Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
605
Views
5
Helpful
3
Replies

CUCM 12.5 & 14.0 with TLS 1.2 - CUC & Third party phones

Go to solution
Jagadish2
Level 1
Level 1

‎08-16-2021 09:49 PM

Hi,

We need to know, when we enable TLS 1.2 in CUCM 12.5 or 14.0.

 

1) CUC 10.5.2 is not compatible. But what exactly happens between an CUCM with TLS 1.2 enabled and an CUC with TLS1.2 not enabled. What is that, which blocks the integration between CUCM with TLS1.2 enabled and CUC with TLS 1.2 not enabled. Want to understand how TLS1.2 plays role in integration of CUC( SCCP integration from cucm and cuc).

 

2) Do Voice gateway routers like 4431 or 4331, do require Vsec licenses instead of Vk9, with CUCM TLS1.2 enabled ( we are using MGCP Between Voice gateway & CUCM)

 

3) Also, can we integrate an Third party Voice mail server with CUCM 12.5 or 14.0 with TLS 1.2 enabled, assuming Third party voice mail have TLS 1.2 enabled ??

 

4) Do third party conference phones like Polycom trio 8800 and Tesira forte work with CUCM 12.5 and 14.0 with TLS1.2 enabled.

 

Please advise.

 

Regards

Jagadish

 

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Roger Kallberg
VIP
VIP
In response to Jagadish2

‎08-17-2021 06:00 AM

@Jagadish2 wrote:

 

1) TLS is not related to this as your integration uses Skinny.

Said that integration is not related to TLS, but as per cisco CUCM 12.5 with TLS1.2 enabled is not comptabile with CUC 10.5.2 ?? is there any other aspects which makes this compatibility issue ??

 

Likely it's the AXL part that could be at play here. CUC uses this to communicate with CM.

@Jagadish2 wrote:


2) Voice gateways do not communicate with CM using TLS as long as you do not use secure SIP.

So no need to buy Vsec licenses on voice gateways for MGCP or unsecured SIP connections .. right ?? Only Vk9 is enough.

 

This is correct.



Response Signature


View solution in original post

0 Helpful
3 Replies 3

Go to solution
Roger Kallberg
VIP
VIP

‎08-16-2021 10:40 PM - edited ‎08-16-2021 11:05 PM

TLS is primarily a thing that is used for web protocol, aka https. As such it does not have an affect on most other type of protocols, such as Skinny (SCCP). The answer to your questions are

1) TLS is not related to this as your integration uses Skinny.
2) Voice gateways do not communicate with CM using TLS as long as you do not use secure SIP.
3) It would depend upon how the 3:rd party system integrate with CUC. You’d need to dig into the how this operate for the specific system.
4) Very likely it will work, as SIP does not use TLS for unsecured communication, but you’d need to verify that on your own system with your specific configuration.



Response Signature


Go to solution
Jagadish2
Level 1
Level 1
In response to Roger Kallberg

‎08-17-2021 05:06 AM

Hi Roger,

Just to reconfirm,

 

1) TLS is not related to this as your integration uses Skinny.

Said that integration is not related to TLS, but as per cisco CUCM 12.5 with TLS1.2 enabled is not comptabile with CUC 10.5.2 ?? is there any other aspects which makes this compatibility issue ??


2) Voice gateways do not communicate with CM using TLS as long as you do not use secure SIP.

So no need to buy Vsec licenses on voice gateways for MGCP or unsecured SIP connections .. right ?? Only Vk9 is enough.

 

Regards

Jagadish

 

0 Helpful

Go to solution
Roger Kallberg
VIP
VIP
In response to Jagadish2

‎08-17-2021 06:00 AM

@Jagadish2 wrote:

 

1) TLS is not related to this as your integration uses Skinny.

Said that integration is not related to TLS, but as per cisco CUCM 12.5 with TLS1.2 enabled is not comptabile with CUC 10.5.2 ?? is there any other aspects which makes this compatibility issue ??

 

Likely it's the AXL part that could be at play here. CUC uses this to communicate with CM.

@Jagadish2 wrote:


2) Voice gateways do not communicate with CM using TLS as long as you do not use secure SIP.

So no need to buy Vsec licenses on voice gateways for MGCP or unsecured SIP connections .. right ?? Only Vk9 is enough.

 

This is correct.



Response Signature


0 Helpful
Customers Also Viewed These Support Documents