CUCM SIP TLS (5061) to Openscape access 500i (hipath 4000)

armin.wagenfuehr · ‎04-10-2014

Hello Community, I hope you can help me, because we struggle arround 2 weeks and it is not working.

We have in operation a CUCM 8.6.2 with SIP unsecure to Siemens HiPath 4000. Works well. But the whole CUCM Cluster (3 Cluster 80.000 User) is secure. All is working fine in SIPS (TLS) but not SIPS (TLS) to the Hipath (openscape access 500i).

Certificates - Sip Sec.profile etc..... all is fine also in the Hiptah.

We are adjust so many parameters, but it will not work.

If we send TCP SIP-TLS Request to the Hipath we get back a RST ACK (Reset) from the HiPath. Thats all!

- The Main Question is, have someone it ever get with SIP TLS in operation with a Hipath?

- Basically it eill work or not?

- I am much more thankful for any help or note.

Regards

Armin

HTH, please rate all useful posts and right answers.

armin.wagenfuehr · ‎05-16-2014

Hello, good work will take a while :-). The first probelm was, Port 5061 was closed on Hipath. After we have open it, CUCM and Hipath exchange the certs But this would fail.

The cause was, we would expect the encryption deepness from 1024, but we had adjust 2048 at Hipath. After we adjust it to 1024, --- >> It works in SIP TLS. Basic calls number, name transfer ans some feature will work fine.

But not with QSIG Tunnel in SIP TLS. The Hipath say unkown IE. At tjis Problem we are still working.

Regards

Armin

HTH, please rate all useful posts and right answers.

Brian Meade · ‎05-16-2014

Are you sure the Hipath supports QSIG? We'll need to see the CallManager traces to see what SIP messages are actually exchanges for a QSIG call.