Plantronics + Polycom. Now together as Poly Logo

Polycom unable to simultaneous support tls and srtp

Highlighted
Advisor

Polycom unable to simultaneous support tls and srtp

As stated in the subject, I am having a weird issues with testing tls and srtp on the Polycom vvx handsets. First I setup tls has recommended by previous post to the community, and now my acme packet SBC and the polycom handset are in harmony with communicating via tls.

 

The next step was to enable srtp, which seemes fairly simply compared to setting up tls, however although the invite/200ok SDPs between the SBC/phone request/asnwer with SRTP, the phone for some reason keeps sendingRTP.

 

The weird thing is if I should disable tls and allow only srtp, the SDPs are negotiated successfully and the phone intiates SRTP.

 

Any ideas?? I am currently running vvx400 on code 5.4.4. I also noticed some authentication errors in the app logs ONLy when the phone has both tls and srtp.

 

sample config

 

 

<reg
reg.1.address="6636"
reg.1.auth.password="************"
reg.1.auth.userId="6636"
reg.1.label="LabB Sec 6636"
reg.1.outboundProxy.address="************"
reg.1.outboundProxy.transport="TLS"
reg.1.outboundProxy.port="5061"
reg.1.server.1.address="********************"
reg.1.server.1.transport="TLS"
reg.1.server.1.port="5061"
reg.1.srtp.enable="1"
reg.1.srtp.offer="1"
reg.1.srtp.require="0"
reg.1.type="private"
reg.1.thirdPartyName=""
reg.1.linekeys="2" />

 

 

 

SRTP ONLY LOGS

 

002719.659|so |2|00|Stream::srtpInitRx no rx session
002719.659|so |3|00|srtpInit: (0x11c19d8) IP , port 0
002719.728|so |3|00|srtpSetOutboundSession: (0x11c19d8) IP 172.16.1.1, port 16420

 

 

SRTP AND TLS LOG

003728.553|so |2|00|Stream::srtpInitRx no rx session
003728.553|so |3|00|srtpInit: (0x11c3388) IP , port 0
003728.618|so |3|00|srtpSetOutboundSession: (0x11c3388) IP 74.117.230.140, port 22580
003733.542|srtp |4|00|srtp: srtp_unprotect: auth failure - seq=0x09c1, ROC=0
003734.542|srtp |4|00|srtp: srtp_unprotect: auth failure - seq=0x09f3, ROC=0
003735.542|srtp |4|00|srtp: srtp_unprotect: auth failure - seq=0x0a25, ROC=0
003736.542|srtp |4|00|srtp: srtp_unprotect: auth failure - seq=0x0a57, ROC=0
003737.542|srtp |4|00|srtp: srtp_unprotect: auth failure - seq=0x0a89, ROC=0



 

Message 1 of 4
3 REPLIES 3
Highlighted
Polycom Employee & Community Manager

Re: Polycom unable to simultaneous support tls and srtp

Hello Jam,

welcome back to the Polycom Community.


Did you ever follow up your original posts => here <= or => here <= ?

 

Providing feedback to these can help other posters or simply marking them as solution provided.

 

In addition your new Post's have a FAQ that can be used to troubleshoot:

 

Apr 17, 2013 QuestionHow can I setup a TLS connection for SIP signaling and / or troubleshoot this?

Resolution: Please check => here <=

 

and

 

Apr 23, 2013 Question: How can I setup SRTP / Secure RTP?

Resolution: Please check => here <=

 

And in addition I would set a NTP time:

 

 

003728.553


And also use a currently supported software like UC Software 5.5.1 or 5.5.0 before or at least 5.4.5


Please ensure to provide some feedback if this reply has helped you so other users can profit from your experience.

Best Regards

Steffen Baier

Polycom Global Services

----------------

Notice: This community forum is not an official Poly support resource, thus responses from Poly employees, partners, and customers alike are best-effort in attempts to share learned knowledge. If you need immediate and/or official assistance please open a service ticket through your proper support channels.
Please also ensure you always check the VoIP , Video Endpoint , Skype for Business , PSTN or RPM FAQ's
Message 2 of 4
Highlighted
Advisor

Re: Polycom unable to simultaneous support tls and srtp

Thanks for the feedback..ntp was corrected and phone upgraded to 5.5.1 but still same issue.

Message 3 of 4
Highlighted
Polycom Employee & Community Manager

Re: Polycom unable to simultaneous support tls and srtp

Hello Jam,

as you did not post any logs please go ahead and escalated this.

In order to raise a support ticket you need to work with your Polycom reseller as they need to do this for you.

If this is some sort of an Internet discounter please post your phone's MAC address so I can look up who would be able to support you.

Please ensure to provide some feedback if this reply has helped you so other users can profit from your experience.

Best Regards

Steffen Baier

Polycom Global Services

----------------

Notice: This community forum is not an official Poly support resource, thus responses from Poly employees, partners, and customers alike are best-effort in attempts to share learned knowledge. If you need immediate and/or official assistance please open a service ticket through your proper support channels.
Please also ensure you always check the VoIP , Video Endpoint , Skype for Business , PSTN or RPM FAQ's
Message 4 of 4