Home » Linksys Manuals » Bridges & Routers » Linksys RTP300 » Manual Viewer

Linksys RTP300 User Guide - Page 59

Generating a Mini Certificate, Partners in Europe, the Middle East - password

UPC - 745883565658

Add to My Manuals
Save this manual to your list of manuals

Page 59 highlights

Secure Call Implementation The CA public key is used to verify the MC received from the other end. If the MC is invalid, the call will not switch to secure mode. The MC and the 1024-bit CA public key are concatenated and base64 encoded into the single parameter Mini Certificate. The 512-bit private key is base64 encoded into the SRTP Private Key parameter, which should be kept secret, like a password. (Mini Certificate and SRTP Private Key are configured in the Line tabs.) Because the secure call establishment relies on exchange of information embedded in message bodies of SIP INFO requests/responses, the service provider must ensure that the network infrastructure allows the SIP INFO messages to pass through with the message body unmodified. Generating a Mini Certificate Linksys provides a Mini Certificate Generator for the generation of mini certificates and private keys. • Partners in North America can find the Mini Certificate Generator on the SPA Utilities page at the Linksys Partner Connection (LPC) at Linksys.com. • Partners in Europe, the Middle East, and Africa can find the Mini Certificate Generator on the Firmware and Tools page at linksys-itsp.com. NOTE: The partner sites require a logon. The Mini Certificate Generator uses the following syntax: gen_mc ca-key user-name user-id expire-date Where: • ca-key is a text file with the base64 encoded 1024-bit CA private/public key pairs for signing/verifying the MC, such as the following: 9CC9aYU1X5lJuU+EBZmi3AmcqE9U1LxEOGwopaGyGOh3VyhKgi6JaVtQZt87PiJINKW8XQj3B9Qqe3VgYx WCQNa335YCnDsenASeBxuMIEaBCYd1l1fVEodJZOGwXwfAde0MhcbD0kj7LVlzcsTyk2TZYTccnZ75TuTj j13qvYs= 5nEtOrkCa84/mEwl3D9tSvVLyliwQ+u/Hd+C8u5SNk7hsAUZaA9TqH8Iw0J/ IqSrsf6scsmundY5j7Z5mK5J9uBxSB8t8vamFGD0pF4zhNtbrVvIXKI9kmp4vph1C5jzO9gDfs3MF+zjyY rVUFdM+pXtDBxmM+fGUfrpAuXb7/k= • user-name is the name of the subscriber, such as "Joe Smith". Maximum length is 32 characters • user-id is the User ID of the subscriber, which must match exactly the user-id used in the INVITE when making the call, such as "14083331234". The maximum length is 16 characters. • expire-date is the expiration date of the MC, such as "00:00:00 1/1/34" (34=2034). Internally the date is encoded as a fixed 12B string: 000000010134 Linksys ATA Administration Guide 59

