Configuring Secure SRST for SCCP and SIP
How to Configure Secure Unified SRST
229
Cisco Unified SCCP and SIP SRST System Administrator Guide
OL-13143-04
session transport tcp tls
registrar server expires max 600 min 60
srtp negotiate cisco
!
voice register global
system message Welcome to SIP SRST Secure Fallback
max-dn 100
max-pool 50
!
voice register pool 1
id network 10.2.0.0 mask 255.255.0.0
codec g711ulaw
!
!
!
crypto pki trustpoint cl-b-pub
enrollment terminal
revocation-check none
!
crypto pki trustpoint 3745-SRST
enrollment selfsigned
fqdn none
subject-name CN=3745-SRST
revocation-check none
rsakeypair 3745-SRST
!
crypto pki trustpoint CAP-RTP-001
enrollment terminal
revocation-check none
!
crypto pki trustpoint CAP-RTP-002
enrollment terminal
revocation-check none
!
crypto pki trustpoint Cisco_Root_CA_2048
enrollment terminal
revocation-check none
!
crypto pki trustpoint Cisco_Manufacturing_CA
enrollment terminal
revocation-check none
!
!
!
interface FastEthernet0/0
description "Remote Site" LAN
ip address 10.2.30.1 255.255.255.0
duplex auto
speed auto
!
!
interface FastEthernet0/1
description "WAN" connection to Cluster-B
ip address 10.2.0.6 255.255.255.0
duplex auto
speed auto
!
!
sip-ua
registrar ipv4:10.2.0.10 expires 3600
xfer target dial-peer
crypto signaling default trustpoint 3745-SRST
!
!
