I've got a HDX6000 running 3.0.5-22695.
After a system reboot the AES Encryption setting is always set to "Required for All Calls"
I can change this setting to "Off", "When Available", "Required for Video Calls Only", "Required for All Calls"
The setting is applied correctly to the HDX6000 when I Update the Security page.
After a system reboot the AES Encryption setting reverts back to "Required for All Calls"
Anyone else have this problem?
Solved! Go to Solution.
Is this system associated with a CMA as a provisioning server ? If so, it could be causing this. I've not experienced this on the HDX 6000s that I've upgraded...
Hi there :)
Are you changing the settings via remote control or webinterface ?
Any update on this hotfix? We have several HDX8000 systems integrated with Lync and experiencing the same issue.
Hi Lats & Welcome.
Only your local Polycom Tech Support can update you on Hot Fixes/New Releases.
But FYI I have an HDX4000, same s/w version on Lync with AES Set to "When available" it's it's just as happy as a clam (or insert local phrase here).
The AES Encryption issue in 3.0.5 is actually new behavior which is intended. The HDX is now adhering to a Microsoft qualification requirement that registered endpoints reflect the server-side media encryption policy as an in-band provisioning policy.
So if your Lync media encryption policy (Get-CsMediaConfiguration) is still set to the default value of RequireEncryption then after the HDX succesfully registers to Lync it will update its own AES Encryption setting to match this requirement.
In mixed Lync environments where third-party video endpoints or video calling with Windows Live Messenger is enabled then it is recommended to change this server-side policy to SupportEncryption. This configuration still uses SRTP media encryption for most Lync calls, but will leave the HDX at 'When Available' if this is needed for non-SIP calls to other systems which do not support media encryption.