Home » Cisco Manuals » Telephony » Cisco 6941 » Manual Viewer

Cisco 6941 Administration Guide - Page 84

Settings > Security Configuration > 802.1X, Security Config > 802.1X Authentication &gt - cp -

UPC - 882658277801

Add to My Manuals
Save this manual to your list of manuals

Page 84 highlights

Security Configuration Menu Chapter Table 4-5 802.1X Authentication Settings Option Device Authentication EAP-MD5 Transaction Status Description To Change Determines whether 802.1X authentication is enabled: • Enabled-Phone uses 802.1X authentication to request network access. • Disabled-Default setting in which the phone uses CDP to acquire VLAN and network access. 1. Choose Applications > Admin Settings > Security Config > 802.1X Authentication > Device Authentication. 2. Press Edit softkey. 3. Set the Device Authentication option to Enabled or Disabled. 4. Press the Save softkey. Device ID-A derivative of the phone's model number and unique MAC address displayed in this format: CP--SEP- 1. Choose Applications > Admin Settings > Security Config > 802.1X Authentication > EAP/MD5 > Device ID. 2. Press the Edit softkey. 3. Set the Device ID. 4. Press the Save softkey. Shared Secret-Choose a password to use on the phone and on the authentication server. The password must be between 6 and 32 characters, consisting of any combination of numbers or letters. Note If you disable 802.1X authentication or perform a factory reset of the phone, the shared secret is deleted. 1. Choose Applications > Admin Settings > Security Config > 802.1X Authentication > EAP-MD5 > Shared Secret. 2. Press the Edit softkey. 3. Enter the shared secret. 4. Press the Save softkey. See the "Troubleshooting Cisco Unified IP Phone Security" section on page 9-8 for assistance in recovering from a deleted shared secret. Realm-Indicates the user network domain, 1. Choose Applications > Admin Settings > always set as Network. Security Config > 802.1X Authentication > EAP-MD5 > Realm. 2. Press the Edit softkey. 3. Enter the Network. 4. Press the Save softkey. Displays the transaction status of your 802.1X Authentication. To view the transaction status of your 802.1X Authentication, choose Applications > Admin Settings > Security Configuration > 802.1X Authentication Status. 4-10 Cisco Unified IP Phone 6921, 6941, 6945, and 6961 Administration Guide for Cisco Unified Communications Manager 8.5 (SCCP and SIP) OL-23769-01

