Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
899
Views
0
Helpful
1
Replies

SRTP between 2 CME boxes

Brian Meade
Level 7
Level 7

‎02-25-2011 11:38 AM - edited ‎03-16-2019 03:39 AM

I am trying to figure out how to configure SRTP on my SIP dial-peers.  Here is my configuration.  I have SCCP phoned off of each CME box.  I only want to run SRTP between the 2 sites.

voice service voip
srtp
allow-connections h323 to h323
allow-connections h323 to sip
allow-connections sip to h323
allow-connections sip to sip
h323
  emptycapability
sip
  bind control source-interface Vlan20
  bind media source-interface Vlan20
  subscription maximum accept 5
  registrar server expires max 600 min 60
  srtp negotiate cisco

dial-peer voice 200 voip
destination-pattern 4....
session protocol sipv2
session target ipv4:192.168.10.2
codec g711ulaw

There is a similar configration on the other box with a dial-peer pointing back to this one.  If I turn on SRTP fallback, I get RTP traffic between the two sites.  With just SRTP turned on, the call fails due Status 488 Not Acceptable Media.  Do I need to set up crypto keys at each site and somehow authenticate the boxes to eachother?

Labels:
0 Helpful
1 Reply 1

yuanwu
Cisco Employee
Cisco Employee

‎02-28-2011 10:51 PM

Hi, Brian

Please check the CME administrator guide,

http://www.cisco.com/en/US/docs/voice_ip_comm/cucme/admin/configuration/guide/cmeauth.html#wp1112836

Secure Cisco Unified CME does not support SIP trunks; only H.323 trunks are supported

Rgds/Randy

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents