cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
404
Views
1
Helpful
3
Replies

Encryption and RTP traffic on Expressway C and E

Clutz5250
Level 1
Level 1

This is probably an easy one to answer but I’ve tried finding something authoritative on the traffic encryption particulars on expressway c and e in MRA configuration. A quick glance revealed some info but now I can’t seem to find it again to reference. So, In the port diagrams it showed a wide port range for RTP, one side ephemeral I guess, and then double NATs if I remember right. But the Cisco port map diagram for MRA show just RTP and not SRTP. The encryption setting in Expressway can be set so that it encrypts traffic, so I’m curious if this simply enables SRTP or not? If not, how or what is this encryption mechanism? it can be encrypted so that starting at E and onto public traffic is encrypted? I remember that securing the Expressway backend is also an option from c. 

been a bit since I’ve tinkered in expressway. Would be nice to know I’m not off the mark here

1 Accepted Solution

Accepted Solutions

b.winter
VIP
VIP

I haven't read your full post but:
Between the external client and EXP-E is encrypted (SIP/TLS and sRTP), the same between EXP-E and EXP-C per default.
Between EXP-C and internal, it is unencrypted SIP and RTP per default.

And no, there is no double NAT.

View solution in original post

3 Replies 3

b.winter
VIP
VIP

I haven't read your full post but:
Between the external client and EXP-E is encrypted (SIP/TLS and sRTP), the same between EXP-E and EXP-C per default.
Between EXP-C and internal, it is unencrypted SIP and RTP per default.

And no, there is no double NAT.

Thanks for the input and you answered my primary question concerning encryption!

you're right, it isn't double NATing but i have to ask another question now. So the below traffic path I enumerated, seems like it's some kind port mapping? makes me think its some kind of underlying nature of the zone traversal mechanism?

I highlighted just the RTP below, though it's probably a broader question here.

Clutz5250_0-1680200772102.png

 

It's not a classical port mapping between your point 1 to 2 and 3 to 4.

The Expressway just receives the traffic on one end (using the defined port range for receive and transmit) and forwards it internally to the other end (using another defined port range for receive and transmit).
It's like in a router when a packet traverses the back plane between the receiving interface and sending interface.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: