06-21-2013 12:25 AM - edited 03-18-2019 01:20 AM
Hi Community,
I have the same issue between a 9971 registered on cucm8.6.2 and EX90 or E20 registered on VCS7.2.
I'm trying to make an encrypted call fom a EX90 or E20, and a 9971.
EX90 and E20 is registerd with TLS
9971 is in secure mode, encryption works between two 9971
SIP Trunk TLS is Active between CUCM and VCS
In CUCM zone, i have a custom profile with the setting from Deployment Guide CUCM8_9 and X7.2
On VCS, i put the command: xConfiguration Zones Zone 4 Neighbor Interworking SIP Encryption EncryptSRTCP: Yes
On CUCM SIP Trunk, SRTP allowed is checked
SIP Media enccryption mode is Best effort in Default Zone and CUCM zone
Did you upload CUCM cert on VCS?
Any suggestion will be appreciated
Regards
06-23-2013 12:13 PM
Ensuring that Unified CM trusts the VCS server certificate
For Unified CM to make a TLS connection to VCS, Unified CM must trust the VCS’s server certificate.
Unified CM must therefore trust a root certificate that in turn trusts the VCS’s certificate. See Certificate
Creation and Use with VCS Deployment Guide for details of generating CSRs on VCS to acquire certificates
from a Certificate Authority (CA), as well as information about operating private Certificate Authorities.
If VCS and Unified CM have both been loaded with valid certificates and the root CA of the VCS certificate is
already loaded onto Unified CM, then no further work is required.
Otherwise, if the VCS does not have a certificate from an authority that is accepted by a root CA certificate
on Unified CM (typically if the VCS has a self-signed certificate), the VCS's server certificate must be loaded
onto Unified CM.
Page 28
regards,
Ahmad
06-24-2013 02:07 AM
Hello Ahmad,
Thank you for your feedback, i have already uploaded the VCS's certificate onto CUCM.
I beleive that issue is located in SIP Message between VCS and CUCM
Regards
Jluc
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide