Hi all,
I have two CUBE (2951, IOS 15.6.2) with HSRP, and I am trying to configure secure SIP with CUCM cluster that is operating as mixed mode cluster.
I am following the below cisco document to have secure SIP trunk between the both ends to encrypt the signaling as well as SRTP traffic between both.
http://www.cisco.com/c/en/us/support/docs/unified-communications/unified-border-element/200104-SIP-TLS-and-SRTP-RTP-internetworking-on.html#anc7
mainly I am facing two issues:
1- when I am trying to configure the following secure commands, the CUBE router is not accepting them:
- srtp fallback (under dial-peer or voice service voip configuration)
- crypto signaling default trustpoint CUBE-TLS (under sip-ua).
- session transport tcp tls (under voice service voip).
- dspfarm profile 1 transcode universal security
2-its mentioned under the PKI trustpoint configuration:
crypto pki trustpoint CUBE-TLS
enrollment url http://X.X.X.X:80
serial-number none
fqdn none
ip-address none
subject-name CN=Secure-CUBE
revocation-check none
rsakeypair CUBE
in case of two CUBE and configured in HSRP for redundancy, what is the IP should be configured in the URL? the HSRP virtual IP or the physical IP?
and please feel free to add any recommendations to follow apart from the document I am following.
thanks in advance.