Home » Cisco Manuals » Telephony » Cisco 7920 » Manual Viewer

Cisco 7920 Administration Guide - Page 47

Security Mechanisms in the Wireless Network - remote control

UPC - 746320774732

Add to My Manuals
Save this manual to your list of manuals

Page 47 highlights

Chapter 2 An Overview of the Wireless Network Components of the VoIP Wireless Network Security Mechanisms in the Wireless Network Before a wireless device can communicate on the network, it must authenticate with the access point or the network by using an authentication method. The Cisco Wireless IP Phone 7920 can use these authentication methods in the WLAN: • Open Authentication-In an Open system, any wireless device can request authentication. The access point that receives the request may grant authentication to any requestor or only to requestors on a list of users. Communication between the wireless device and access point could be non-encrypted or devices can use WEP keys to provide security. Devices that are using WEP only attempt to authenticate with an access point that is using WEP. • Shared Key Authentication-During shared key authentication, the access point sends an unencrypted challenge text string to any device attempting to communicate with the access point. The device that is requesting authentication encrypts the challenge text using a pre-configured WEP key and sends it back to the access point. If the challenge text is encrypted correctly, the access point allows the requesting device to authenticate. A device can authenticate only if its WEP keys match the WEP keys on the access points. Shared key authentication can be less secure than open authentication with WEP because someone can monitor the challenges. An intruder can calculate the WEP key by comparing the unencrypted and encrypted challenge text strings. • WPA Pre-Shared Key (PSK) Authentication-The access point and the phone are configured with the same authentication key. The pre-shared key (or password phrase) is used to create unique pair-wise keys that are exchanged between each phone and the access point. You can configure the password phrase as a 64-character hexadecimal string or as an ASCII password of from 8 to 63 characters in length. Because the pre-shared key password is stored on the phone, it can be compromised if the phone is lost or stolen. • LEAP Authentication-For maximum security, client devices can authenticate to the network by using a Remote Authentication Dial-in User Service (RADIUS) server such as the Cisco Access Control Server (ACS). OL-7104-01 Cisco Wireless IP Phone 7920 Administration Guide for Cisco CallManager Release 4.0 and 4.1 2-13

Section	Page
Cisco Wireless IP Phone 7920 Administration Guide for Cisco CallManager Release 4.0 and 4.1	1
Contents	5
Preface	13
Overview	13
Audience	13
Objectives	14
Organization	14
Related Documentation	15
Obtaining Documentation	16
Cisco.com	16
Documentation DVD	16
Ordering Documentation	17
Documentation Feedback	17
Cisco Product Security Overview	18
Reporting Security Problems in Cisco Products	18
Obtaining Technical Assistance	19
Cisco Technical Support Website	19
Submitting a Service Request	20
Definitions of Service Request Severity	21
Obtaining Additional Publications and Information	21
Document Conventions	22
An Overview of the Cisco Wireless IP Phone 7920	29
Understanding the Cisco Wireless IP Phone 7920	29
Features Supported on the Cisco Wireless IP Phone 7920	31
Configuring Telephony Features	32
Configuring Network Features for the Cisco Wireless IP Phone	33
Providing Users with Feature Information	34
An Overview of the Wireless Network	35
Understanding the Wireless LAN	35
The 802.11 Standards for Wireless LAN Communications	36
Connecting to the Wireless Network	37
Securing Voice Communications	38
Components of the VoIP Wireless Network	39
Networking Protocols Used with Cisco Wireless IP Phones	40
Interacting with the Cisco Aironet Access Point	42
Roaming in a Wireless Network	44
Voice Quality in a Wireless Network	46
Security Mechanisms in the Wireless Network	47
Encryption Methods	48
Choosing Authentication and Encryption Methods	49
Interacting with Cisco CallManager	51
Phone Configuration Files and Profile Files	51
Interacting with the DHCP Server	52
Wireless Network and Access Point Configuration	53
Understanding the Phone Startup Process	55
Setting Up Cisco Wireless IP Phones	61
Preparing to Install the Cisco Wireless IP Phone 7920	61
Network Requirements	62
Phone Configuration Tasks	62
Configuring IP Phones in Cisco CallManager	66
Adding Phones to the Cisco CallManager Database	67
Adding Phones with Auto-Registration	68
Using Auto-Registration Prior to Release 3.3(3)SR1	68
Adding Phones with Auto-Registration and TAPS	69
Adding Phones with BAT	70
Determining the MAC Address of a Cisco IP Phone	70
Adding Phones with Cisco CallManager Administration	71
Support for the Cisco 7920 Phone Type	71
Re-registering the Phone Using the Cisco 7920 Phone Type	72
Installing the Cisco Wireless IP Phone 7920	73
Safety and Performance Information	74
Providing Power to the Cisco IP Phone	77
Installing or Removing the Phone Battery	77
Charging the Battery	79
Using the Desktop Charger	81
Powering On the Wireless IP Phone 7920	83
Active and Standby Phone Modes	84
Startup Settings for a Network Without DHCP	85
Using the Cisco 7920 Configuration Utility	87
How to Install the Cisco 7920 Configuration Utility	87
System Requirements	88
Installing the Cisco 7920 Configuration Utility	89
Uninstalling the Cisco 7920 Configuration Utility	90
How to Use the Cisco 7920 Configuration Utility	90
Cisco 7920 Configuration Utility Overview	90
Connecting the Cisco 7920 Configuration Utility to a Phone	91
Activating the USB Port on the Phone	91
Connecting to the Cisco Wireless IP Phone	91
Overview of the Application Windows	92
Current Phone Settings Window	93
Connection Status Bar Information	94
Using the Configuration Utility Menus	95
Using the Connection Menu	96
Using the Configuration Wizard	100
Phone Profile Window	102
Task Buttons	102
Using the Phone Profile Window	104
Configuring a Network Profile	104
Configuring Phone Settings	111
Configuring User Profiles	115
Setting the Phone Lock Password	117
Configuring the Phone Book	119
Configuring Speed-Dial Hot Keys	120
Creating a Configuration Template	121
Log History Window	122
Troubleshooting the Network Connection for the Cisco 7920 Configuration Utility	123
Configuring Network Profiles on the Cisco Wireless IP Phone 7920	125
Accessing Network Profile Settings on the Phone	126
Displaying the Network Profile Menu	126
Configuring Network Profile Settings	127
Modifying DHCP Settings	128
Enabling or Disabling DHCP	129
Configuring Static Settings	130
Guidelines for Editing Settings in the Network Profile Menu	132
Configuring TFTP Option	133
Configuring Wireless Settings for the Profile	134
Displaying the 802.11b Configuration Menu	134
Wireless Settings Options in the 802.11b Configuration Menu	136
Choosing Authentication and Encryption Settings	137
Entering or Verifying Wireless Settings	138
Setting Up the Service Set Identifier (SSID)	138
Selecting the Authentication Type	139
Setting the Cisco Light Extensible Authentication Protocol (LEAP)	140
Selecting the Wireless Protected Access (WPA) Pre-Shared Key Type	143
Setting Up the Wired Equivalent Privacy (WEP) Keys	143
Applying Changes to Wireless Settings and Network Profiles	145
Changing the Profile Name	146
Verifying the Wireless Network Configuration on the Cisco Wireless IP Phone	147
Displaying the Network Configuration Menu	148
Verifying the Current Configuration Settings	149
Viewing the Current Configuration	151
Viewing the Media Access Control Address	151
Verifying Wireless Settings	152
Performing a Site Survey Verification	153
Site Survey Verification	154
Using the Cisco Wireless IP Phone 7920 Site Survey Utility	155
Requirements for an Optimal Wireless Voice Environment	156
Configuring Features, Templates, Services, and Users	159
Configuring Cisco Wireless IP Phones in Cisco CallManager	160
Product Specific Configuration Options	160
Access to Phone Menu Options	160
Idle Phone Softkeys	161
Cisco CallManager Softkeys	161
Setting Up the Idle URL for a Cisco Wireless IP Phone 7920	161
Configuring Telephony Features	161
Configuring Softkey Templates	166
Setting Up IP Phone Services	168
Configuring Corporate and Personal Directories	170
Configuring Corporate Directories	170
Configuring Personal Directory	171
Adding Users to Cisco CallManager	171
Creating Custom Phone Rings	172
Downloading Loud Ring Tones	172
Viewing Status, Statistics, and Firmware Information on the Cisco Wireless IP Phone 7920	175
Viewing the Current Configuration	175
Viewing Network Statistics	176
Viewing Firmware Versions	177
Viewing the Hardware Information	178
Troubleshooting the Cisco Wireless IP Phone 7920	181
Resolving Startup and Connectivity Problems	182
Symptom: The Cisco Wireless IP Phone Does Not Complete the Normal Start Up Process	182
Symptom: The Cisco Wireless IP Phone Does Not Associate with a Cisco Aironet Access Point	183
Verifying Access Point Settings	183
Symptom: The Cisco Wireless IP Phone Does Not Register with Cisco CallManager	185
Registering the Phone with Cisco CallManager	185
Checking Network Connectivity	186
Verifying TFTP Server Settings	186
Verifying IP Addressing	187
Verifying DNS Settings	188
Verifying Cisco CallManager Settings	188
Cisco CallManager and TFTP Services Are Not Running	189
Creating a New Configuration File	190
Resolving Voice Quality and Roaming Problems	191
Symptom: Cisco Wireless IP Phone Resets Unexpectedly	191
Verifying Access Point Settings	191
Identifying Intermittent Network Outages	192
Verifying DHCP Settings	192
Verifying Voice VLAN Configuration	192
Verifying that the Phones Have Not Been Intentionally Reset	193
Eliminating DNS or Other Connectivity Errors	193
Symptom: The Cisco Wireless IP Phone Has Audio Problems	194
No Audio During a Connected Call	194
One-Way Audio During a Connected Call	194
Symptom: The Cisco Wireless IP Phone Does Not Roam Properly	195
Voice Quality Deteriorates While Roaming	196
Delays in Voice Conversation While Roaming	196
Phone Loses Connection with Cisco CallManager While Roaming	196
General Troubleshooting Information	197
Troubleshooting Tips for the Cisco Wireless IP Phone 7920	197
Logging Information for Troubleshooting	200
Using a System Log Server	200
Using the Trace Route Option on the Cisco Wireless IP Phone	200
Administration Options on the Phone Menus	201
Accessing Hidden Options on the Phone Menus	201
Using Hidden Options on the Phone Menus	202
Erasing the Local Configuration	202
Using Power Save Mode	203
Setting the Softkey Option	203
Performing a Trace Route	204
Selecting the Data Rate	205
Selecting the Transmit Power	206
Changing the Cisco Discovery Protocol Settings	207
Cisco 7920 Configuration Utility Troubleshooting Tips	208
Troubleshooting Information for Basic Problems	208
Windows User Interface Operation Errors	209
TCP Connection Errors	209
File Format or File Access Errors	210
TFTP or Network Errors	211
Security Errors	212
Where to Go for More Troubleshooting Information	212
Providing Information to Users By Using a Website	215
How Wireless IP Phones Operate	215
How Users Get Copies of Cisco IP Phone Manuals	217
How Users Configure Phone Features and Services	217
How Users Access Voice Messages	218
Supporting International Users	221
Physical and Operating Environment Specifications	223

