I'm trying to record calls on an encrypted connection (SIP over TLS + SRTP) to a SIP trunk, but encountering a problem. I have configured recording using the built-in-bridge feature of CUCM, and this is working well as long as the connection to the recording SIP trunk is not encrypted. After configuring encryption, there is a secure TLS SIP connection, but the SIP call to the recording SIP trunk is closed immediately by the CUCM using a SIP BYE message. - The option "SRTP Allowed" for the recording SIP trunk is enabled. - With the option "Early Offer support for voice and video calls" enabled for the SIP profile of the SIP trunk, the first INVITE from the CUCM contains SDP but without an encryption option for SRTP. With the same option disabled, the first INVITE from the CUCM does not contain SDP, our SIP trunk replies SDP with encryption options, and the CUCM replies with an ACK without SDP, and then CANCELs the call with Reason: Q.850; cause=21. In either case the CUCM immediately closes the SIP call, by sending a BYE. - In the Enterprise Parameters, the Cluster Security Mode is set to 1 (mixed mode). The issue occurs while testing in the Cisco Sandbox lab. Do the phones maybe need to be set to do encrypted communication as well? Any idea how we can solve this problem?
... View more