Section	Page
Cisco Unified IP Phone 6921, 6941, 6945, and 6961 Administration Guide for Cisco Unified Communications Manager 8.5 (SCCP and SIP)	1
Contents	3
Preface	9
An Overview of the Cisco Unified IP Phone	13
Understanding the Cisco Unified IP Phones 6921, 6941, 6945, and 6961	14
What Networking Protocols are Used?	21
What Features are Supported on the Cisco Unified IP Phone 6921, 6941, and 6961?	24
Feature Overview	25
Configuring Telephony Features	25
Configuring Network Parameters Using the Cisco Unified IP Phone	26
Providing Users with Feature Information	26
Understanding Security Features for Cisco Unified IP Phones	26
Overview of Supported Security Features	28
Understanding Security Profiles	30
Identifying Encrypted Phone Calls	30
Establishing and Identifying Secure Conference Calls	31
Establishing and Identifying Protected Calls	31
Call Security Interactions and Restrictions	32
Supporting 802.1X Authentication on Cisco Unified IP Phones	33
Overview	33
Required Network Components	33
Best Practices-Requirements and Recommendations	33
Security Restrictions	34
Overview of Configuring and Installing Cisco Unified IP Phones	34
Configuring Cisco Unified IP Phones in Cisco Unified CM	35
Checklist for Configuring the Cisco Unified IP Phones 6921, 6941, 6945, and 6961 in Cisco Unified CM	36
Installing Cisco Unified IP Phones	39
Checklist for Installing the Cisco Unified IP Phone 6921, 6941, and 6961	39
Terminology Differences	41
Preparing to Install the Cisco Unified IP Phone on Your Network	43
Understanding Interactions with Other Cisco Unified IP Telephony Products	43
Understanding How the Cisco Unified IP Phone Interacts with Cisco Unified CM	44
Understanding How the Cisco Unified IP Phone Interacts with the VLAN	44
Providing Power to the Cisco Unified IP Phone	45
Power Guidelines	46
Power Outage	46
Obtaining Additional Information about Power	47
Understanding Phone Configuration Files	47
Understanding the Phone Startup Process	49
Adding Phones to the Cisco Unified CM Database	50
Adding Phones with Auto-Registration	51
Adding Phones with Auto-Registration and TAPS	52
Adding Phones with Cisco Unified CM Administration	52
Adding Phones with BAT	53
Using Cisco Unified IP Phones with Different Protocols	53
Converting a New Phone from SCCP to SIP	53
Converting an In-Use Phone from One Protocol to the Other Protocol	54
Deploying a Phone in an SCCP and SIP Environment	54
Determining the MAC Address for a Cisco Unified IP Phone	55
Setting Up the Cisco Unified IP Phone	57
Before You Begin	57
Network Requirements	57
Cisco Unified Communications Manager Configuration	58
Understanding the Cisco Unified IP Phones 6921, 6941, 6945, and 6961 Components	58
Network and Access Ports	58
Handset	59
Speakerphone	59
Headset	59
Audio Quality Subjective to the User	60
Connecting a Headset	60
Disabling a Headset	60
Using External Devices	60
Installing the Cisco Unified IP Phone	61
Reducing Power Consumption on the Phone	66
Footstand	66
Higher Viewing Angle	70
Lower Viewing Angle	71
Mounting the Phone to the Wall	71
Verifying the Phone Startup Process	71
Configuring Startup Network Settings	72
Configuring Security on the Cisco Unified IP Phone	72
Configuring Settings on the Cisco Unified IP Phone	75
Configuration Menus on the Cisco Unified IP Phone	75
Displaying a Configuration Menu	76
Unlocking and Locking Options	77
Editing Values	77
Network Setup Menu	78
IPv4 Setup Menu Options	80
Security Configuration Menu	83
Trust List Menu	83
802.1X Authentication and Status	83
Configuring Features, Templates, Services, and Users	85
Telephony Features Available for the Cisco Unified IP Phone	85
Join and Direct Transfer Policy	99
Configuring Corporate and Personal Directories	100
Configuring Corporate Directories	100
Configuring Personal Directory	100
Modifying Phone Button Templates	101
Modifying a Phone Button Template for Personal Address Book or Speed Dials	102
Configuring Softkey Templates	103
Setting Up Services	105
Adding Users to Cisco Unified Communications Manager	106
Managing the User Options Web Pages	106
Giving Users Access to the User Options Web Pages	106
Specifying Options that Appear on the User Options Web Pages	108
Configuring the Phone to Support Call Waiting	109
Customizing the Cisco Unified IP Phone	111
Customizing and Modifying Configuration Files	111
Creating Custom Phone Rings	112
DistinctiveRingList File Format Requirements	112
PCM File Requirements for Custom Ring Types	113
Configuring a Custom Phone Ring	113
Configuring the Idle Display	114
Automatically Disabling the Cisco Unified IP Phone Backlight	114
Viewing Model Information, Status, and Statistics on the Cisco Unified IP Phone	117
Model Information Screen	117
Status Menu	118
Status Messages Screen	118
Network Statistics Screen	122
Call Statistics Screen	124
Security Configuration	126
Monitoring the Cisco Unified IP Phone Remotely	129
Accessing the Web Page for a Phone	130
Disabling and Enabling Web Page Access	131
Device Information	131
Network Setup	132
Network Statistics	135
Device Logs	137
Streaming Statistics	137
Troubleshooting and Maintenance	141
Resolving Startup Problems	141
Symptom: The Cisco Unified IP Phone Does Not Go Through its Normal Startup Process	142
Symptom: The Cisco Unified IP Phone Does Not Register with Cisco Unified Communications Manager	142
Identifying Error Messages	143
Checking Network Connectivity	143
Verifying TFTP Server Settings	143
Verifying IP Addressing and Routing	143
Verifying DNS Settings	144
Cisco CallManager and TFTP Services Are Not Running	144
Creating a New Configuration File	144
Registering the Phone with Cisco Unified Communications Manager	145
Symptom: Cisco Unified IP Phone Unable to Obtain IP Address	145
Cisco Unified IP Phone Resets Unexpectedly	146
Verifying the Physical Connection	146
Identifying Intermittent Network Outages	146
Verifying DHCP Settings	146
Checking Static IP Address Settings	147
Verifying the Voice VLAN Configuration	147
Verifying that the Phones Have Not Been Intentionally Reset	147
Eliminating DNS or Other Connectivity Errors	147
Checking Power Connection	148
Troubleshooting Cisco Unified IP Phone Security	148
General Troubleshooting Tips	149
Resetting or Restoring the Cisco Unified IP Phone	152
Performing a Basic Reset	152
Performing a Factory Reset	152
Monitoring the Voice Quality of Calls	153
Troubleshooting Tips	154
Using Voice-Quality Metrics	154
Where to Go for More Troubleshooting Information	155
Cleaning the Cisco Unified IP Phone	155
Providing Information to Users Via a Website	157
How Users Obtain Support for the Cisco Unified IP Phone	157
Giving Users Access to the User Options Web Pages	157
How Users Subscribe to Services and Configure Phone Features	158
How Users Access a Voice Messaging System	158
How Users Configure Personal Directory Entries	159
Installing and Configuring the Cisco Unified IP Phone Address Book Synchronizer	159
Supporting International Users	161
Installing the Cisco Unified CM Locale Installer	161
Support for International Call Logging	161
Technical Specifications	163
Physical and Operating Environment Specifications	163
Cable Specifications	164
Network and Access Port Pinouts	164
Basic Phone Administration Steps	167
Example User Information for these Procedures	167
Adding a User to Cisco Unified CM	168
Adding a User From an External LDAP Directory	168
Adding a User Directly to Cisco Unified Communications Manager	168
Configuring the Phone	169
Performing Final End User Configuration Steps	172
Installing the Wall Mount Kit for the Cisco Unified IP Phones 6921, 6941, 6945, and 6961	173
Before You Begin	174
Installing the Bracket	174
Feature Support by Protocol for the Cisco Unified IP Phone 6921, 6941, 6945, and 6961	181

