How can I check whether Encryption is working?

[root]

If the SIP ISP use SBC then you could put a MSM box in front of this SBC to encrypt
the call flow like a SIP call to OTUC.

[Kinne_DUP]

The SIP voip provider is actually 100 of kilometers away. So I´m actually put the MSM box behind my firewall, so the it is within the RTP stream towards the SIP provider?

[Kinne_DUP]

The SIP voip provider is actually 100 of kilometers away. So I´m actually put the MSM box behind my firewall, so it is within the RTP stream towards the SIP provider. So setup would look like

[IP Touch -----------my LAN/WAN-----------your mentioned MSM--my firewall]----------internet---------- sip voip provider
|
|
my
LAN/
WAN
|
|
Thales
|
OmniPCX Enterprise 9.0 call server
|
E1/30 channels
|
PSTN

Am I correct? Btw, is there any documentation for the Thales MSM box itself?

[Kinne_DUP]

Hi root,

I found your old posting:

OXE does not support SIPS / SRTP to secure SIP calls, but you could take any SBC
and declare this SBC under address to protect as an OTUC server, with this configuration
the voice from IPTouch to the SBC is encrypted. I've seen this configuration working,
but it's not supported by ALU

of course you need a MSM box in front of your SBC and remember the limit of 250
calls per MSM box

The example in the pdf show only SIPS / SRTP from the SBC to other SIP equipment
which mean that it's not secured in your network, but behind the SBC.

So with a MSM in front of the SBC you could secure the voice on both sides.

Let´s take look at the setup now. Would it be like this?



[IP Touch -----------my LAN/WAN-----------your mentioned MSM---- SBC----my firewall]----------internet---------- sip voip provider
|
|
my
LAN/
WAN
|
|
Thales
|
OmniPCX Enterprise 9.0 call server
|
E1/30 channels
|
PSTN



If so, which SBC would you recommend? For now I have 20 outgoing channels to the sip provider, so it doesn´t have to be so big...

[Kinne_DUP]

Another possibility would be to force the RTP to go to the OmniPCX first, therefore pass the Thales boxes and becoming SRTPs. Is this possible?

[IP Touch ------my LAN/WAN-----------------------my firewall------ sip voip provider
| /
SRTP /
| /
my /
LAN/ RTP
WAN /
| /
SRTP /
| /
Thales /
| /
RTP /
| /
OmniPCX Enterprise 9.0 call server
|
E1/30 channels
|
PSTN

[cavagnaro]

I would extreamly suggest to contact you vendor Presales guy, he will know much more about your configuration and enviroment and what solution he can suggest you.

[Kinne_DUP]

I would extreamly suggest to contact you vendor Presales guy, he will know much more about your configuration and enviroment and what solution he can suggest you.

In fact he doesn´t know it. He started a request at Alcatel, but no info so far...

[cavagnaro]

ouch, sucks. No other BP near you? with a presales like that I wouldn't even a phone...