Page 1 of 2
How can I check whether Encryption is working?
Posted: 04 Jul 2009 04:50
by Kinne_DUP
Hi,
we supposed to have encryption working with SSM and MSM boxes.
Well, how can I actually check this?
Kim
Re: How can I check whether Encryption is working?
Posted: 04 Jul 2009 07:08
by root
activate the encryption icon in the 8&9er category and check if the icon is present during call
on a IPTouch ipphone. On the MSM you could check it with spd / sadb commands
Re: How can I check whether Encryption is working?
Posted: 06 Jul 2009 04:41
by Kinne_DUP
Hi,
I can´t find anything within the 8 & 9 category. Do you have the right path?
Re: How can I check whether Encryption is working?
Posted: 06 Jul 2009 07:26
by axel_h
On the systems console check it with "cryptview".
You will see wheter the system is encrypted or not. Besides you can see the encrypted hybrid links.
Re: How can I check whether Encryption is working?
Posted: 07 Jul 2009 17:18
by root
Kinne wrote:Hi,
I can´t find anything within the 8 & 9 category. Do you have the right path?
Alcatel-Lucent 8&9 Series / 8&9 Series COS / Phone COS / n / Display Encrypted Communication + YES
Re: How can I check whether Encryption is working?
Posted: 09 Jul 2009 04:19
by Kinne_DUP
Hi,
I found it. But it seems that only calls between IP Touch <=> IP Touch phones are encrypted.
In other cases, when there are calls from outside or I make external calls there´s no encryption icon
Re: How can I check whether Encryption is working?
Posted: 09 Jul 2009 06:18
by axel_h
OK, mgr/Encryption/adresses to protect
Locate the MSMs and see what´s encrypted and what´s not.
IPTsecurity is a lot of fun when working without lab equipment
ALU documentation is quite good for this solution.
Good luck!
Re: How can I check whether Encryption is working?
Posted: 17 Jul 2009 13:57
by Kinne_DUP
So, for now encryption is working in the following cases:
Call from external: PSTN --E1-->AlcatelOXE--IP-->Thales--IP-->IPTouch 4028 => between Thales box and IPT 4028
Call from internal to outside: PSTN <--E1--AlcatelOXE<--IP--Thales<--IP--IPTouch 4028 => between Thales box and IPT 4028
Call call between 2 4028: IP Touch 4028 <--Thales--IP-->IPTouch 4028 => Is the Thales box involved int this case?
But when I enable the SIP trunk, the RTP packets are going directly to the SIP provider. So I´m loosing encryption within LAN.
My goal would be to force the RTP packets to pass the Thales boxes (and the AlcatelOXE) before they go to the SIP provider.
Is this possible?
Re: How can I check whether Encryption is working?
Posted: 18 Jul 2009 13:50
by axel_h
Hmm, and how should the SIP provider decrypt the communication?
This would mean the provider uses your encryption keys... no good idea.
Re: How can I check whether Encryption is working?
Posted: 19 Jul 2009 03:18
by Kinne_DUP
Hm, I´ not talking about encryption between the voip provider and the phone (this is not possible with the Alcatel, as it is mentioned before) , so no end to end encryption. I want a kind of hop to hop encryption
=> [IP Touch 4028 --my WAN/LAN--> (Thales+OXE)]--SIP Trunk--> voip provider
So, encryption between IP Touch and the OXE.
But now, the RTP packets go directly to the voip provider
=> [IP Touch 4028 --my WAN/LAN---------------->]--------------> voip provider
So, RTP packets are unprotected within my LAN/WAN.