Tutorials: TLS Setup

TLS Setup

Open a ticket with the Voxtelesys support team so they can enable SRTP on your SIP trunk, as long as you are using a 3CX specific registration (3cx.pstn.voxtelesys.net) from Voxtelesys then it will support TLS by default.

It is recommended to open the ticket through the Voxtelesys Portal.

Open your Voxtelesys SIP trunk and ensure that your Registrar/Server/Gateway Hostname or IP is set to 3cx.pstn.voxtelesys.net

If you have a unique domain name like xxxxxx-xxxx.sip.voxtelesys.net then reach out to support and request a new registration domain.

Make sure that Auto Discovery next to the registrar is enabled, TLS registration will fail without auto discovery enabled.

Open your Voxtelesys SIP trunk and go to the Options tab and change the following settings:

SRTP Mode = Enabled

Transport Protocol = TLS

Before saving the trunk settings we will need to upload the root certificate for the domain.

Go to https://letsencrypt.org/certificates and download the Active "PEM" certificate.

Go back to the 3CX and upload the certificate under options > Transport Protocol = TLS > Click "Upload"

You should now see an expiration date.

Save the Trunk settings

Let Voxtelesys support know that the TLS/SRTP is in place on the 3CX trunk and support will verify the correct settings are enabled on your trunks!

Take note!

Incompatibility issues have been observed with custom FQDN's (non-3CX provided domains). Contact support for more information and a possible work-around.