Match case Limit results 1 per page

4-10

Cisco Unified IP Phone 6921, 6941, 6945, and 6961 Administration Guide for Cisco Unified Communications Manager 8.5 (SCCP and SIP)

OL-23769-01

Chapter

Security Configuration Menu

Table 4-5

802.1X Authentication Settings

Option

Description

To Change

Device Authentication

Determines whether 802.1X authentication

is enabled:

•

Enabled

—Phone uses 802.1X

authentication to request network

access.

•

Disabled

—Default setting in which the

phone uses CDP to acquire VLAN and

network access.

Choose

Applications > Admin Settings >

Security Config > 802.1X Authentication >

Device Authentication

Press

Edit

softkey.

Set the Device Authentication option to

Enabled or Disabled.

Press the

Save

softkey.

EAP-MD5

Device ID—A derivative of the phone’s

model number and unique MAC address

displayed in this format:

CP-<

model

>-SEP-<

MAC

Choose

Applications > Admin Settings >

Security Config > 802.1X Authentication >

EAP/MD5 > Device ID

Press the

Edit

softkey

Set the Device ID.

Press the

Save

softkey.

Shared Secret—Choose a password to use on

the phone and on the authentication server.

The password must be between 6 and 32

characters, consisting of any combination of

numbers or letters.

Note

If you disable 802.1X authentication

or perform a factory reset of the

phone, the shared secret is deleted.

Choose

Applications > Admin Settings >

Security Config > 802.1X Authentication >

EAP-MD5 > Shared Secret

Press the

Edit

softkey

Enter the shared secret.

Press the

Save

softkey.

See the

“Troubleshooting Cisco Unified IP Phone

Security” section on page 9-8

for assistance in

recovering from a deleted shared secret.

Realm—Indicates the user network domain,

always set as

Network.

Choose

Applications > Admin Settings >

Security Config > 802.1X Authentication >

EAP-MD5 > Realm

Press the

Edit

softkey

Enter the Network.

Press the

Save

softkey.

Transaction Status

Displays the transaction status of your

802.1X Authentication.

To view the transaction status of your 802.1X

Authentication, choose

Applications > Admin

Settings > Security Configuration > 802.1X

Authentication Status