Home
Certification Preparation
Cisco
CCNP
CCNP Collaboration
CME SRTP
PhillyD
Hi,
Has anyone here had any experience of implementing SRTP on a CME v7 box? I have been trying to do it as per the documentation for the last week, I also have a TAC case open. The test phone seems unable to connect to the CAPF server and install an LSC. Does anyone have any pointers on this? I can provide my config if necessary.
Thanks in advance
Phill (CCVP as of last week! yay!)
Find more posts tagged with
Comments
Luckycharms
Post clean config..
PhillyD
Config is as below: The ephone would normally have 'device security mode encrypted' and 'cert-oper upgrade' but it has been set to none just so its functional.
ctl-client
server cme 10.0.1.252 trustpoint CMETP
server tftp 10.0.1.252 trustpoint TFTPTP
server capf 10.0.1.252 trustpoint CAPFTP
sast1 trustpoint SAST1TP
sast2 trustpoint SAST2TP
!
capf-server
port 3804
auth-mode null-string
cert-enroll-trustpoint NETTITUDE password 1 130847011A190D3E24
trustpoint-label CAPFTP
source-addr 10.0.1.252
keygen-timeout 20
keygen-retry 2
!
!
!
!
crypto pki server NETTITUDE
grant auto
!
crypto pki trustpoint NETTITUDE
revocation-check crl
rsakeypair NETTITUDE
!
crypto pki trustpoint CAPFTP
enrollment url
http://10.0.1.252:80
revocation-check crl
!
crypto pki trustpoint CMETP
enrollment url
http://10.0.1.252:80
revocation-check crl
!
crypto pki trustpoint TFTPTP
enrollment url
http://10.0.1.252:80
revocation-check crl
!
crypto pki trustpoint SAST1TP
enrollment url
http://10.0.1.252:80
revocation-check crl
!
crypto pki trustpoint SAST2TP
enrollment url
http://10.0.1.252:80
revocation-check crl
!
crypto pki trustpoint CTLPV
enrollment url
http://10.0.1.252:80
revocation-check crl
credentials
ctl-service admin admin secret 1 082C1C5D180C0C031D
ip source-address 10.0.1.252 port 2444
trustpoint CTLPV
!
!
telephony-service
secure-signaling trustpoint CMETP
cnf-file location flash:
cnf-file perphone
tftp-server-credentials trustpoint TFTPTP
server-security-mode secure
create cnf-files version-stamp Jan 01 2002 00:00:00
!
!
ephone 10
device-security-mode none
cert-oper delete auth-mode null-string
mac-address 0019.30C9.3196
ephone-template 1
type 7971
button 1:4
!
mistance
I'm facing the same issue. How did you solve it?
miff
I have the same problem too, had you found a solution ?
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
