- Sat 23rd Sep 2017, 14:12
#4986
- Appreciate my support? Feel free to buy me a coffee.
- Voipfone are offering you the chance to trial their VoIP service for free for 30 days. Sign me up!
- Tired of shared hosting? You're not alone! Grab a high performance server and get $100 in free credit. Sign me up!
In this guide, I'm going to show you how to enable call encryption using TLS and SRTP on the Cisco SPA range of phones. Before we start, you need to be aware of the following:
Step 1
Open your web browser of choice and enter your Cisco SPA telephones IP address in the URL. You should see the phones web GUI on screen:
Click on "Admin Login", followed by "advanced" located in the top right hand side of the page.
You should now have access to all advanced administration features, like so:
Step 2
Click on the tab named SIP (as shown in the above image) and under the SIP Parameters section, look for the parameter named SRTP Method.
Default setting is:
Step 3
Click on the tab named Ext1. Under the SIP Settings section, look for the parameter named SIP Transport.
Default setting is:
Default Proxy setting is:
Default Register Expires setting is:
Default setting is:
Default setting is:
Step 4
Finally, click on the tab named User and under the Supplementary Services section, look for the parameter named Secure Call Setting.
Default setting is:
That's it! Calls between your Cisco SPA phone and your PBX are now encrypted!
The Cisco SPA525G beeps three times at the beginning of a call to indicate that the media stream is secure.
- Hosted PBX Users - Your VoIP provider must support TLS and SRTP for this to work.
- Onsite PBX Users - Your PBX also needs to be correctly configured and have the required certificate(s) installed for this to work.
- This guide isn't about how to configure your PBX, I'm only going to describe the steps required to configure your Cisco SPA phone!
Step 1
Open your web browser of choice and enter your Cisco SPA telephones IP address in the URL. You should see the phones web GUI on screen:
Click on "Admin Login", followed by "advanced" located in the top right hand side of the page.
You should now have access to all advanced administration features, like so:
Step 2
Click on the tab named SIP (as shown in the above image) and under the SIP Parameters section, look for the parameter named SRTP Method.
Default setting is:
- SRTP Method: x-sipura
- SRTP Method: s-descriptor
Step 3
Click on the tab named Ext1. Under the SIP Settings section, look for the parameter named SIP Transport.
Default setting is:
- SIP Transport: UDP
- SIP Transport: TLS
Default Proxy setting is:
- Proxy:
- Proxy: 192.168.1.182
Default Register Expires setting is:
- Register Expires: 3600
- Register Expires: 60
Default setting is:
- User ID:
- User ID: 1000
Default setting is:
- Password:
- Password: password1234
Step 4
Finally, click on the tab named User and under the Supplementary Services section, look for the parameter named Secure Call Setting.
Default setting is:
- Secure Call Setting: no
- Secure Call Setting: yes
That's it! Calls between your Cisco SPA phone and your PBX are now encrypted!
The Cisco SPA525G beeps three times at the beginning of a call to indicate that the media stream is secure.
- Appreciate my support? Feel free to buy me a coffee.
- Voipfone are offering you the chance to trial their VoIP service for free for 30 days. Sign me up!
- Tired of shared hosting? You're not alone! Grab a high performance server and get $100 in free credit. Sign me up!
How did this post make you feel?