[cisco-voip] sRTP and RTP in SIP Invite

Mark Holloway mh at markholloway.com
Mon Jun 2 08:44:02 EDT 2014 

Unfortunately I don’t manage the CUCM environment. Based on what I’ve read so far, CUCM SIP Trunks technically only support SRTP or RTP, but not both, in a SIP Invite. If both are present in the SIP Invite then CUCM only selects the first one in the list as opposed to choosing a preferred type. Doing it this way breaks the RFC which is my big pain point. The vendor for the equipment sending the invite isn’t going to change their spec and completely break the RFC to accommodate Cisco’s way of supporting SRTP.  There are ways around this using the vendor’s equipment, but I was hoping that perhaps there is a way this can be accommodated within CUCM. 

On May 30, 2014, at 12:20 PM, Brian Meade <bmeade90 at vt.edu> wrote:

> Can you send a CallManager SDI/SDL trace for one of these calls?
> 
> 
> On Fri, May 30, 2014 at 12:14 PM, Mark Holloway <mh at markholloway.com> wrote:
> Yep, it’s TLS.  Certificates are loaded.
> 
> 
> On May 30, 2014, at 11:48 AM, Brian Meade <bmeade90 at vt.edu> wrote:
> 
>> Mark,
>> 
>> Is the device actually using TLS for the signaling?  I don't think CUCM will let you use SRTP if the signaling channel isn't encrypted.
>> 
>> Brian
>> 
>> 
>> On Fri, May 30, 2014 at 11:41 AM, Mark Holloway <mh at markholloway.com> wrote:
>> I’ve got a non-Cisco SIP device sending SIP Invites to CUCM (SIP Trunk). The SDP from my device includes RTP and sRTP in the SIP Invite. Reading Cisco docs it looks like the way Cisco expects sRTP to work is the SIP Invite should only include sRTP assuming if the call should be encrypted.  If both RTP and sRTP are in the SDP, CUCM will always choose the first one in the list rather than the preferred type (sRTP in this example).  In my case RTP is being listed first then sRTP, therefore CUCM will never choose sRTP even though that is what I prefer.
>> 
>> Has anyone encountered this before and is there a way around it?
>> 
>> Thanks,
>> Mark
>> 
>> 
>> _______________________________________________
>> cisco-voip mailing list
>> cisco-voip at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-voip
>> 
> 
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20140602/80388d93/attachment.html>

More information about the cisco-voip mailing list