Section	Page
Document Audience	8
Supported Firmware	9
Document Conventions	9
Document Purpose and Contents	10
Related Documentation	11
Online Resources	12
Copyright and Trademarks	12
Technical Support	12
Finding Information in PDF Files	13
Finding Text in a PDF	13
Finding Text in Multiple PDF Files	13
Introducing Linksys Analog Telephone Adapters	15
Comparison of ATA Devices	16
Linksys ATA Connectivity Requirements	18
Linksys PAP2T Connectivity	18
Linksys SPA2102 Connectivity	19
Linksys SPA3102 Connectivity	20
Linksys SPA8000 Connectivity	21
ATA Software Features	22
Voice Supported Codecs	22
SIP Proxy Redundancy	23
Other Linksys ATA Software Features	23
Basic Administration and Configuration of Your Linksys ATA Device	28
Basic Services and Equipment Required	28
Downloading Firmware	29
Basic Installation and Configuration	30
Upgrading the Firmware for the Linksys ATA Device	30
Setting up Your Linksys ATA Device	31
Using the Administration Web Server	31
Connecting to the Administration Web Server	32
Setting Up the WAN Configuration for Your Linksys ATA Device	32
Registering to the Service Provider	33
Advanced Configurations	34
Upgrading, Rebooting, and Resyncing Your Linksys ATA Device	34
Upgrade URL	34
Resync URL	35
Reboot URL	35
Provisioning Your Linksys ATA Device	35
Provisioning Capabilities	36
Configuration Profile	36
Configuring Your System for ITSP Interoperability	38
Network Address Translation (NAT) and Voice over IP (VoIP)	38
NAT Mapping with Session Border Controller	38
NAT Mapping with SIP-ALG Router	38
Configuring NAT Mapping with a Static IP Address	39
Configuring NAT Mapping with STUN	40
Determining Whether the Router Uses Symmetric or Asymmetric NAT	41
Firewalls and SIP	42
Configuring SIP Timer Values	43
Configuring Voice Services	44
Supported Codecs	44
Using a FAX Machine (SPA2102, SPA3102 or SPA8000)	45
Fax Troubleshooting	46
Managing Caller ID Service	47
Silence Suppression and Comfort Noise Generation	48
Configuring Dial Plans	49
About Dial Plans	49
Editing Dial Plans	55
Secure Call Implementation	57
Enabling Secure Calls	57
Secure Call Details	58
Using a Mini-Certificate	58
Generating a Mini Certificate	59
SIP Trunking and Hunt Groups on the SPA8000	61
About SIP Trunking	62
Setting the Trunk Group Call Capacity	64
Inbound Call Routing for a Trunk Group	64
Contact List for a Trunk Group	65
Outgoing Call Routing for a Trunk Group	66
Configuring a Trunk Group	67
Trunk Group Management	68
Setting the Hunt Policy	69
Additional Notes About Trunk Groups	69
Configuring Music on Hold	70
Using the Internal Music Source for Music On Hold	70
Using the Internal Music Source	70
Changing the Music File for the Internal Music Source	71
Configuring a Streaming Audio Server	71
About the Streaming Audio Server	71
Configuring the Streaming Audio Server	72
Using the IVR with an SAS Line	73
Configuring the PSTN (FXO) Gateway	74
Connecting to PSTN and VoIP Services	74
How VoIP-To-PSTN Calls Work	75
One-Stage Dialing	75
Two-Stage Dialing	76
How PSTN-To-VoIP Calls Work	77
Terminating Gateway Calls	77
VoIP Outbound Call Routing	78
Configuring VoIP Failover to PSTN	79
Sharing One VoIP Account Between the FXS and PSTN Lines	80
Other Options	81
PSTN Call to Ring Line 1	81
Symmetric RTP	81
Call Progress Tones	81
Call Scenarios	82
PSTN to VoIP Call with and Without Ring-Thru	82
VoIP to PSTN Call With and Without Authentication	83
Call Forwarding to PSTN Gateway	85
Linksys ATA Routing Field Reference	86
Status page	86
Product Information section	86
System Status section	87
WAN Setup page	87
Internet Connection Settings section	88
Static IP Settings section	88
PPPoE Settings section	88
Optional Settings section	89
MAC Clone Settings section	89
Remote Management section	90
QOS Settings section	90
VLAN Settings section	90
LAN Setup page	90
Networking Service section	91
LAN Networking Settings section	91
Static DHCP Lease Settings section	91
Application page	92
Port Forwarding Settings section	92
DMZ Settings section	92
Miscellaneous Settings section	93
System Reserved Ports Range section	93
Linksys ATA Voice Field Reference	94
Info page	94
Product Information section	95
System Status section	95
Line Status section	95
System Information section (PAP2T)	97
PSTN Line Status section (AG310 and SPA3102)	97
Trunk Status section (SPA8000)	99
System page	99
System Configuration section	100
Internet Connection Type section (PAP2T)	100
Optional Network Configuration section (PAP2T)	100
Miscellaneous Settings section (not used with PAP2T)	101
SIP page	102
SIP Parameters section	102
SIP Timer Values (sec) section	103
Response Status Code Handling section	105
RTP Parameters section	105
SDP Payload Types section	106
NAT Support Parameters section	107
Trunking Parameters section (SPA8000)	109
Regional page	110
Call Progress Tones section	110
Distinctive Ring Patterns section	112
Distinctive Call Waiting Tone Patterns section	113
Distinctive Ring/CWT Pattern Names section	113
Ring and Call Waiting Tone Spec section	114
Control Timer Values (sec) section	114
Vertical Service Activation Codes section	116
Vertical Service Announcement Codes section (SPA2102, SPA8000)	119
Outbound Call Codec Selection Codes section	120
Miscellaneous section	121
Line page	123
Line Enable section	124
Streaming Audio Server (SAS) section	124
NAT Settings section	125
Network Settings section	125
SIP Settings section	126
Call Feature Settings section	128
Proxy and Registration section	128
Subscriber Information section	130
Supplementary Service Subscription section	130
Audio Configuration section	132
Gateway Accounts section (SPA3102/AG310)	132
VoIP Fallback to PSTN section (SPA3102/AG310)	133
Dial Plan section	133
FXS Port Polarity Configuration section	135
Trunk Group page (SPA8000)	135
Line Enable section	135
Network Settings section	136
SIP Settings section	136
Subscriber Information section	138
Dial Plan section	139
NAT Settings section	139
Proxy and Registration section	140
PSTN Line page (AG310 and SPA3102)	141
Line Enable section	142
NAT Settings section	142
Network Settings section	142
SIP Settings section	143
Proxy and Registration section	145
Subscriber Information section	146
Audio Configuration section	146
Dial Plans section	149
VoIP-To-PSTN Gateway Setup section	149
VoIP Users and Passwords (HTTP Authentication) section	150
Ring Settings section	151
FXO (PSTN) Timer Values (sec) section	151
PSTN Disconnect Detection section	153
International Control (Settings) section	155
User page	156
Call Forward Settings section	157
Selective Call Forward Settings section	157
Speed Dial Settings section	158
Supplementary Service Settings section	158
Distinctive Ring Settings section	159
Ring Settings section	159
PSTN User page (AG310 and SPA3102)	160
PSTN-To-VoIP Selective Call Forward Settings section	160
PSTN-To-VoIP Speed Dial Settings section	161
PSTN Ring Thru Line 1 Distinctive Ring Settings section	161
PSTN Ring Thru Line 1 Ring Settings section	161
Provisioning Reference (WRP400)	162
Troubleshooting	171
Environmental Specifications	174
PAP2T	174
SPA2102	174
SPA3102	175
SPA8000	175
RTP300	176
WRP400	176
WRTP54G	177
AG310	177
Warranty Information	178
Limited Warranty	178
Exclusions and Limitations	178
Obtaining Warranty Service	179
Technical Support	179
Regulatory Information	180
Federal Communications Commission Interference Statement	180
Industry Canada Statement	180
Règlement d’Industry Canada	180
EC Declaration of Conformity (Europe)	181
User Information for Consumer Products Covered by EU Directive 2002/96/EC on Waste Electric and Electronic Equipment (WEEE)	181
Safety Information	188
Meaning of the Warning Symbol	188
General Safety Information	188
Power Safety Information	189
Software License Agreement	190
Software in Linksys Products:	190
Software Licenses:	190
Schedule 1 Linksys Software License Agreement	190
Schedule 2	192
Schedule 3	197

