Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Media Security: Invalid Im trying to enable SRTP

Status
Not open for further replies.

devers

Technical User
Dec 24, 2009
13
AU
Hi All
I am stumped with this one and Avaya can't seem to find a resolve at the moment so i'm reaching out to see if anyone can help.
I have a IP Office Virtual Server Edition on 11.0.4 Build 1
When i click on System, VOIP, Voip Security and select media security as enforced i get the following error on the phone screens
Media Security: Invalid
I have 9608 phones currently running 6.8.3

Things i have tried.
Many many upgrades to phones and systems.
Have upgraded the phones and have tried versions 6.6.6, 6.8.0, 6.8.2, 6.8.3

I suspect it may be cert related but any help would be great.
Ill buy the person that solves this problem a beer when i am next in their home town.

IMG_8693_fovhqn.jpg
 
This is the most user friendly implementation I have ever seen /s

"If bytes 13-16 of the Public key of the root CA match the xxxxxxxx of the filename in the request"

ACSS (SME)

 
Im close thanks to SIZBUT. When i enable SRTP media security on the system and reset a phone it now looks like the phone tries to download stuff, fails and then back to Media Security: Invalid screen.

I feel like it is the cert that is causing the issues.
I'm not sure if i have loaded the cert.pem correctly.
which option do i use?
select from current user cert store
select from local machine cert store
Import cert from file (tried this and said zero certs imported)
paste from clipboard. (i used this)
 
Are you trying to use the IPOs certificate or your own?

"Trying is the first step to failure..." - Homer
 
The one from the Server edition IPOs certificate.
 
The certificate is still valid.
Its like the phone is not getting something it requires.
They upgrade ok but im wondering if something on the 46xxsettings file is causing a problem.

Also there are 2 ip500v2 attached to the Server Edition but the customer is not using them at the moment.

This one is a very strange one and i have no problems getting this working on other systems.

Hmmm the Server edition is in a data center and the handsets are on another network which routes to the data center.
 
Did you enable 'remote extension' ?

Also, is the 46xxsettings file auto generated or did you make one yourself?
 
Sorry i am back, have been out on the road trying to un-break other Avaya systems.

Okkie26 i have enabled remote extensions and have tried using the system generated 46xx settings files and also creating my own files.

Just wondering if there was a way to clear the certificates without breaking everything?

 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top