Media Encryption
As of ConnecttoTeams 1.5.0, SRTP encryption is supported. It can be activated on each direct route. In order to work the PBX being used must support it as well. If your PBX is not currently using SRTP encryption, DO NOT enable it in the ConnecttoTeams Enterprise Portal.
To enable in ConnecttoTeams, simply toggle the switch in the "Media Encryption" column on the Direct Routing Connection Status dashboard.
.png?sv=2022-11-02&spr=https&st=2025-06-27T21%3A17%3A31Z&se=2025-06-27T21%3A28%3A31Z&sr=c&sp=r&sig=pq8vmYVh8ZBjV1tLIMw1lXkivgePrRef02F1PUBVovM%3D "image(223).png")
SRTP Details
Our SBC supports Secured RTP (SRTP) according to RFC 3711. SRTP is used to encrypt RTP and RTCP transport for protecting VoIP traffic. SRTP requires a cryptographic key exchange mechanism to negotiate the keys. To negotiate the keys, the device supports the Session Description Protocol Security Descriptions (SDES) protocol (according to RFC 4568).
Key exchange is done by adding the 'a=crypto' attribute to the SDP. This attribute is used (by both sides) to declare the various supported cipher suites and to attach the encryption key. If negotiation of the encryption data is successful, the call is established. Typically, 'a=crypto' is included in secured media (RTP/SAVP). However, there is also support for including 'a=crypto' in non-secured media (RTP/AVP). In such cases, the media is handled as if the device received two identical media: one secured and one not.
SRTP supports the following cipher suites (all other suites are ignored):
AES_CM_128_HMAC_SHA1_32
AES_CM_128_HMAC_SHA1_80
AES_256_CM_HMAC_SHA1_32 (RFC 6188)
AES_256_CM_HMAC_SHA1_80 (RFC 6188)
Note: due to the additional cipher-suite data added to the SDP, enabling SRTP may cause SIP messages to exceed the 1500-byte UDP packet size, resulting in packet fragmentation and failed calls. It may be necessary to change the PBX transport to TCP to ensure successful calling. Note: due to the additional cipher-suite data added to the SDP, enabling SRTP may cause SIP messages to exceed the 1500-byte UDP packet size, resulting in packet fragmentation and failed calls. It may be necessary to change the PBX transport to TCP to ensure successful calling.