cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
771
Views
0
Helpful
9
Replies

Tandberg E20- TMS Multi-point Secure Conference Error

awatson20
Level 4
Level 4

While attempting to add a Cisco E20 to a multi-point Secure Conference in TMS, we receive the following message.

Cannot add Sip Participant in a Secure Conference Due to Wrong Encryption Settings

Any idea what is causing this?  Is this not possible?  The E20 is on software TE2.1.0.2069545.

9 Replies 9

amehla
Cisco Employee
Cisco Employee

i am not sure about E20 settings on that much lower version, but check encryption settings under conference 1 in your E20.

it should be according to your conference encyption settings.

I checked, and the encryption setting for the E20 under Conference 1 is set to Best effort.

TE2 is a very low version for the E20, I'd suggest you upgrade it to TE4.1.3, you can do so using the following security advisory.

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130619-tpc

Actually, to make a comment about my previous message.  You don't even need to worry about the advisory when upgrading E20s, as they don't need a release key, you can simply upgrade them without it as they're not required.  So no need to go through the advisory in regards to the E20.

Thanks Patrick, I will attempt the upgrade.

Hi Awatson,

Can you change it to on instead of best effort and check.

you may need to reboot unit after that

Patrick Pettit
Cisco Employee
Cisco Employee

What TMS version you running that this error occurrs?


Sent from Cisco Technical Support Android App

13.2.1

Steve Kapinos
Cisco Employee
Cisco Employee

awatson20 wrote:

While attempting to add a Cisco E20 to a multi-point Secure Conference in TMS, we receive the following message.

Cannot add Sip Participant in a Secure Conference Due to Wrong Encryption Settings

Any idea what is causing this?  Is this not possible?  The E20 is on software TE2.1.0.2069545.

If the conference is set to 'encryption = yes' in booking, this means TMS will REQUIRE a participant be known to support ecryption before it is allowed to be booked as part of the meeting.  If set to Best Effort, TMS will allow a non-encrypted participant, but not set encryption required on the devices.

This message is saying TMS does not believe your E20 as configured supports encryption.  For SIP encryption in the E20 and TC endpoints, TMS looks at the SIP Transport Type to determine if the endpoint can support encryption (it's not an easy determination for SIP...).

If your E20 is not set to SIP Transport = Auto or TLS... TMS infers the device can not support encryption on SIP and will not allow it in a call where encryption is required instead of optional.

check your SIP profile properties in the E20 and set it to Auto or TLS  (assuming your registrar supports TLS)