Configuring startup network settings, Configuring security on the cisco unified ip phone – Cisco CISCO UNIFIED OL-18988-01 User Manual
Page 9
3-9
Cisco Unified IP Phone 7931G Administration Guide for Cisco Unified Communications Manager 7.1 (SCCP and SIP)
OL-18988-01
Chapter 3 Setting Up the Cisco Unified IP Phone
Configuring Startup Network Settings
Configuring Startup Network Settings
If you are not using DHCP in your network, you must configure these network settings on the
Cisco Unified IP Phone after installing the phone on the network:
•
IP address
•
IP subnet information
(subnet mask for IPv4 and subnet prefix length for IPv6)
•
Default gateway IP address
•
TFTP server IP address
You also may configure the domain name and the DNS server settings, if necessary.
Collect this information and see the instructions in
Chapter 4, “Configuring Settings on the Cisco
Unified IP Phone.”
Configuring Security on the Cisco Unified IP Phone
The security features protect against several threats, including threats to the identity of the phone and to
data. These features establish and maintain authenticated communication streams between the phone and
the Cisco Unified Communications Manager server, and digitally sign files before they are delivered.
For more information about the security features, see the
“Understanding Security Features for Cisco
Unified IP Phones” section on page 1-11
. Also, refer to Cisco Unified Communications Manager
Security Guide.
A Locally Significant Certificate (LSC) installs on phones after you perform the necessary tasks that are
associated with the Certificate Authority Proxy Function (CAPF). You can use
Cisco Unified Communications Manager Administration to configure an LSC, as described in
Cisco Unified Communications Manager Security Guide.
Alternatively, you can initiate the installation of an LSC from the Security Configuration menu on the
phone. This menu also lets you update or remove an LSC.
Before you do so, make sure that the appropriate Cisco Unified Communications Manager and the
Certificate Authority Proxy Function (CAPF) security configurations are complete:
•
The CTL file should have a CAPF certificate.
•
The CAPF certificate must exist in the /usr/local/cm/.security/certs folder in every server in the
cluster.
•
The CAPF is running and configured.
Refer to Cisco Unified Communications Manager Security Guide for more information.
Depending on how you have configured the CAPF, this procedure installs an LSC, updates an existing
LSC, or removes an existing LSC.
To configure an LSC on the phone, follow these steps:
Procedure
Step 1
Obtain the CAPF authentication code that was set when the CAPF was configured.
Step 2
From the phone, press the Applications Menu button, then choose Settings > Security Configuration.