Plantronics + Polycom. Now together as Poly Logo

Group 500 Encryption Issues with Cisco Codec

SOLVED
Pawel
Frequent Visitor

Group 500 Encryption Issues with Cisco Codec

Hello All, 

 

Group Series 500

Hardware Ver 18

Firmware Release - 6.1.3-390050

 

On the other end, there is a cisco codec (not sure which model) running CE 9.1.4. 

 

The call is H.323, point-to-point, firewall is not an issue (call is internal over vpn tunnel) encryption is turned on (needs to be due to policy on both ends)

 

The issue is, when calling this one specific codec, both sites get no video and white noise audio. This is only when encryption is turned on. Once turned off (for testing) the call is perfectly fine. The other unit also works fine with all other sites with encryption. 

 

I think I have traced this back to cisco. I found the following bug reports

 

https://tools.cisco.com/bugsearch/bug/CSCuq94402?emailclick=CNSemail

 

https://tools.cisco.com/bugsearch/bug/CSCur78783?emailclick=CNSemail

 

https://supportforums.cisco.com/t5/telepresence/severe-audio-static-connecting-to-polycom-hdx-series...

 

The problem is that their current firmware version has this resolved. The person that I am dealing with (unfortunately very difficult) has pointed this out, said that he spoke to cisco (I highly doubt this) and proceded to try and pin this back on our unit. I've done a number of tests and have been unable to recreate the issue with any other endpoint (vsx, hdx, 500, 700, zoombridge etc).

 

What I'm getting at, is to see if anyone has come across this issue and is there any chance of it being on my end? 

 

Any input is greatly appreciated. 

Message 1 of 2
1 ACCEPTED SOLUTION

Accepted Solutions
Karthik  Sivaram
Polycom Employee

Re: Group 500 Encryption Issues with Cisco Codec

hi Pawel,

First, before encrypting a call between 2 vendors i.e. Cisco and Polycom it is important to understand what
methods are supported by each end . There are many ways of exchanging secure Real-time Transport keys in functional call flows such as Datagram Transport Layer Security (DTLS) that provides communication privacy for the audio and video media streams and Session Description Protocol Security Descriptions (SDES) when exchanging keys. Every vendor has their own way of exchanging these keys.

Secondly, when integrating 2 systems it is important to check interoperability docs to verify the version and products that are tested and working.

Last , as per the release notes of the Group Series it very clear that we do not support either Media encryption through Datagram Transport Layer Security (DTLS) or
Standard SRTP (SDES) in CISCO environments :

https://support.polycom.com/content/dam/polycom-support/products/Telepresence-and-Video/Group%20Seri...

It is best to therefore best to operate the GS unit in an unencrypted mode with Cisco devices.

Hope this helps!

Regards,
Karthik Sivaram

Please remember to "Kudo" a post that helped you and / or "Accept as Solution" if it solves your issue.

This forum reply or post is based upon my personal experience and does not reflect the opinion or view of my employer.

Polycom employee participation within this community is not mandatory and any post or article provided by myself is done either during my working hours or outside working hours, in my private time, and may be answered on weekends, bank holidays or personal holidays.

View solution in original post

Message 2 of 2
1 REPLY 1
Karthik  Sivaram
Polycom Employee

Re: Group 500 Encryption Issues with Cisco Codec

hi Pawel,

First, before encrypting a call between 2 vendors i.e. Cisco and Polycom it is important to understand what
methods are supported by each end . There are many ways of exchanging secure Real-time Transport keys in functional call flows such as Datagram Transport Layer Security (DTLS) that provides communication privacy for the audio and video media streams and Session Description Protocol Security Descriptions (SDES) when exchanging keys. Every vendor has their own way of exchanging these keys.

Secondly, when integrating 2 systems it is important to check interoperability docs to verify the version and products that are tested and working.

Last , as per the release notes of the Group Series it very clear that we do not support either Media encryption through Datagram Transport Layer Security (DTLS) or
Standard SRTP (SDES) in CISCO environments :

https://support.polycom.com/content/dam/polycom-support/products/Telepresence-and-Video/Group%20Seri...

It is best to therefore best to operate the GS unit in an unencrypted mode with Cisco devices.

Hope this helps!

Regards,
Karthik Sivaram

Please remember to "Kudo" a post that helped you and / or "Accept as Solution" if it solves your issue.

This forum reply or post is based upon my personal experience and does not reflect the opinion or view of my employer.

Polycom employee participation within this community is not mandatory and any post or article provided by myself is done either during my working hours or outside working hours, in my private time, and may be answered on weekends, bank holidays or personal holidays.

View solution in original post

Message 2 of 2