05-15-2024 01:37 PM - edited 05-15-2024 01:38 PM
Hello dears
I hope you are doing well.
The reason of the discussion, is that we need tho change the TLS minimum version at 1.2, in CUCM 12.5(1)SU8a.
Regarding the document "Security Guide for Cisco Unified Communications Manager, Release 12.5(1)", we see the following:
"
Before you configure the minimum TLS version, make sure that your network devices and applications both
support the TLS version. Also, make sure that they are enabled for TLS that you want to configure with
Unified Communications Manager and IM and Presence Services. If you have any of the following products
deployed, confirm that they meet the minimum TLS requirement. If they do not meet this requirement, upgrade
those products:
• Skinny Client Control Protocol (SCCP) Conference Bridge
• Transcoder
• Hardware Media Termination Point (MTP)
• SIP Gateway
• Cisco Prime Collaboration Assurance
• Cisco Prime Collaboration Provisioning
• Cisco Prime Collaboration Deployment
• Cisco Unified Border Element (CUBE)
• Cisco Expressway
"
However, we have our CUCM in Security Mode "0" (enterprise parameters). My question is, if we set the minimum TLS version to 1.2, it would have impact in all of the aforementioned applications and devices, even tough if they would have minimum version 1.0 ?
Kind regards
Solved! Go to Solution.
05-15-2024 10:02 PM - edited 05-15-2024 10:05 PM
It would affect anything that cannot do TLS 1.2. For example any 79xx model of phones. For instance they would stop receiving configuration data from your TFTP server(s).
The security mode of your system has no relevance to this. Even in non secure mode the devices will use secure communication for parts of their communication with CM.
05-15-2024 10:02 PM - edited 05-15-2024 10:05 PM
It would affect anything that cannot do TLS 1.2. For example any 79xx model of phones. For instance they would stop receiving configuration data from your TFTP server(s).
The security mode of your system has no relevance to this. Even in non secure mode the devices will use secure communication for parts of their communication with CM.
05-16-2024 05:02 PM
Thank you again Roger !
Kind regards !
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide