Configuring Media (Srtp) Security - AudioCodes Mediant 4000 SBC User Manual
Session border controllers
Hide thumbs
Also See for Mediant 4000 SBC:
- User manual (964 pages) ,
- Hardware installation manual (40 pages) ,
- User manual (844 pages)
Table of Contents
Advertisement
CHAPTER 15 Media
3.
Configure the following AGC parameters:
●
'Enable AGC' [EnableAGC] - Enables the AGC mechanism.
●
'AGC Slope' [AGCGainSlope] - Determines the AGC convergence rate.
●
'AGC Redirection' [AGCRedirection] - Determines the AGC direction.
●
'AGC Target Energy' - Defines the signal energy value (dBm) that the AGC attempts to
attain.
●
'AGC Minimum Gain' [AGCMinGain] - Defines the minimum gain (in dB) by the AGC when
activated.
●
'AGC Maximum Gain' [AGCMaxGain] - Defines the maximum gain (in dB) by the AGC
when activated.
●
'AGC Disable Fast Adaptation' [AGCDisableFastAdaptation] - Enables the AGC Fast
Adaptation mode.
4.
Configure the 'Transcoding Mode' [TranscodingMode] parameter to Force. You can configure
this using the global parameter or per IP Profile.
5.
Click Apply.
Configuring Media (SRTP) Security
The device supports Secured RTP (SRTP) according to RFC 3711. SRTP is used to encrypt RTP
and RTCP transport for protecting VoIP traffic. SRTP requires a cryptographic key exchange
mechanism to negotiate the keys. To negotiate the keys, the device supports the Session
Description Protocol Security Descriptions (SDES) protocol (according to RFC 4568), or Datagram
Transport Layer Security (DTLS) protocol for SBC calls. For more information on DTLS, see
using DTLS
Protocol. The key exchange is done by adding the 'a=crypto' attribute to the SDP. This
attribute is used (by both sides) to declare the various supported cipher suites and to attach the
encryption key. If negotiation of the encryption data is successful, the call is established.
SRTP supports the following cipher suites (all other suites are ignored):
■
AES_CM_128_HMAC_SHA1_32
■
AES_CM_128_HMAC_SHA1_80
■
AES_256_CM_HMAC_SHA1_32 (RFC 6188)
■
AES_256_CM_HMAC_SHA1_80 (RFC 6188)
When the device is the offering side (SDP offer), it can generate a Master Key Identifier (MKI). You
can configure the MKI size globally (using the SRTPTxPacketMKISize parameter) or per SIP entity
(using the IP Profile parameter, IpProfile_MKISize). The length of the MKI is limited to four bytes. If
the remote side sends a longer MKI, the key is ignored.
- 180 -
Mediant 4000 SBC | User's Manual
SRTP
Advertisement
Table of Contents
Troubleshooting
