Applies to: Exchange Server 2010 SP3, Exchange Server 2010 SP2

Topic Last Modified: 2012-07-23

You can enable Voice over IP (VoIP) security for a Unified Messaging (UM) dial plan. By default, when a UM dial plan is created, it will use unsecured mode or no encryption. A Unified Messaging server can be associated with a single or multiple UM dial plans and can be associated with dial plans that have different VoIP security settings.

When you configure the UM dial plan to use Session Initiation Protocol (SIP) secured or secured mode, the Unified Messaging servers that are associated with the UM dial plan will encrypt the SIP signaling traffic or the Realtime Transport Protocol (RTP) media channels and the SIP signaling traffic.

Important:
When Microsoft Exchange Server 2010 is installed, static Windows Firewall rules are added for Exchange. If you change the TCP ports that are used by the Unified Messaging server role, you may also need to reconfigure the Windows Firewall rules to allow Unified Messaging to work correctly.

Prerequisites

A UM dial plan has been created. For detailed steps, see Create a UM Dial Plan.

Use the EMC to configure VoIP security on a UM dial plan

You need to be assigned permissions before you can perform this procedure. To see what permissions you need, see the "UM dial plans" entry in the Unified Messaging Permissions topic.

  1. In the console tree, navigate to Organization Configuration > Unified Messaging.

  2. In the work pane, click the UM Dial Plans tab, select the UM dial plan that you want to manage, and then click Properties in the action pane.

  3. On the dial plan Properties page, click the General tab.

  4. Click the drop-down list next to VoIP security, and then select one of the following options:

    • SIP secured

    • Unsecured (default)

    • Secured

Click OK to save your changes.

Use the Shell to configure VoIP security on a UM dial plan

You need to be assigned permissions before you can perform this procedure. To see what permissions you need, see the "UM dial plans" entry in the Unified Messaging Permissions topic.

This example configures a UM dial plan named MySecureDialPlan to encrypt both SIP and RTP traffic.

Copy Code
Set-UMDialPlan -identity MySecureDialPlan -VoIPSecurity Secured

This example configures a UM dial plan named MySecureDialPlan to encrypt SIP but not encrypt RTP traffic.

Copy Code
Set-UMDialPlan -identity MySecureDialPlan -VoIPSecurity SIPsecured

This example configures a UM dial plan named MySecureDialPlan to not encrypt SIP and RTP traffic.

Copy Code
Set-UMDialPlan -identity MySecureDialPlan -VoIPSecurity Unsecured

For more information about syntax and parameters, see Set-UMDialplan.

Other Tasks

For More Information