Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

SIP trunk TLS encryption vs. IPSec

Hi,

  I need to encrypt calls going through a SIP Trunk (CUCM 7.1(5)) to a Cisco 2800 Gateway.

At first I was planning to use TLS encryption, but a coworker of mine suggested me to use IPSec  to encrypt the communication, instead of TLS.

He tells me that it will be much simpler to deploy (we already have the same setup with IPSec on some VG224 gateways), and it wont´require dealing with a CA infraestructure, offereing the same level of cypher.

Is there any diasvantage to using IPSec over TLS?

The CUCM and Gateway are all inside my customer´s network. No public access and no external provider in between

Regards,

Ariel.

Everyone's tags (5)
3 REPLIES
Hall of Fame Super Gold

SIP trunk TLS encryption vs. IPSec

You can't do ipsec directly on CM. It would require an additional router, then possibly your customer would become paranoid about the segment between CM and router passing unencrypted.

Community Member

SIP trunk TLS encryption vs. IPSec

Paolo,

That is not true! You CAN do IPSec directly from CM. Its possible from CUCM 6.x and later if I am not mistaken (I am using 7.x) In OS Administrations -> Security -> IPSec you can configure the profiles.


I am certain of this, because we already have several VG224 configured using it

Thanks for taking your time, anyway!

Hall of Fame Super Gold

SIP trunk TLS encryption vs. IPSec

Then I stand corrected. Thanks!

1364
Views
0
Helpful
3
Replies
CreatePlease to create content