Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
438
Views
0
Helpful
0
Replies

Secure SIP Trunk to VGW

Gidonitzhak
Level 1
Level 1

‎02-01-2021 12:27 AM

Hello,

 

I'm trying to configure secure sip trunk between CUCM and Voice Gateway, but it fails to set up.

The CUCM and the Voice Gateway are both signed under the same Certificate Authority.

There is a root CA, and a intermediate CA

i did the configurations based on that document:

https://community.cisco.com/t5/collaboration-voice-and-video/configure-sip-tls-using-ca-signed-certificates-between-call/ta-p/3164144

 

i run the following debug commands and received the following error:

debug crypto pki transaction

debug crypto pki messages

 

Jan 31 12:35:11.726: CRYPTO_PKI: Unable to locate cert record by issuername
Jan 31 12:35:11.726: CRYPTO_PKI: No trust point for cert issuer, looking up cert chain

 

if you will see on the logs attached, i configure a trust-point to the root and authenticate the intermediate

 

IP address of the CUCMs: 100.75.0.10 (publisher), 100.75.0.210, 100.75.0.211, 100.75.0.212 (subscribers)

IP address of the Voice Gateway: 100.75.252.94

 

i attached a file containing the running config, and the logs from the debugs, and a capture from the CUCM.

 

Can you help me figure why I'm reeving this error?

SRST.zip
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents