us-

ing TLS. The TLS protocol allows applications to communicate across a network in a
way designed to prevent eavesdropping, tampering, and message forgery. TLS pro-
vides endpoint authentication and communications privacy for VoIP systems using
cryptography.

If either side initiates SIP messaging with an alternate transport like UDP or TCP, these
are supported, as well.

NOTE:

Persistent TLS is not supported for SIP Tie-Trunks in this release.

•

SRTP

– Check this setting to have the selected extension use SRTP. SRTP is a ver-

sion of RTP that provides confidentiality and message authentication. Since the SRTP
session key is sent in the SIP signaling via SDP, the key can be exposed to eavesdrop-
ping. So SRTP needs to co-exist with TLS for the communication to be fully secure.

If SRTP is checked, the voice stream always goes through the server.

Changing TLS/SRTP parameter settings for a Polycom phone will require rebooting the
phone; otherwise the phone may not register with MAXCS.
If the IP phone is behind NAT, UDP will be used even if TLS and SRTP are checked, since
TLS cannot penetrate NAT.
IP Phone Configuration vs Enterprise Manager configuration:
SIP calls from one AltiGen server to another go through a SIP Tie Trunk. Configuring TLS
for this scenario is done in Enterprise Manager. See “SIP Transport” in the table on page
314.
Extension level policy has priority over the codec profile policy.
If the IP extension supports TLS and the codec profile set in Enterprise Manager does not,
then the IP extension policy holds. That way you can configure a range of IP addresses in
the IP Dialing table or IP Codec screen, and have only a few IP addresses/extensions
support TLS.
If the IP extension does not have TLS configured as its transport, but the codec profile
supports TLS for that extension, then the codec profile policy holds.

NAT Setting

This setting is for a remote IP phone with a private address and behind NAT. When
connecting to the AltiGen system, the system will use this information to execute the NAT
traversal for the IP phone. The NAT status and address are read-only fields.

•

NAT Status

–

Indicates if the IP phone is behind a NAT router. Read only.

•

NAT Address

– This is the NAT router’s public IP address, as set in the Extension

Configuration window. Read only.

Registry Keep-Alive Duration

–

Indicates how often a SIP registration message is

sent to the server when the IP phone is behind a NAT router. You need to enter a Di-
agnostic password when logging in to MaxAdmin (before you enter your Admin pass-
word) to enable this configuration. Default setting is 60 seconds.

General

Parameter

Description