Convert TLS 1.2 to UDP for generic device? Looking to leverage Zoom Phone in broadcast application.

Forum|Forum|4 years ago
January 24, 2022
2 replies
12 views

I know you can register generic SIP devices that support TLS 1.2 to Zoom, like the Spectralink Versity series phones. I've also registered the Linphone app to Zoom as a generic device.

I would like to utilize a SIP based broadcast phone system with Zoom Phone - this one: https://www.telosalliance.com/broadcast-phone-systems/voip-broadcast-phone-systems/telos-vx/telos-vx-enterprise-voip-phone-system

The issue is the broadcast phone system only supports SIP over UDP or TCP.

I'm essentially looking to do the reverse of what you'd do with an SBC to bring an outside VoIP provider into the Zoom platform. I've reached out to a few of the bigger players in that space - AudioCodes and Ribbon - with minimal success.

Just curious to know if anyone has had any luck translating SIP over TLS 1.2 to UDP or TCP for simpler devices like this broadcast phone system.

townsendwc

Community Champion | Employee

@radiogooroo

Good day! The TLS 1.2 standard is to secure the traffic and in particular, the authentication of users/devices to the Zoom platform. The transport for media is handled via TCP and UDP protocols. Specifically, Zoom Phone uses the TCP and UDP ports listed in the article below for all communications after authentication is successful. Zoom Phone uses SIP over TLS, also called SIPS, as well as SRTP for the call media. SRTP is encrypted with AES-256. A link below explains a bit more about that too if you like.

In short, if your devices do not support TLS 1.2 and the standards-based SIP services, Zoom Phone will not be able to provision it as a generic device. I hope this helps to answer your question.

Firewall Ports
https://support.zoom.us/hc/en-us/articles/201362683#h_01EEBSGCKBYVB20MCVPR78T0NN
Zoom Phone Encryption
https://support.zoom.us/hc/en-us/articles/360042578911-Encryption-for-Zoom-Phone

--Bill

BrandonS

Community Champion | Partner

I'll just add that I would be skeptical of a product/company that does not do this or is not planning to. Even the low end "cheap/value" gear I sometimes work with like Grandstream and Fanvil support TLS and these newer encryption protocols. Maybe try chatting up the product support and see what their plan is. It seems clearly in their interest to be more widely supported and secure.

R

radiogoorooAuthor

Newcomer

The manufacturer of this product operates in a very niche space. If you ever hear a phone call on a radio station, SiriusXM or a TV channel, the odds are 90% or better that it went through one of their products. They do things for broadcast that no other phone system user would ever need to do, but they're critical for the broadcast space.

So, in a nutshell, they don't really have to adapt.

The way these systems are typically configured is with some flavor of Asterisk making the VoIP provider adapt to them, which is what I'm working toward at the moment with little success.

townsendwc

Community Champion | Employee

@radiogooroo

I did a little snooping through their site and found the following:
"SIP trunks via dedicated connection, often called “Managed SIP”. Provider is responsible for performance to the customer’s facility. (SIP trunks require an on-site SIP PBX, such as an Asterisk-based phone system.) Dedicated fiber installation. Dedicated SIP over DSL. Dedicated bandwidth over cable."

Zoom Phone does allow for integrations with other SIP solutions. This is how most of the analog telephony adapters work as well as integration into outside call centers. If the Telos VX Enterprise device has the ability to terminate a SIP signal and supports TLS 1.2, you should be able to make this work. Asterisk terminates with TLS 1.2. Zoom Phone can leverage a BYOP (bring your own PBX) solution so if you can only get your Telos VX to register with Asterisk, you should be able to work with Zoom Support to properly license and connect to the Asterisk for the studio phone integration.

--Bill

Getting Started

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded