This document describes secure encrypted configuration Signalling Connection Control Part (SCCP) on VG224 Analog Gateway.
Cisco recommends that you have knowledge of these topics:
Cisco Unified Communications Manager (CUCM)
The information in this document is based on these software versions:
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, ensure that you understand the potential impact of any command.
Step 1. Copy the callmanager.pem certificate to the VG224 (referenced as SECURE trustpoint in the below configuration)
Step 2. Create a self signed certificate on the VG224 with the MAC address of FastEthernet0/0 (bind interface) with only the last 10 digits as the subject-name.
Step 3. Copy the vg-cert to CUCM as a call-manager trust and restart CUCM.
The information is provided for configuration of certificates that are required for VG224.
Router(config)#crypto key generate rsa general-keys label vg modulus 1024
Router(config)#crypto pki trustpoint vg
subject-name cn=1A:E2:85:7B:E2 <----- Last 10 DIGITS ONLY of the SCCP bind interface. Formatting EXACTLY as shown with colons.
crypto pki enroll vg
Router(config)#crypto pki export vg_cert pem terminal