Match case Limit results 1 per page

Linksys ATA Administration Guide

Secure Call Implementation

The CA public key is used to verify the MC received from the other end. If the MC is invalid, the

call will not switch to secure mode. The MC and the 1024-bit CA public key are concatenated

and base64 encoded into the single parameter

Mini Certificate

. The 512-bit private key is base64

encoded into the

SRTP Private Key

parameter, which should be kept secret, like a password.

(

Mini Certificate

and

SRTP Private Key

are configured in the Line tabs.)

Because the secure call establishment relies on exchange of information embedded in message

bodies of SIP INFO requests/responses, the service provider must ensure that the network

infrastructure allows the SIP INFO messages to pass through with the message body

unmodified.

Generating a Mini Certificate

Linksys provides a Mini Certificate Generator for the generation of mini certificates and private

keys.

•

Partners in North America can find the Mini Certificate Generator on the

SPA Utilities

page at the Linksys Partner Connection (LPC) at

Linksys.com

•

Partners in Europe, the Middle East, and Africa can find the Mini Certificate Generator on

the

Firmware and Tools

page at

linksys-itsp.com

NOTE: The partner sites require a logon.

The Mini Certificate Generator uses the following syntax:

gen_mc

ca-key user-name user-id expire-date

Where:

•

ca-key

is a text file with the base64 encoded 1024-bit CA private/public key pairs for

signing/verifying the MC, such as the following:

9CC9aYU1X5lJuU+EBZmi3AmcqE9U1LxEOGwopaGyGOh3VyhKgi6JaVtQZt87PiJINKW8XQj3B9Qqe3VgYx

WCQNa335YCnDsenASeBxuMIEaBCYd1l1fVEodJZOGwXwfAde0MhcbD0kj7LVlzcsTyk2TZYTccnZ75TuTj

j13qvYs=

5nEtOrkCa84/mEwl3D9tSvVLyliwQ+u/Hd+C8u5SNk7hsAUZaA9TqH8Iw0J/

IqSrsf6scsmundY5j7Z5mK5J9uBxSB8t8vamFGD0pF4zhNtbrVvIXKI9kmp4vph1C5jzO9gDfs3MF+zjyY

rVUFdM+pXtDBxmM+fGUfrpAuXb7/k=

•

user-name

is the name of the subscriber, such as “Joe Smith”. Maximum length is 32

characters

•

user-id

is the User ID of the subscriber, which must match exactly the user-id used in the

INVITE when making the call, such as “14083331234”. The maximum length is 16

characters.

•

expire-date

is the expiration date of the MC, such as “00:00:00 1/1/34” (34=2034).

Internally the date is encoded as a fixed 12B string: 000000010134