Enable Secure SIP (SIPS)
Make sure that you enable Secure SIP (SIPS) so that the device initiates TLS all the way to the destination (i.e., over multiple hops). SIPS runs SIP-over-TLS on a hop-by-hop basis. This is important as using TLS as a transport by itself guarantees only encryption over a single hop. Since it's very common for a SIP call to traverse multiple proxy servers from one end to the other, there is a need to guarantee end-to-end security for SIP traffic. A call to a SIPS URI is guaranteed to be encrypted from end to end. All SIP traffic within this call is secured using TLS from the sender to the domain of the final recipient.
| ➢ | To enable SIPS: |
| 1. | Open the Transport Settings page (Setup menu > Signaling & Media tab > SIP Definitions folder > Transport Settings). |
| 2. | From the 'SIPS' drop-down list, select Enable: |
Enabling SIPS
It's recommended to use the 'SIPS' parameter and not the 'SIP Transport Type' parameter to define TLS. The 'SIP Transport Type' parameter provides only a TLS connection to the next network hop whereas the 'SIPS' parameter provides TLS to the final destination (over multiple hops).
| 3. | Configure the local SIP TLS port for the SIP Interface in the SIP Interfaces table. |