Hi,
I connected to the remote lab's CM and by issuing "display system-parameters customer-options" I see that "Media Encryption Over IP" is set to "n" which means the remote lab's license does not support media Encryption. How Can we enable media encryption there?
Another question is if Media Encryption is enable for an extension(the phone) and I register another instance of that extension(client mode, dependent, no encryption) to redirect the media to an IP address, Can I have unencrypted redirected media?
Thanks a lot

Thanks a lot

Bruno, I will touch base with the people who are responsible for the remote lab regarding encryption. We can enable it when you have lab time (when will that be), and you can save those translations and thus have a version where encryption is enabled, but I would like to have the 'Golden Image' updated as we call it so that this is permanently fixed.

Relative to your second question, encryption is handled on a user by user bases. in the case of multiple registrations per device, each party registered to the extension utilizes encryption based on their configuration/capabilities. Thus if you have two 96xx phones (that support encryption) and a DMCC application that does not support encryption, and the ip-codec allows both encryption and none (encryption), the the two 96xx station media streams will be encrypted to the media server, and the DMCC application's media streams will not be encrypted.

Thanks John;
We are still waiting for lab reservation confirmation. We already asked about encryption enable in the booking. Maybe Avaya personnel at the lab will take care of it

We just (re?)enabled encryption in the license file, it seems to have gotten turned off... It should be on for your lab time. Do you have your own translation image you restore, or do you use ours?

We dont have our own setting image, everytime, I restored to the lated-known working backup as shown in the lab guide. Do we still have encryption enable with that?
Thanks

I have created a new latest known working configuration file today with that option enabled.

As a side note...

Media Encryption over IP can be turned on or off in the Application Enablement Services remote lab by following these steps:
1.   Go to http://10.64.120.10
2.   Continue past certificate warning
3.   On "Before You Begin" page, click continue
4.   Login as craft/craft01
5.   On the "Supress Warning" page click yes
6.   Mouse over Administration at the top and click on "Licensing"
7.   Click Feature Administration on the left hand side
8.   "Current Settings" should be selected and then click display
9.   Find "Media Encryption over IP" in the list and select the desired setting (On or Off)
10.   Scroll to bottom and hit submit
11.   You should get a Successful message.
12.   The setting is now changed. If you want an image of your setup in the lab for future use make sure to do a backup of this translation.

Hi, I have another question regard to encryption algorithm used. From the "Administering Network Connectivity on Avaya AuraTM Communication Manager" doc, I see that there are 3 choices for encryption which are AES, AEA and SRTP. However, in your FAQs, it said I can only choose AES for encryption at registration time. The sdk also allow to choose only AES as encryption method.
Could it be that the media gateways decrypt and re-encrypt media before delivering to registerd extensions?
Thanks for you help

in the case of a multi-party call (3 or more), the Avaya media gateways, terminate the media stream from each party, form the per party conference sum, and then send the sum to each party. This required decrypting and encrypting the media stream. This behavior allows there to be disparate encryption schemes used by different parties in a call (as well as disparate codecs).

When possible (compatible codecs, encryption and system configuration), a two party will go to direct media, and the media gateways will not be part of the call path.