[Freeswitch-dev] SIP Over TCP/TLS

Irshad Ahamed irshad.fswitch at gmail.com
Thu Jan 31 04:07:01 EST 2008


Please go through this article on wiki....
http://en.wikipedia.org/wiki/Transport_Layer_Security

Hope it may help you understand better.

BR,
Irshad.

On Jan 31, 2008 12:49 PM, Karl Kloppenborg <karl at dragnet.com.au> wrote:

> im not familiar with TLS,can someone please explain?
> On 31/01/2008, at 6:04 PM, Brian West wrote:
>
> > Well for the snom its easy:
> >
> > http://wiki.snom.com/Old/
> > FAQ#Q:_How_can_I_setup_snom3xx_phones_for_TLS_support.3F
> >
> > Be warned you'll need to have var sip-force-contact set to NDLB-tls-
> > connectile-dysfunction on the user. set so we watch for the correct
> > port.  As for the grandstream no clue.  I don't have one that actually
> > works.
> >
> > Snom is fixing this TLS but in up coming firmware releases as it
> > reports the wrong contact in the register.
> >
> > /b
> >
> >
> > On Jan 31, 2008, at 12:52 AM, Irshad Ahamed wrote:
> >
> >> I have SNOM 300 and Grandstream GXP2000 with me.
> >>
> >> BR,
> >> Irshad.
> >>
> >> On Jan 31, 2008 12:03 PM, Brian West <brian.west at mac.com> wrote:
> >> What phone do you have?
> >>
> >> /b
> >>
> >> On Jan 31, 2008, at 12:21 AM, Irshad Ahamed wrote:
> >>
> >>> Hi,
> >>>
> >>> I have added the below lines in /usr/local/freeswitch/conf/
> >>> sip_profiles/default.xml.
> >>>
> >>>    <!-- TLS: disabled by default, set to "true" to enable -->
> >>>    <param name="tls" value="true"/>
> >>>    <!-- additional bind parameters for TLS -->
> >>>    <param name="tls-bind-params" value="transport=tls"/>
> >>>    <!-- Port to listen on for TLS requests. (5061 will be used if
> >>> unspecified) -->
> >>>    <param name="tls-sip-port" value="5061"/>
> >>>    <!-- Location of the agent.pem and cafile.pem ssl certificates
> >>> (needed for TLS server) -->
> >>>    <param name="tls-cert-dir" value="$${base_dir}/conf/ssl"/>
> >>>    <!-- TLS version ("sslv23" (default), "tlsv1"). NOTE: Phones may
> >>> not work with TLSv1 -->
> >>> Which phones you mean will not work????
> >>>    <param name="tls-version" value="tlsv1"/>
> >>>
> >>> I also copied cafile.pem and agent.pem to /usr/local/freeswitch/
> >> conf/
> >>> ssl/
> >>>
> >>> But I am seeing SIP siganlling going on UDP still. Am i missing some
> >>> link here????
> >>>
> >>> BR,
> >>> Irshad.
> >>
> >>
> >> _______________________________________________
> >> Freeswitch-dev mailing list
> >> Freeswitch-dev at lists.freeswitch.org
> >> http://lists.freeswitch.org/mailman/listinfo/freeswitch-dev
> >> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-
> >> dev
> >> http://www.freeswitch.org
> >>
> >> _______________________________________________
> >> Freeswitch-dev mailing list
> >> Freeswitch-dev at lists.freeswitch.org
> >> http://lists.freeswitch.org/mailman/listinfo/freeswitch-dev
> >> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-
> >> dev
> >> http://www.freeswitch.org
> >
> >
> > _______________________________________________
> > Freeswitch-dev mailing list
> > Freeswitch-dev at lists.freeswitch.org
> > http://lists.freeswitch.org/mailman/listinfo/freeswitch-dev
> > UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-dev
> > http://www.freeswitch.org
>
>
> _______________________________________________
> Freeswitch-dev mailing list
> Freeswitch-dev at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-dev
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-dev
> http://www.freeswitch.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-dev/attachments/20080131/5150ec67/attachment.html 


More information about the Freeswitch-dev mailing list