Hi,
we supposed to have encryption working with SSM and MSM boxes.
Well, how can I actually check this?
Kim
How can I check whether Encryption is working?
-
root
Re: How can I check whether Encryption is working?
activate the encryption icon in the 8&9er category and check if the icon is present during call
on a IPTouch ipphone. On the MSM you could check it with spd / sadb commands
on a IPTouch ipphone. On the MSM you could check it with spd / sadb commands
-
Kinne_DUP
Re: How can I check whether Encryption is working?
Hi,
I can´t find anything within the 8 & 9 category. Do you have the right path?
I can´t find anything within the 8 & 9 category. Do you have the right path?
Re: How can I check whether Encryption is working?
On the systems console check it with "cryptview".
You will see wheter the system is encrypted or not. Besides you can see the encrypted hybrid links.
You will see wheter the system is encrypted or not. Besides you can see the encrypted hybrid links.
-
root
Re: How can I check whether Encryption is working?
Alcatel-Lucent 8&9 Series / 8&9 Series COS / Phone COS / n / Display Encrypted Communication + YESKinne wrote:Hi,
I can´t find anything within the 8 & 9 category. Do you have the right path?
-
Kinne_DUP
Re: How can I check whether Encryption is working?
Hi,
I found it. But it seems that only calls between IP Touch <=> IP Touch phones are encrypted.
In other cases, when there are calls from outside or I make external calls there´s no encryption icon
I found it. But it seems that only calls between IP Touch <=> IP Touch phones are encrypted.
In other cases, when there are calls from outside or I make external calls there´s no encryption icon
Re: How can I check whether Encryption is working?
OK, mgr/Encryption/adresses to protect
Locate the MSMs and see what´s encrypted and what´s not.
IPTsecurity is a lot of fun when working without lab equipment
ALU documentation is quite good for this solution.
Good luck!
Locate the MSMs and see what´s encrypted and what´s not.
IPTsecurity is a lot of fun when working without lab equipment
ALU documentation is quite good for this solution.
Good luck!
-
Kinne_DUP
Re: How can I check whether Encryption is working?
So, for now encryption is working in the following cases:
Call from external: PSTN --E1-->AlcatelOXE--IP-->Thales--IP-->IPTouch 4028 => between Thales box and IPT 4028
Call from internal to outside: PSTN <--E1--AlcatelOXE<--IP--Thales<--IP--IPTouch 4028 => between Thales box and IPT 4028
Call call between 2 4028: IP Touch 4028 <--Thales--IP-->IPTouch 4028 => Is the Thales box involved int this case?
But when I enable the SIP trunk, the RTP packets are going directly to the SIP provider. So I´m loosing encryption within LAN.
My goal would be to force the RTP packets to pass the Thales boxes (and the AlcatelOXE) before they go to the SIP provider.
Is this possible?
Call from external: PSTN --E1-->AlcatelOXE--IP-->Thales--IP-->IPTouch 4028 => between Thales box and IPT 4028
Call from internal to outside: PSTN <--E1--AlcatelOXE<--IP--Thales<--IP--IPTouch 4028 => between Thales box and IPT 4028
Call call between 2 4028: IP Touch 4028 <--Thales--IP-->IPTouch 4028 => Is the Thales box involved int this case?
But when I enable the SIP trunk, the RTP packets are going directly to the SIP provider. So I´m loosing encryption within LAN.
My goal would be to force the RTP packets to pass the Thales boxes (and the AlcatelOXE) before they go to the SIP provider.
Is this possible?
Re: How can I check whether Encryption is working?
Hmm, and how should the SIP provider decrypt the communication?
This would mean the provider uses your encryption keys... no good idea.
This would mean the provider uses your encryption keys... no good idea.
-
Kinne_DUP
Re: How can I check whether Encryption is working?
Hm, I´ not talking about encryption between the voip provider and the phone (this is not possible with the Alcatel, as it is mentioned before) , so no end to end encryption. I want a kind of hop to hop encryption
=> [IP Touch 4028 --my WAN/LAN--> (Thales+OXE)]--SIP Trunk--> voip provider
So, encryption between IP Touch and the OXE.
But now, the RTP packets go directly to the voip provider
=> [IP Touch 4028 --my WAN/LAN---------------->]--------------> voip provider
So, RTP packets are unprotected within my LAN/WAN.
=> [IP Touch 4028 --my WAN/LAN--> (Thales+OXE)]--SIP Trunk--> voip provider
So, encryption between IP Touch and the OXE.
But now, the RTP packets go directly to the voip provider
=> [IP Touch 4028 --my WAN/LAN---------------->]--------------> voip provider
So, RTP packets are unprotected within my LAN/WAN.
