cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1897
Views
0
Helpful
3
Replies

SIP trunk TLS encryption vs. IPSec

arielroza
Level 1
Level 1

Hi,

  I need to encrypt calls going through a SIP Trunk (CUCM 7.1(5)) to a Cisco 2800 Gateway.

At first I was planning to use TLS encryption, but a coworker of mine suggested me to use IPSec  to encrypt the communication, instead of TLS.

He tells me that it will be much simpler to deploy (we already have the same setup with IPSec on some VG224 gateways), and it wont´require dealing with a CA infraestructure, offereing the same level of cypher.

Is there any diasvantage to using IPSec over TLS?

The CUCM and Gateway are all inside my customer´s network. No public access and no external provider in between

Regards,

Ariel.

3 Replies 3

paolo bevilacqua
Hall of Fame
Hall of Fame

You can't do ipsec directly on CM. It would require an additional router, then possibly your customer would become paranoid about the segment between CM and router passing unencrypted.

Paolo,

That is not true! You CAN do IPSec directly from CM. Its possible from CUCM 6.x and later if I am not mistaken (I am using 7.x) In OS Administrations -> Security -> IPSec you can configure the profiles.


I am certain of this, because we already have several VG224 configured using it

Thanks for taking your time, anyway!

Then I stand corrected. Thanks!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: