technology, networking and IP telephony
UNIStim Firmware Release 4.0 for Nortel IP Phones
Nortel 1165e IP Phone
Nortel has released UNIStim firmware 4.0 for their IP phones;
- 0621C7A for IP Phone 2007,
- 0623C7F, 0624C7F, 0625C7F and 0627C7F for IP Phone 1110, 1120E, 1140E and 1150E respectively and
- 062AC7F for IP Phone 1210, 1220, and 1230
No UNIStim software release 4.0 is being offered for the Phase II IP Phone 2001, Phase II IP Phone 2002, and Phase II IP Phone 2004. The Nortel IP Phone 200x series (except the 2007) was manufacture discontinued as of November 29, 2009.
The enhancements available with UNIStim software release 4.0 for IP Phones include:
- UNIStim VPN Client (UVC) in the IP Phone 1100 series
- Feature and Application Licensing
- Secure Signaling using DTLS
- Secure Call Recording (SCR)
- Designed for Operability (DfO)
- Enhancements to Certificate Support
The product bulletin for the 4.0 release listed the same fixes (two of which were for the 2004 model) as the previous UNIStim 3.4 release. I’m going to guess that someone forgot to update that section of the product bulletin with some relevant information.
The big news with this release is the built in VPN client for the IP Phone 1100 series, the UNIStim VPN Client (UVC). Unfortunately this initial release doesn’t support encrypting/tunneling the traffic to/from the PC port, only the traffic to/from the Signaling Server and Voice Gateway Media Cards is encrypted with the VPN connection. The initial release is certified to work wtih Nortel VPN Router (NVR) family running software release 8.00 or greater. (NVR software release 8.00 has been qualified on the NVR 1010, 1050, 1100, 600, 1600, 17xx, 27×0, 4600 and 5000).
Please refer to the release notes and the product bulletin for complete details.
Cheers!
Related posts:
Hi Gord,
It would have been nice for Nortel to have left that decision up to the user/customer. I wonder how difficult MAC security would be to implement on the PC port?
In any event I can understand the desire to keep voice and data traffic separate and as you commented a lot of organizations already have remote access solutions in place.
Thanks for the comment!
- #3 written by Steve 1 year ago
Hi Steve,
I haven’t personally tried it but I’ve learned over the years that just because something isn’t supported doesn’t necessarily mean it won’t work. With that said if you did get it to work you might have to weigh the risk of going into a production environment with an unsupported configuration.
I have two 1700s and one 1740 all running 7.x software. I could probably test it out for you if you are really curious… or it might become immediately clear that it won’t work without some feature in 8.x software.
Cheers!
- #6 written by jephph 1 year ago
- #9 written by khalil abua asal 11 months ago
hi all:
i’m intending to establish a VPN connection between Nortel 1140E phone behind a an ADSL SOHO router and a Cisco ASA 5510 appliance, but the connection doesn’t come up, i configured the PSK user id and password, the XAUTH user ID and passowrd on the phone but with no use, the error that keeps showing up on cisco ASA is:
unknown tunnel-group id.
can any one confirm to me if the cpn client on the Nortel 1140E phone is compatible with Cisco ASA appliances or not???Regards
- #11 written by novice 2 weeks ago
khalil abua asal:
hi all: i’m intending to establish a VPN connection between Nortel 1140E phone behind a an ADSL SOHO router and a Cisco ASA 5510 appliance, but the connection doesn’t come up, i configured the PSK user id and password, the XAUTH user ID and passowrd on the phone but with no use, the error that keeps showing up on cisco ASA is: unknown tunnel-group id. can any one confirm to me if the cpn client on the Nortel 1140E phone is compatible with Cisco ASA appliances or not???RegardsHas anyone tried and got this working with Cisco ASA, I cant image Avaya would of made a custom IPSec client and not just natively create an IPSec client that is universal. I mean IPSec is IPSec
Hi Novice,
I’m not so sure I would agree with your assumption that IPSec is IPsec. I’ve had years of pure fun (being cynical) building branch VPN tunnels across different platforms using Cisco, Nortel, CheckPoint, Juniper, Linux, etc.
It’s possible that it might work but someone needs to test it out and see if actually works.
Thanks for the comment!
- Comment Feed for this Post
Not encrypting the traffic through the PC port was deliberate to prevent a huge security hole. Take an example of a home user connecting a WiFi router into the PC port and unintentionally not using any security over the WiFi. Any drive-by/neighbour WiFi snooper would then have direct access into your corporate network if the data through the PC port was also tunneled over the VPN.