1. ACLI Reference Guide
  2. ACLI Configuration Elements A-M
  3. media-security > dtls-srtp-profile

media-security > dtls-srtp-profile

The dtls-srtp-profile element allows you to use DTLS-SRTP to secure media and the signaling used to establish DTLS-SRTP flows. You apply a configured dtls-srtp-profile profile to a realm.

Parameters

name
Enter a unique identifier for this DTLS SRTP profile. Use this name when you apply the profile to realms.
tls-profile
Enter the name of the tls-profile you want to apply to traffic under this dtls-srtp-profile.
dtls-completion-timeout
Specify the number of seconds the system waits for a DLTS handshake to finish before terminating the session.
  • Range: 0 (default) to 999999
preferred-setup-role
Specify the role the system takes within the client-server context of the DTLS handshake.
  • Default: passive—The system acts as the server.
crypto-suite
Specifies the cryptography suite the system proposes during the DTLS handshake for encrypting media and authentication.
  • Default: SRTP_AES128_CM_HMAC_SHA1_80
  • Values:
    • SRTP_AES128_CM_HMAC_SHA1_80—Enables support for the AES/128 bit key for encryption and HMAC/SHA-1 80-bit digest for authentication.
    • SRTP_AES128_CM_HMAC_SHA1_32—Enables support for the AES/128 bit key for encryption and HMAC/SHA-1 32-bit digest for authentication.

Path

dtls-srtp-profile is an element under the security path. The full path from the topmost ACLI prompt is: configure terminal > security > media-security > dtls-srtp-profile.

Note:

This is a multiple instance configuration element.