diff --git a/conf/dialplan/default.xml b/conf/dialplan/default.xml
index 6505d20b39..ed9ad3be20 100644
--- a/conf/dialplan/default.xml
+++ b/conf/dialplan/default.xml
@@ -87,15 +87,6 @@
 	<!-- <action application="export" data="sip_secure_media=true"/> -->
       </condition>
 
-      <!-- 
-	   This will cause us to not enable SRTP on known broken 3.x.x Polycom Firmware.
-      -->
-      <condition field="${sip_secure_media}" expression="^true$" break="never"/>
-      <condition field="${sip_user_agent}" expression="^PolycomSound(Point|Station)IP-S(S|P)IP_\d{3,4}-UA\/((3).(\d).(\d).(\d{4}))$" break="never">
-	<action application="set" data="sip_secure_media=false"/>
-	<action application="log" data="crit Your phone is a Polycom running 3.x firmware that is known broken for SRTP."/>
-      </condition>
-
       <condition>
 	<action application="hash" data="insert/${domain_name}-spymap/${caller_id_number}/${uuid}"/>
 	<action application="hash" data="insert/${domain_name}-last_dial/${caller_id_number}/${destination_number}"/>
diff --git a/src/mod/endpoints/mod_sofia/sofia.c b/src/mod/endpoints/mod_sofia/sofia.c
index 221f9dd726..09892772c6 100644
--- a/src/mod/endpoints/mod_sofia/sofia.c
+++ b/src/mod/endpoints/mod_sofia/sofia.c
@@ -3372,6 +3372,9 @@ static void sofia_handle_sip_i_state(switch_core_session_t *session, int status,
 				}
 				
 				if (is_ok) {
+					if (tech_pvt->local_crypto_key) {
+						sofia_glue_set_local_sdp(tech_pvt, NULL, 0, NULL, 0);
+					}
 					nua_respond(tech_pvt->nh, SIP_200_OK,
 								SIPTAG_CONTACT_STR(tech_pvt->reply_contact),
 								SOATAG_USER_SDP_STR(tech_pvt->local_sdp_str),
diff --git a/src/mod/endpoints/mod_sofia/sofia_glue.c b/src/mod/endpoints/mod_sofia/sofia_glue.c
index aaf865afe4..7ce1019f3b 100644
--- a/src/mod/endpoints/mod_sofia/sofia_glue.c
+++ b/src/mod/endpoints/mod_sofia/sofia_glue.c
@@ -2805,11 +2805,26 @@ uint8_t sofia_glue_negotiate_sdp(switch_core_session_t *session, sdp_session_t *
 							const char *a = switch_stristr("AES", tech_pvt->remote_crypto_key);
 							const char *b = switch_stristr("AES", crypto);
 
+							/* Change our key every time we can */
+							if (switch_stristr(SWITCH_RTP_CRYPTO_KEY_32, crypto)) {
+								switch_channel_set_variable(tech_pvt->channel, SOFIA_HAS_CRYPTO_VARIABLE, SWITCH_RTP_CRYPTO_KEY_32);
+								sofia_glue_build_crypto(tech_pvt, atoi(crypto), AES_CM_128_HMAC_SHA1_32, SWITCH_RTP_CRYPTO_SEND);
+								switch_rtp_add_crypto_key(tech_pvt->rtp_session, SWITCH_RTP_CRYPTO_SEND, atoi(crypto), tech_pvt->crypto_type,
+														  tech_pvt->local_raw_key, SWITCH_RTP_KEY_LEN);
+							} else if (switch_stristr(SWITCH_RTP_CRYPTO_KEY_80, crypto)) {
+								switch_channel_set_variable(tech_pvt->channel, SOFIA_HAS_CRYPTO_VARIABLE, SWITCH_RTP_CRYPTO_KEY_80);
+								sofia_glue_build_crypto(tech_pvt, atoi(crypto), AES_CM_128_HMAC_SHA1_80, SWITCH_RTP_CRYPTO_SEND);
+								switch_rtp_add_crypto_key(tech_pvt->rtp_session, SWITCH_RTP_CRYPTO_SEND, atoi(crypto), tech_pvt->crypto_type,
+														  tech_pvt->local_raw_key, SWITCH_RTP_KEY_LEN);
+							} else {
+								switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_ERROR, "Crypto Setup Failed!.\n");
+							}
+														
 							if (a && b && !strncasecmp(a, b, 23)) {
 								switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_DEBUG, "Change Remote key to [%s]\n", crypto);
 								tech_pvt->remote_crypto_key = switch_core_session_strdup(tech_pvt->session, crypto);
 								tech_pvt->crypto_tag = crypto_tag;
-
+								
 								if (switch_rtp_ready(tech_pvt->rtp_session) && sofia_test_flag(tech_pvt, TFLAG_SECURE)) {
 									sofia_glue_add_crypto(tech_pvt, tech_pvt->remote_crypto_key, SWITCH_RTP_CRYPTO_RECV);
 									switch_rtp_add_crypto_key(tech_pvt->rtp_session, SWITCH_RTP_CRYPTO_RECV, tech_pvt->crypto_tag,