Plantronics + Polycom. Now together as Poly Logo

VVX600 Edge Server - SCHANEL Protocols required on IIS? PCT 1.0, SSL 2.0, SSL 3.0, TLS 1.0

SOLVED
Frequent Advisor

VVX600 Edge Server - SCHANEL Protocols required on IIS? PCT 1.0, SSL 2.0, SSL 3.0, TLS 1.0

Hi,

 

we run a number of VVX600 hard sents with firmware 5.5.2.8571

 

are part of the PCI complance for our credit card terminal we were asked to disbale SSL 3.0 & TLS 1.0 protocols on our public facing IIS servers (which included S4B Edge Server)

 

i disabled the following Protocols  as i beleive they are all insecure:

 

PCT 1.0

SSL 2.0

SSL 3.0

TLS 1.0

 

after this the VVX handsets would not sign in.

 

(1) which of the above list are required for VVX handsets to comunicate with the Edge Server?

 

(2) can TLS 1.1 or 1.2 be used instead?

 

thanks

 

jack

 

 

Message 1 of 9
8 REPLIES 8
Polycom Employee & Community Manager

Re: VVX600 Edge Server - SCHANEL Protocols required on IIS? PCT 1.0, SSL 2.0, SSL 3.0, TLS 1.0

Hello Jack,

 

this community can only work if you follow up your old posts.

 

Did you get Consumer Skype working as mentioned => here <=

 

Yes or No ?

 

The above is just an example post as there are many more => here <=

 

For your new Question this would be a Microsoft question as the Edge Server is their product so I would ask in one of their community's or open a support ticket with them.

 

You can always come back here and follow this up for others to learn.

 

Best Regards

 

Steffen Baier




<======== Signature / Disclaimer ========>
Please be aware:For questions about the type of support to expect please check here

Please also ensure you always check the VoIP , Video Endpoint , Skype for Business , PSTN or RPM FAQ's

Please remember, if you see a post that helped you , and it answers your question, please mark it as an "Accept as Solution".

The title Polycom Employee & Community Manager is an automatic setting within the community and any forum reply or post is based upon my personal experience and does not reflect the opinion or view of my employer.
Poly employee participation within this community is not mandatory and any post or FAQ article provided by myself is done either during my working hours or outside working hours, in my private time, and maybe answered on weekends, bank holidays or personal holidays.
Message 2 of 9
Highlighted
Frequent Advisor

Re: VVX600 Edge Server - SCHANEL Protocols required on IIS? PCT 1.0, SSL 2.0, SSL 3.0, TLS 1.0

i only updated the handsets today for all the employees so we are waiting for our Turkish office to do some test calls

Message 3 of 9
Frequent Advisor

Re: VVX600 Edge Server - SCHANEL Protocols required on IIS? PCT 1.0, SSL 2.0, SSL 3.0, TLS 1.0

Steffen,

 

as you can see from the attached screenshot - there is no TLS 1.1 or 1.2 option for Provisioning or Web Services.

 

is there a way to enable this?

 

thanks

 

jack

 

Polycom Employee & Community Manager

Re: VVX600 Edge Server - SCHANEL Protocols required on IIS? PCT 1.0, SSL 2.0, SSL 3.0, TLS 1.0

Hello Jack,

Future version will add security enhancement and the retiring of certain TLS versions etc.

 

I am unable to talk about this in public so I can only advise you to check with your Polycom reseller and/or get in touch with a Polycom sales engineer so you can access maybe our Beta Program.


Please ensure to provide some feedback if this reply has helped you so other users can profit from your experience.

Best Regards

Steffen Baier

Polycom Global Services




<======== Signature / Disclaimer ========>
Please be aware:For questions about the type of support to expect please check here

Please also ensure you always check the VoIP , Video Endpoint , Skype for Business , PSTN or RPM FAQ's

Please remember, if you see a post that helped you , and it answers your question, please mark it as an "Accept as Solution".

The title Polycom Employee & Community Manager is an automatic setting within the community and any forum reply or post is based upon my personal experience and does not reflect the opinion or view of my employer.
Poly employee participation within this community is not mandatory and any post or FAQ article provided by myself is done either during my working hours or outside working hours, in my private time, and maybe answered on weekends, bank holidays or personal holidays.
Message 5 of 9
Frequent Advisor

Re: VVX600 Edge Server - SCHANEL Protocols required on IIS? PCT 1.0, SSL 2.0, SSL 3.0, TLS 1.0

Steffen

 

i have contacted our reseller Rocom to open a support case

 

Jack

 

PS. i am not seeing anywhere to mark ACCEPT AS SOLUTION

Message 6 of 9
Polycom Employee & Community Manager

Re: VVX600 Edge Server - SCHANEL Protocols required on IIS? PCT 1.0, SSL 2.0, SSL 3.0, TLS 1.0

Can you not see

 

Accept.PNG




<======== Signature / Disclaimer ========>
Please be aware:For questions about the type of support to expect please check here

Please also ensure you always check the VoIP , Video Endpoint , Skype for Business , PSTN or RPM FAQ's

Please remember, if you see a post that helped you , and it answers your question, please mark it as an "Accept as Solution".

The title Polycom Employee & Community Manager is an automatic setting within the community and any forum reply or post is based upon my personal experience and does not reflect the opinion or view of my employer.
Poly employee participation within this community is not mandatory and any post or FAQ article provided by myself is done either during my working hours or outside working hours, in my private time, and maybe answered on weekends, bank holidays or personal holidays.
Message 7 of 9
Frequent Advisor

Re: VVX600 Edge Server - SCHANEL Protocols required on IIS? PCT 1.0, SSL 2.0, SSL 3.0, TLS 1.0

Steffen,

 

i cannot see in the documentation the following configurations which i can see in the uploaded confuguration file:

 

sec.TLS.protocol.ldap="TLSv1_2"
sec.TLS.protocol.sip="TLSv1_2"
sec.TLS.protocol.webServer="TLSv1_2"
sec.TLS.protocol.xmpp="TLSv1_2" -->

 i belive this is Presence??

 

as per the attached picture i have set the following to TLS 1.2:

 

Syslog

SIP

Presence

LDAP

Web Server

 

so it appears that Syslog is missing from the above confgiration paramters.

 

will they work if i add them to by CFG file to update all handsets?

 

thanks

 

jack

 

 

Polycom Employee & Community Manager

Re: VVX600 Edge Server - SCHANEL Protocols required on IIS? PCT 1.0, SSL 2.0, SSL 3.0, TLS 1.0

Hello Jack,

The best way to check the defaults of Parameters is to follow this FAQ post:

 

Jan 14, 2015 Question:Finding the default values for configuration parameters for Polycom Phones?

Resolution: Please check => here <=

 

If some are missing in the Admin Guide I can open internally a Doc Bug.

 

In case of Syslog the correct Parameter is:

 

device.sec.TLS.protocol.syslog

as with all the device parameters you need:

 

device.set="1" device.sec.TLS.protocol.syslog.set="1" device.sec.TLS.protocol.syslog=""

Obviously you need to fill device.sec.TLS.protocol.syslog with the right supported protocol.


Please ensure to provide some feedback if this reply has helped you so other users can profit from your experience.

Best Regards

Steffen Baier

Polycom Global Services




<======== Signature / Disclaimer ========>
Please be aware:For questions about the type of support to expect please check here

Please also ensure you always check the VoIP , Video Endpoint , Skype for Business , PSTN or RPM FAQ's

Please remember, if you see a post that helped you , and it answers your question, please mark it as an "Accept as Solution".

The title Polycom Employee & Community Manager is an automatic setting within the community and any forum reply or post is based upon my personal experience and does not reflect the opinion or view of my employer.
Poly employee participation within this community is not mandatory and any post or FAQ article provided by myself is done either during my working hours or outside working hours, in my private time, and maybe answered on weekends, bank holidays or personal holidays.
Message 9 of 9