Hello all!

I am trying to deploy a voice network which will connect to another voice network.

I am using a CUCM 11.5 and a CUBE V12( ISR 4451).

The partner is using expressway and pxip on his side.

When in TCP everything worked, then we tried to switch to secure. I got my certificates for CUCM and CUBE, uploaded the CUBE certificate in CUCM, created a trustpoint on router, used crypto pki authenticate trustpoint and pasted the CUCM certificate in there.

On CUCM created a secure sip profile, and a trunk using that profile pointing to CUBE DNS record on port 5061. The trunk gets full service.

Then on CUBE under sip-ua specified default trustpoint, and in dial peer to CUCM used TCP TLS as transport, pointing to DNS Name of CUCM that is reachable from cube and the srtp command. 

The dial peer gets up and after one or two minutes gets down. If i change and point to domain name of CUCM and :5061 same, getting up, stay up for one or two minutes and gets down.

That is also the case in the dial peer from CUBE to expressway. When the dial peer is up in that minute I am able to make encrypted call to the partener. But the dial peer then goes down and can not make another call.

I suppose certificates are ok considering that an encrypted call can be made

Does anyone have an ideea why that happens?

Thanks in advance for your responses.