Cisco CP-7911G-CH1 Administration Guide - Page 185
How to Con Secure Unified SRST
View all Cisco CP-7911G-CH1 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 185 highlights
Configuring Secure SRST for SCCP and SIP How to Configure Secure Unified SRST Table 3 Overview of the Process of Secure SRST Authentication and Encryption (continued) Process Steps Description or Detail 5. Cisco Unified CM provides the PEM format files that contain phone certificate information to the Cisco Unified SRST router. Providing the PEM files to the Cisco Unified SRST router is done manually. See "Cisco IOS Credentials Server on Secure SRST Routers" section on page 181 for more information. When the Cisco Unified SRST router has the PEM files, the Cisco Unified SRST Router can authenticate the IP phone and validate the issuer of the IP phones certificate during the TLS handshake. 6. a. b. The TLS handshake occurs, certificates are exchanged, and mutual authentication and registration occurs between the Cisco Unified IP Phone and the Cisco Unified SRST Router. The Cisco Unified SRST Router sends its certificate, and the phone validates the certificate to the certificate that it received from Cisco Unified CM in Step 4. The Cisco Unified IP Phone provides the Cisco Unified SRST Router the LSC or MIC, and the router validates the LSC or MIC using the PEM format files that it was provided in Step 5. Note The media is encrypted automatically after the phone and router certificates are exchanged and the TLS connection is established with the SRST router. How to Configure Secure Unified SRST The following configuration sections ensure that the secure Cisco Unified SRST Router and the Cisco Unified IP Phones can request mutual authentication during the TLS handshake. The TLS handshake occurs when the phone registers with the Cisco Unified SRST Router, either before or after the WAN link fails. This section contains the following procedures: • Preparing the Cisco Unified SRST Router for Secure Communication, page 186 • Configuring Cisco Unified Communications Manager to the Secure Cisco Unified SRST Router, page 203 • Enabling SRST Mode on the Secure Cisco Unified SRST Router, page 206 • Configuring Secure SCCP SRST, page 207 • Configuring Secure SIP Call Signaling and SRTP Media with Cisco SRST, page 221 OL-13143-04 Cisco Unified SCCP and SIP SRST System Administrator Guide 185