Specifications
105
Cisco Unified Survivable Remote Site Telephony Version 4.0 System Administrator Guide
Setting Up Secure Survivable Remote Site
Telephony
This chapter describes new Secure Survivable Remote Site Telephony (SRST) security features such as
authentication, integrity, and media encryption.
Note Prior to Cisco Unified SRST 4.0, the name of this product was Cisco SRST.
Contents
• Prerequisites for Setting Up Secure SRST, page 105
• Restrictions for Setting Up Secure SRST, page 106
• Information About Setting Up Secure SRST, page 107
• How to Configure Secure SRST, page 113
• Configuration Examples for Secure SRST, page 138
• Where to Go Next, page 144
• Additional References, page 144
Prerequisites for Setting Up Secure SRST
General
• Secure Cisco IP phones supported in secure SRST must have certificates installed and encryption
enabled.
• The SRST router must have a certificate; a certificate can be generated by a third party or by the
Cisco IOS certificate authority (CA). The Cisco IOS CA can run on the same gateway as SRST.
• Cisco Unified CallManager 4.1(2) or later must be installed and must support security mode
(authenticate and encryption mode).
• Certificate trust lists (CTLs) on Cisco Unified CallManager must be enabled. For complete
instructions, see the “Configuring Secure IP Telephony Calls” procedure in the Media and Signaling
Authentication and Encryption Feature for Cisco IOS MGCP Gateways feature.