01-13-2016 05:13 PM - edited 03-18-2019 05:25 AM
Hello All,
I have 2 SX10s and cannot figure out how the encryption works for these. They are both registered to our VCS-C, and cannot connect with one another. Both systems have Encryption turned on and not to "Best Effort". I am thinking that this might have to do with our VCS or our security engineering team. Please help...
Thanks.
Solved! Go to Solution.
01-18-2016 01:54 PM
Hello,
Might be small but had to check, are the units registered on TLS? if not can you try to do so? Certificates shouldn't be necessary unless TLS verify is checked.
01-13-2016 06:06 PM
What happens if you try to make a call with them set to Best Effort?
For the zone that each SX10 is registered to, what is the "Media encryption mode" under SIP set to?
Does anything in the endpoint logs standout as to why the call fails to connect?
01-14-2016 11:02 AM
When both are set to Best Effort they will connect. But we need them to be turned On, for HIPPA purposes. For the zone they are registered to, Media Encryption Mode is set to auto. The only thing I see is the cause of the disconnection; when I go to call history under diagnostics is insufficient security. Could this be a setting in our VCS or firewall?
01-14-2016 07:25 PM
Would also be good if you could include the software versions of the SX10 and the VCS-C.
Also, what happens if you set the VCS to "Force encryption" instead of "Auto" ?
Do they have appropriate certificates installed, and have SIP certificate been turned on - see "Managing the video system's certificates" section in the admin guide.
/jens
Please rate replies and mark question(s) as "answered" if applicable.
01-18-2016 01:54 PM
Hello,
Might be small but had to check, are the units registered on TLS? if not can you try to do so? Certificates shouldn't be necessary unless TLS verify is checked.
01-20-2016 03:14 PM
Thanks Randy!
Changing it to TLS in our VCS worked. Made the call go through.
01-20-2016 03:32 PM
Awesome, glad to help out. Keep in mind that for everything that includes encryption (media or signaling) TLS is most like needed. At least for sip.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide