cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
702
Views
15
Helpful
9
Replies

RTP encryption

chris.damore
Level 1
Level 1

I have configured IP phone encryption phone-to-phone. Now I would like to configure encryption phone to h323 gateways so incoming and outgoing calls are encrypted to/from the gateways. Does anyone have a link or any information about this?

Thanks,

Chris

1 Accepted Solution

Accepted Solutions

Chris, I didnt mean to say that.

H323 encryption is supported in 4.1,4.2, 5.x etc. You have to have a min. IOS version to support SRTP command under dial-peers.

http://www.cisco.com/en/US/products/ps6441/products_feature_guide09186a008068b526.html

Sankar Nair
UC Solutions Architect
Pacific Northwest | CDW
CCIE Collaboration #17135 Emeritus

View solution in original post

9 Replies 9

thisisshanky
Level 11
Level 11

Yes, its very simple. Enable encryption under the dial peers, using command

"srtp".

If using a MGCP gateway, you have to configure a few commands for MGCP to enable signalling encryption. To setup media encryption for RTP you will have to build a ipsec tunnel to callmanager (pub and sub's).

http://www.cisco.com/en/US/products/ps6441/products_feature_guide09186a008068b526.html#wp1123262

HTh

Sankar

PS: please remember to rate posts!

Sankar Nair
UC Solutions Architect
Pacific Northwest | CDW
CCIE Collaboration #17135 Emeritus

Do you know how RTP encryption works with IPCC?

Thanks,

Chris

Chris,

CM 4.1 doesnt support encryption on CTI devices. It seems CM 5.x has support for encryption on CTI devices, but i have never setup encryption to IPCC.

Sankar Nair
UC Solutions Architect
Pacific Northwest | CDW
CCIE Collaboration #17135 Emeritus

So this would mean any RTP traffic from IPCC wouldn't be encrypted?

Also, do you know if this is the case in CM 4.2?

Thanks,

Chris

Looks like its not supported in 4.2 as well.

http://www.cisco.com/univercd/cc/td/doc/product/voice/c_callmg/4_2/sec_vir/ae/sec423/secuview.htm

Hopefully this is roadmapped for 4.x train in future.

Sankar Nair
UC Solutions Architect
Pacific Northwest | CDW
CCIE Collaboration #17135 Emeritus

So the H323 encryption is only supported in CM5.0 and above?????

Thanks,

Chris

Chris, I didnt mean to say that.

H323 encryption is supported in 4.1,4.2, 5.x etc. You have to have a min. IOS version to support SRTP command under dial-peers.

http://www.cisco.com/en/US/products/ps6441/products_feature_guide09186a008068b526.html

Sankar Nair
UC Solutions Architect
Pacific Northwest | CDW
CCIE Collaboration #17135 Emeritus

Jason Aarons
Level 6
Level 6

I would discourage srtp/encryption, too many things won't work or have caveats. Give it some time to work out the issues.

Can you tell me some of the things that don't work or have caveats?

Thanks,

Chris

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: