Cisco TelePresence System Codec C40/C60 and Profiles using C40/60
Contents
Network [1..1] IEEE8021X TlsVerify
Verification of the server-side certificate of an IEEE802.1x connection against the certificates in
the local CA-list when TLS is used. The CA-list must be uploaded to the video system. This can
be done from the web interface.
This setting takes effect only when Network [1..1] IEEE8021X Eap Tls is enabled (On).
Requires user role: ADMIN
Value space: <Off/On>
Off: When set to Off, TLS connections are allowed without verifying the server-side X.509
certificate against the local CA-list. This should typically be selected if no CA-list has been
uploaded to the codec.
On: When set to On, the server-side X.509 certificate will be validated against the local CA-
list for all TLS connections. Only servers with a valid certificate will be allowed.
Network 1 IEEE8021X TlsVerify: Off
Example:
Network [1..1] IEEE8021X UseClientCertificate
Authentication using a private key/certificate pair during an IEEE802.1x connection. The
authentication X.509 certificate must be uploaded to the video system. This can be done from
the web interface.
Requires user role: ADMIN
Value space: <Off/On>
Off: When set to Off client-side authentication is not used (only server-side).
On: When set to On the client (video system) will perform a mutual authentication TLS
handshake with the server.
Network 1 IEEE8021X UseClientCertificate: Off
Example:
Network [1..1] IEEE8021X Identity
The 802.1X Identity is the user name needed for 802.1X authentication.
Requires user role: ADMIN
Value space: <S: 0, 64>
Format: String with a maximum of 64 characters.
Network 1 IEEE8021X Identity: ""
Example:
D14636.13 Profile C60-C40 and Codec C60-C40 Administrator Guide TC7.0, DECEMBER 2013.
Introduction
Web interface
System settings
System settings
Network [1..1] IEEE8021X Password
The 802.1X Password is the password needed for 802.1X authentication.
Requires user role: ADMIN
Value space: <S: 0, 32>
Format: String with a maximum of 32 characters.
Network 1 IEEE8021X Password: ""
Example:
Network [1..1] IEEE8021X AnonymousIdentity
The 802.1X Anonymous ID string is to be used as unencrypted identity with EAP (Extensible
Authentication Protocol) types that support different tunneled identity, like EAP-PEAP and EAP-
TTLS. If set, the anonymous ID will be used for the initial (unencrypted) EAP Identity Request.
Requires user role: ADMIN
Value space: <S: 0, 64>
Format: String with a maximum of 64 characters.
Network 1 IEEE8021X AnonymousIdentity: ""
Example:
Network [1..1] IEEE8021X Eap Md5
Set the Md5 (Message-Digest Algorithm 5) mode. This is a Challenge Handshake
Authentication Protocol that relies on a shared secret. Md5 is a Weak security.
Requires user role: ADMIN
Value space: <Off/On>
Off: The EAP-MD5 protocol is disabled.
On: The EAP-MD5 protocol is enabled (default).
Network 1 IEEE8021X Eap Md5: On
Example:
www.cisco.com — Copyright © 2010-2013 Cisco Systems, Inc. All rights reserved.
84
Administrator Guide
Setting passwords
Appendices