Specifications
Configuring Security Features
315
The callee receives the INVITE message with the RTP encryption algorithm, and then
answers the call by responding with a 200 OK message which carries the negotiated
RTP encryption algorithm.
Example of the RTP encryption algorithm carried in the SDP of the 200 OK message:
m=audio 11780 RTP/SAVP 0 101
a=rtpmap:0 PCMU/8000
a=rtpmap:101 telephone-event/8000
a=crypto:1 AES_CM_128_HMAC_SHA1_80
inline:NGY4OGViMDYzZjQzYTNiOTNkOWRiYzRlMjM0Yzcz
a=sendrecv
a=ptime:20
a=fmtp:101 0-15
When SRTP is enabled on both IP phones, RTP streams will be encrypted, and a lock icon
appears on the LCD screen of each IP phone after successful negotiation.
Note
Procedure
SRTP can be configured using the configuration files or locally.
Configuration File
<MAC>.cfg
Configure SRTP feature.
Parameter:
account.X.srtp_encryption
Local
Web User Interface
Configure SRTP feature.
Navigate to:
http://<phoneIPAddress>/servlet
?p=account-adv&q=load&acc=
0
Details of the Configuration Parameter:
Parameters
Permitted Values
Default
account.X.srtp_encryption
(X = 1)
0, 1 or 2
0
Description:
Configures whether to use voice encryption service.
0-Disabled
If you enable SRTP, then you should also enable TLS. This ensures the security of SRTP
encryption. For more information on TLS, refer to Transport Layer Security on page 305.