Cisco Cisco IOS Software Release 12.4(6)T
Media and Signaling Authentication and Encryption Feature for Cisco IOS H.323 Gateways
How to Configure Media and Signaling Authentication and Encryption Feature for Cisco IOS H.323 Gateways
12
Media and Signaling Authentication and Encryption Feature for Cisco IOS H.323 Gateways
Verifying and Troubleshooting Media and Signaling Authentication and
Encryption Secure Call Configuration
Encryption Secure Call Configuration
This task verifies and troubleshoots secure call configuration.
SUMMARY STEPS
1.
show running-config
2.
debug h245 srtp
3.
show voice call status
4.
show dial-peer voice number
Step 1
To verify the configuration, use the show running-config command. Sample output is located in the
.
Step 2
Use the debug h245 srtp command to display SRTP information exchanged during H.225 and H.245
signaling.
signaling.
Step 3
Use the show voice call status command to verify the status of encrypted and decrypted packets:
a.
Use the show voice call status command to display all voice ports and obtain the CallID of a specific
call.
call.
b.
Use the show voice call status call-id command to display encrypted and decrypted packets for the
specified call.
specified call.
Step 4
srtp
[fallback | system]
Example:
Router(config-dial-peer)# srtp fallback
Enables secure calls that use SRTP for media encryption
and authentication and specifies fallback capability. Using
the no srtp command disables security and causes the dial
peer to fall back to RTP mode.
and authentication and specifies fallback capability. Using
the no srtp command disables security and causes the dial
peer to fall back to RTP mode.
•
The srtp command enables secure calls.
•
The fallback keyword enables fallback to nonsecure
mode (RTP) on an individual dial peer. The no form of
this command disables fallback and disables SRTP.
mode (RTP) on an individual dial peer. The no form of
this command disables fallback and disables SRTP.
•
The system keyword enables SRTP capability on a
global level, rather than on the individual dial peer. This
command defaults SRTP behavior to the global level.
global level, rather than on the individual dial peer. This
command defaults SRTP behavior to the global level.
Note
This dial-peer configuration command takes
precedence over the globally configured srtp
command enabled in voice service voip
configuration mode.
precedence over the globally configured srtp
command enabled in voice service voip
configuration mode.
Step 5
exit
Example:
Router(config-dial-peer)# exit
Exits the current configuration mode.
Command or Action
Purpose