security
This command configures various security parameters.
Syntax
(config-voip)# media security (media-security)#
|
Command |
Description |
|---|---|
|
aria-protocol-support {off|on} |
Enables ARIA media encryption algorithm. |
|
media-sec-bhvior {mandatory|preferable|preferable-single-media} |
Defines the device behavior when receiving offer/response for media encryption. |
|
media-security-enable {off|on} |
Enables the media security protocol (SRTP). |
|
offer-srtp-cipher {aes-256-cm-hmac-sha1-32|aes-256-cm-hmac-sha1-80| aes-cm-128-hmac-sha1-32|aes-cm-128-hmac-sha1-80|all|aria-cm-128-hmac-sha1-80|aria-cm-192-hmac-sha1-80|not-configured} |
Defines the offered SRTP cipher suite. |
|
reset-srtp-upon-re-key |
Resets SRTP State Upon Re-key. |
|
rtcp-encryption-disable-tx {disable|enable} |
On a secured RTP session, disables encryption on transmitted RTCP packets. |
|
rtp-authentication-disable-tx {disable|enable} |
On a secured RTP session, disables authentication on transmitted RTP packets. |
|
rtp-encryption-disable-tx {disable|enable} |
On a secured RTP session, disables encryption on transmitted RTP packets. |
|
srtp-reset-tx-rx-separately {off|on} |
Enables the device to reset only the SRTP stream (roll-over counter / ROC index and other SRTP fields) with the call party that changes the SRTP key (‘a=crypto’ line in SDP body) during a call. |
|
srtp-tnl-vld-rtcp-auth {off|on} |
Validates SRTP Tunneling Authentication for RTCP. |
|
srtp-tnl-vld-rtp-auth {srtp-tnl-vld-rtcp-auth|srtp-tnl-vld-rtp-auth} |
Validates SRTP Tunneling Authentication for RTP. |
|
srtp-tx-packet-mKi-size |
Defines the size of the Master Key Identifier (MKI) in transmitted SRTP packets. |
|
rsymmetric-mki |
Enables symmetric MKI negotiation. |
Command Mode
Privileged User
Example
This example enables SRTP:
(config-voip)# media security (media-security)# media-security-enable on (media-security)# activate