====== Secure H.323 Gateways ======
  * H.323 device generates the SRTP session keys and sends them to Cisco Unified Communication Manager
  * This key exchange is not protected (that is, keys are sent in cleartext).
  * IPSec should be used to protect key exchange

===== Configuration =====

==== CUCM H.323 Gateway ====
  * Enable SRTP
{{cucm-sec-h323-1.png|}}

==== IOS H.323 Gateway ====
  * Enable SRTP with no fall back
  * SRTP must be used
  * Fallback to non secure is not allowed
<code>
dial-peer voice 2 voip
  incoming called-number 915125552001
  srtp
</code>

  * Enable SRTP with fall back. 
  * Uses system fallback setting
  * Can fall back to non secure mode
<code>
voice service voip
  srtp fallback
!
dial-peer voice 3 voip
  incoming called-number 91552.......
  srtp system
</code>