Cisco Cisco Expressway
Outgoing Transport Type
TLS.
Enable Digest
Authentication
Authentication
Leave unselected.
X.509 Subject Name
The subject name or an subject alternate name provided by the Expressway
in its certificate. For Expressway clusters, ensure that this list includes all of
the names contained within all of the peers' certificates. To specify multiple
X.509 names, separate each name by a space, comma, semicolon or colon.
in its certificate. For Expressway clusters, ensure that this list includes all of
the names contained within all of the peers' certificates. To specify multiple
X.509 names, separate each name by a space, comma, semicolon or colon.
Incoming Port
5061
Accept Unsolicited
Notification
Notification
Select this check box
Accept Replaces Header
Select this check box
Other parameters
Leave all other parameters unselected.
5. Click Save.
Updating the Unified CM trunk to Expressway to use TLS
On Unified CM:
1. Go to
Device > Trunk
.
2. Using Find, select the Device Name previously set up for the trunk to the Expressway.
3. Configure the following fields:
SIP Information
section
Destination
Port
Port
5061 (unless using DNS SRV, in which case ensure the SRV records are set up correctly).
SIP Trunk
Security
Profile
Security
Profile
Select the trunk profile set up above.
Leave other parameters as previously configured.
4. Click Save.
5. Click Reset.
Updating the Expressway neighbor zone to Unified CM to use
TLS
TLS
Note that Expressway will report that the Unified CM zone is active even while it is communicating with
Unified CM over TCP. The changes below are necessary to enable communications over TLS.
Unified CM over TCP. The changes below are necessary to enable communications over TLS.
On Expressway:
1. Go to
Configuration > Zones > Zones
, then select the zone to Unified CM.
2. Configure the following fields:
Cisco Unified Communications Manager with Cisco Expressway (SIP Trunk) Deployment Guide (X8.2)
Page 27 of 40
Connecting Expressway to Unified CM using TLS