Transport Layer Security; Encrypt Signaling With Sip Over Tls - Cisco 8800 Series Manual

Cisco IP Phone Configuration

Transport Layer Security

Transport Layer Security (TLS) is a standard protocol for securing and authenticating communications over
the Internet. SIP over TLS encrypts the SIP signaling messages between the service provider SIP proxy and
the end user.
The Cisco IP Phone uses UDP as the standard for SIP transport, but the phone also supports SIP over TLS
for added security.
The following table describes the two TLS layers.
Table 8: TLS Layers
Protocol Name
TLS Record Protocol
TLS Handshake
Protocol

Encrypt Signaling with SIP Over TLS

You can configure added security when you encrypt signaling messages with SIP over TLS.
Before you begin
Access the Phone Web Interface, on page
Procedure
Step 1
Select Voice > Ext(n), where n is an extension number.
Step 2
In the SIP Settings section, select TLS from the SIP Transport list.
You can configure this parameter in the phone configuration XML file (cfg.xml) by entering a string in this
format:
<SIP_Transport_1_ ua="na">TLS</SIP_Transport_1_>
.
Options available:
• UDP
• TCP
• TLS
• Auto
Default: UDP.
Description
Layered on a reliable transport protocol, such as SIP or TCH, this layer ensures
that the connection is private through use of symmetric data encryption and it
ensures that the connection is reliable.
Authenticates the server and client, and negotiates the encryption algorithm and
cryptographic keys before the application protocol transmits or receives data.
Cisco IP Phone 8800 Series Multiplatform Phone Administration Guide for Release 11.3(1) and Later
104. See Transport Layer Security, on page 121
Transport Layer Security
121