Genesys Cloud - Main

Hi,

Now we have the number of projects that we need to create the SIP trunk to the existing telephone system. Most systems are based on Avaya Aura CM (on-premises). 

All the customers have very "high security requirements" for this trunk:

Maybe someone has experience with such trunks?

The main requirement is to use only TLS connection, but not only:

• Using the mutual TLS (mTLS) handshake
• Using the customer-supplied certificates from both sides
• Option to create IPVPN directly to the cloud (Genesys Cloud Edges)

Did someone create such trunks and can explain if it is possible, and what pitfalls

#Telephony

------------------------------
Yvgeni Liberman
Solutions Architect

Mobile +972 52-6344414
Voice +972 3-9281514
e-mail yvgeni_new@itnavpro.com
------------------------------

Hello Yvgeni,

If you haven't read up on using TLS as the trunk transport protocol with Genesys Cloud, I would highly recommend taking a look at this article:

https://help.mypurecloud.com/articles/tls-trunk-transport-protocol-specification/

Hopefully others in the Community can share their past experiences.

------------------------------
Jason Kleitz
Online Community Manager/Moderator
------------------------------

Jason,

Thanks a lot.

I'd seen this link before, but I didn't read it carefully 😒

The only thing that isn't covered is IPVPN.

------------------------------
Yvgeni Liberman
Solutions Architect

Mobile +972 52-6344414
Voice +972 3-9281514
e-mail yvgeni_new@itnavpro.com
------------------------------

Original Message:
Sent: 12-24-2025 16:28
From: Jason Kleitz
Subject: SIP Trunk to Avaya on-premises PBX (ASBCE)

Hello Yvgeni,

If you haven't read up on using TLS as the trunk transport protocol with Genesys Cloud, I would highly recommend taking a look at this article:

https://help.mypurecloud.com/articles/tls-trunk-transport-protocol-specification/

Hopefully others in the Community can share their past experiences.

------------------------------
Jason Kleitz
Online Community Manager/Moderator
------------------------------

Hi Yvgeni,

Assuming you are using BYOC Cloud then you don't have an option for an IPVPN and the closest thing is Amazon Direct Connect Public. If you are using Premise Edges then you could use IPVPN with those but you could connect to Avaya Session Manager instead in that case. The other option for IPVPN is another SBC in the middle but the end result is all traffic will go to the Cloud via the Internet in some manner.

Also as you mentioned mutual TLS please check out this recent announcement.

https://help.mypurecloud.com/announcements/client-authentication-eku-support-removed-from-genesys-cloud-certificate/

------------------------------
Richard Chandler
Connect
------------------------------

Original Message:
Sent: 12-25-2025 01:35
From: Yvgeni Liberman
Subject: SIP Trunk to Avaya on-premises PBX (ASBCE)

Jason,

Thanks a lot.

I'd seen this link before, but I didn't read it carefully 😒

The only thing that isn't covered is IPVPN.

------------------------------
Yvgeni Liberman
Solutions Architect

Mobile +972 52-6344414
Voice +972 3-9281514
e-mail yvgeni_new@itnavpro.com
------------------------------


Original Message:
Sent: 12-24-2025 16:28
From: Jason Kleitz
Subject: SIP Trunk to Avaya on-premises PBX (ASBCE)

Hello Yvgeni,

If you haven't read up on using TLS as the trunk transport protocol with Genesys Cloud, I would highly recommend taking a look at this article:

https://help.mypurecloud.com/articles/tls-trunk-transport-protocol-specification/

Hopefully others in the Community can share their past experiences.

------------------------------
Jason Kleitz
Online Community Manager/Moderator