Match case Limit results 1 per page

2-13

Cisco Wireless IP Phone 7920 Administration Guide for Cisco CallManager Release 4.0 and 4.1

OL-7104-01

Chapter 2

An Overview of the Wireless Network

Components of the VoIP Wireless Network

Security Mechanisms in the Wireless Network

Before a wireless device can communicate on the network, it must authenticate

with the access point or the network by using an authentication method. The

Cisco Wireless IP Phone 7920 can use these authentication methods in the

WLAN:

•

Open Authentication—In an Open system, any wireless device can request

authentication. The access point that receives the request may grant

authentication to any requestor or only to requestors on a list of users.

Communication between the wireless device and access point could be

non-encrypted or devices can use WEP keys to provide security. Devices that

are using WEP only attempt to authenticate with an access point that is using

WEP.

•

Shared Key Authentication—During shared key authentication, the access

point sends an unencrypted challenge text string to any device attempting to

communicate with the access point. The device that is requesting

authentication encrypts the challenge text using a pre-configured WEP key

and sends it back to the access point. If the challenge text is encrypted

correctly, the access point allows the requesting device to authenticate. A

device can authenticate only if its WEP keys match the WEP keys on the

access points.

Shared key authentication can be less secure than open authentication with

WEP because someone can monitor the challenges. An intruder can calculate

the WEP key by comparing the unencrypted and encrypted challenge text

strings.

•

WPA Pre-Shared Key (PSK) Authentication—The access point and the phone

are configured with the same authentication key. The pre-shared key (or

password phrase) is used to create unique pair-wise keys that are exchanged

between each phone and the access point. You can configure the password

phrase as a 64-character hexadecimal string or as an ASCII password of from

8 to 63 characters in length. Because the pre-shared key password is stored

on the phone, it can be compromised if the phone is lost or stolen.

•

LEAP Authentication—For maximum security, client devices can

authenticate to the network by using a Remote Authentication Dial-in User

Service (RADIUS) server such as the Cisco Access Control Server (ACS).