Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Media Security: Invalid Im trying to enable SRTP

Status
Not open for further replies.
devers

devers

Technical User
Dec 24, 2009
13
AU
Hi All
I am stumped with this one and Avaya can't seem to find a resolve at the moment so i'm reaching out to see if anyone can help.
I have a IP Office Virtual Server Edition on 11.0.4 Build 1
When i click on System, VOIP, Voip Security and select media security as enforced i get the following error on the phone screens
Media Security: Invalid
I have 9608 phones currently running 6.8.3

Things i have tried.
Many many upgrades to phones and systems.
Have upgraded the phones and have tried versions 6.6.6, 6.8.0, 6.8.2, 6.8.3

I suspect it may be cert related but any help would be great.
Ill buy the person that solves this problem a beer when i am next in their home town.

IMG_8693_fovhqn.jpg
 
Sort by date Sort by votes
This is the most user friendly implementation I have ever seen /s

"If bytes 13-16 of the Public key of the root CA match the xxxxxxxx of the filename in the request"

ACSS (SME)

 
Upvote 0 Downvote
Im close thanks to SIZBUT. When i enable SRTP media security on the system and reset a phone it now looks like the phone tries to download stuff, fails and then back to Media Security: Invalid screen.

I feel like it is the cert that is causing the issues.
I'm not sure if i have loaded the cert.pem correctly.
which option do i use?
select from current user cert store
select from local machine cert store
Import cert from file (tried this and said zero certs imported)
paste from clipboard. (i used this)
 
Upvote 0 Downvote
Are you trying to use the IPOs certificate or your own?

"Trying is the first step to failure..." - Homer
 
Upvote 0 Downvote
The one from the Server edition IPOs certificate.
 
Upvote 0 Downvote
The certificate is still valid.
Its like the phone is not getting something it requires.
They upgrade ok but im wondering if something on the 46xxsettings file is causing a problem.

Also there are 2 ip500v2 attached to the Server Edition but the customer is not using them at the moment.

This one is a very strange one and i have no problems getting this working on other systems.

Hmmm the Server edition is in a data center and the handsets are on another network which routes to the data center.
 
Upvote 0 Downvote
Did you enable 'remote extension' ?

Also, is the 46xxsettings file auto generated or did you make one yourself?
 
Upvote 0 Downvote
Sorry i am back, have been out on the road trying to un-break other Avaya systems.

Okkie26 i have enabled remote extensions and have tried using the system generated 46xx settings files and also creating my own files.

Just wondering if there was a way to clear the certificates without breaking everything?

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

a.kasuri
  • Locked
  • Question
AVAYA IP OFFICE SIP TRUNK OVER TLS SRTP, SEND and LISTEN PORTS
Replies
1
Views
297
a.kasuri
a.kasuri
William C290
  • Locked
  • Question
Migrate Media Manager to Server Edition
Replies
1
Views
416
greggster
greggster
E
  • Locked
  • Question
Media Manager 11.1 listen to recording files
Replies
7
Views
640
Ehanna
E
Albus2
  • Locked
  • Question
Upgrade Server Edition to 12.0 with Media Manager
Replies
1
Views
471
Ekster
Ekster
lleeNC
  • Locked
  • Question
J100 "Access Code Invalid" when trying to access Admin Menu 2
Replies
4
Views
314
lleeNC
lleeNC

Part and Inventory Search

Sponsor

Back
Top