Filter
Top Products
7-16
Cisco Unified IP Phone 8961, 9951, and 9971 Administration Guide for Cisco Unified Communications Manager 8.5 (SIP)
OL-20861-01
Chapter 7 Configuring Settings on the Cisco Unified IP Phone
Security Setup Menu
VPN Configuration Menu
The VPN Configuration menu allows you to enable the VPN Client connection using the Secure Sockets
Layer (SSL). The VPN connection is used when a phone is located outside a trusted network or when
network traffic between the phone and Unified CM must cross untrusted networks.
Your system administrator determines if your phone should be configured with the VPN functionality
and enables the VPN feature.
If your phone is configured for VPN, the status of Auto-Detect Network Connection, which is configured
on the UCM server, determines if a VPN connection is possible:
• If Auto-Detect Network Connection is disabled, a VPN connection is possible. The Sign In screen
appears, and you are prompted for
credentials based on the authentication method that your system
administrator configured on your
phone. (On the phone in the Applications > VPN window, you can
toggle the VPN Enabled field to On or Off to turn on or off the phone’s ability to attempt a VPN
connection.)
• If Auto-Detect Network Connection is enabled, you cannot connect through VPN, so the Sign In
screen does not appear, and you are not
prompted for credentials.
Connecting to VPN
Use this procedure to connect through VPN.
Procedure Steps
Step 1 After you turn on your phone and the Sign In screen for VPN Client appears (except with certificate
authentication mode), enter your credentials based on the configured authentication method:
• Username and password—Enter the username and the password that your system administrator
gave
you.
• Certificate and password—Enter the password that your system administrator gave you. Your
username is derived from the certificate.
• Certificate—If the phone uses only a certificate for authentication, the Sign In screen does not
appear, and phone displays the status of the phone attempting the VPN
connection.
Transaction Status • State—Displays the state of 802.1x authentication:
–
Disconnected—Indicates that 802.1x
authentication is not configured on the phone.
–
Authenticated—Indicates that the phone has
been authenticated.
–
Held—Indicates that the authentication process
is in progress.
• Protocol—Displays the EAP method used for
802.1x authentication (can be EAP-MD5,
EAP-FAST or EAP-TLS).
Display only—Cannot configure.
Table 7-6 802.1X Authentication Settings (continued)
Option Description To Change