11.5.1 Enabling SIP encryption in an account
To enable SIP encryption, it must be enabled in the customer account. Once enabled, SIP encryption can only be enabled for VoIP phones that support TLS/SRTP encryption. When SIP encryption is enabled for a phone, it is re-provisioned and the device connects to the Enreach Contact SIP proxy (securevoip.voipoperator.tel, port 5062). All SIP traffic between the phone and the Enreach Contact platform will then encrypted with SRTP and TLS.
Phones that do not support TLS/SRTP don’t need to be re-provisioned and will be connected to the unencrypted Enreach Contact SIP proxy (mv.voipoperator.eu, port 5080). SIP traffic between these phones and the Enreach Contact platform is unencrypted and uses Real-time Transport Protocol (RTP) and Session Description Protocol (SDP).
Enabling SIP encryption will require a reboot of the VoIP device.
To enable SIP encryption in an account
The Customer details page appears.The Enreach Contact environment appears.The Activate SIP Encryption Proxy dialogue appears.Label | Explanation |
|---|---|
SIP Encryption Proxy | Select which encrypted SIP proxy should be used from the dropdown list. |
Force setting to existing CPE | Activate the checkbox if you want the encrypted SIP to be enabled for all channels and devices in the account that support TLS/SRTP encryption. |
Set firmware to recommend firmware | Activate the checkbox if you want the firmware on the devices to be updated to the recommended version. This is specified in the CPE firmware management page. |
Reboot devices | Activate the checkbox if you want the SIP encryption to immediately trigger a reboot of all devices that support TLS/SRTP encryption. If you want to reprovision the devices at a different time, deactivate the checkbox and either manually reboot the devices or update the firmware of the devices in the CPE Settings page. |
The SIP encryption is activated in the account.