Unfortunately I don’t manage the CUCM environment. Based on what I’ve read so far, CUCM SIP Trunks technically only support SRTP or RTP, but not both, in a SIP Invite. If both are present in the SIP Invite then CUCM only selects the first one in the list as opposed to choosing a preferred type. Doing it this way breaks the RFC which is my big pain point. The vendor for the equipment sending the invite isn’t going to change their spec and completely break the RFC to accommodate Cisco’s way of supporting SRTP. There are ways around this using the vendor’s equipment, but I was hoping that perhaps there is a way this can be accommodated within CUCM.
On May 30, 2014, at 12:20 PM, Brian Meade <[email protected]> wrote: > Can you send a CallManager SDI/SDL trace for one of these calls? > > > On Fri, May 30, 2014 at 12:14 PM, Mark Holloway <[email protected]> wrote: > Yep, it’s TLS. Certificates are loaded. > > > On May 30, 2014, at 11:48 AM, Brian Meade <[email protected]> wrote: > >> Mark, >> >> Is the device actually using TLS for the signaling? I don't think CUCM will >> let you use SRTP if the signaling channel isn't encrypted. >> >> Brian >> >> >> On Fri, May 30, 2014 at 11:41 AM, Mark Holloway <[email protected]> >> wrote: >> I’ve got a non-Cisco SIP device sending SIP Invites to CUCM (SIP Trunk). The >> SDP from my device includes RTP and sRTP in the SIP Invite. Reading Cisco >> docs it looks like the way Cisco expects sRTP to work is the SIP Invite >> should only include sRTP assuming if the call should be encrypted. If both >> RTP and sRTP are in the SDP, CUCM will always choose the first one in the >> list rather than the preferred type (sRTP in this example). In my case RTP >> is being listed first then sRTP, therefore CUCM will never choose sRTP even >> though that is what I prefer. >> >> Has anyone encountered this before and is there a way around it? >> >> Thanks, >> Mark >> >> >> _______________________________________________ >> cisco-voip mailing list >> [email protected] >> https://puck.nether.net/mailman/listinfo/cisco-voip >> > >
_______________________________________________ cisco-voip mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-voip
