You have invested a lot to mesh/manet, PTT kits and love how they perform and create ad-hoc presence without infrastructure.

It might be that your tactical mesh/manet radio has clear text Push-To-Talk over IP networks. Make sure you understand difference between air interface and payload security. Your air interface could be encrypted but UDP packets touching IP networks are still plain text. Current implementations might be also vulnerable to UDP packets jamming traffic, preventing your PTT communications.

That CN assembled and flashed LAN switch in your infrastucture might show some love towards your multicast UDP packets.

I've used my Embedded Linux design skills to implement SecurePTT running on Edgemap node. It's nothing special, but gives you controlled domain to compute your secrecy for critical communication. SecurePTT can be utilized as stand alone with attached USB or Tactical PTT devices but it can also capture your existing clear text PTT traffic and encrypt it before it enters to delivery.

Not only secrecy and UDP jamming resistance, SecurePTT can also bridge different MANET vendors PTT implementations so that you can PTT between radio brands and circumvent those doomed vendor locks.