Please go through this article on wiki....<br><a href="http://en.wikipedia.org/wiki/Transport_Layer_Security">http://en.wikipedia.org/wiki/Transport_Layer_Security</a><br><br>Hope it may help you understand better.<br><br>
BR,<br>Irshad.<br><br><div class="gmail_quote">On Jan 31, 2008 12:49 PM, Karl Kloppenborg <<a href="mailto:karl@dragnet.com.au">karl@dragnet.com.au</a>> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
im not familiar with TLS,can someone please explain?<br><div><div></div><div class="Wj3C7c">On 31/01/2008, at 6:04 PM, Brian West wrote:<br><br>> Well for the snom its easy:<br>><br>> <a href="http://wiki.snom.com/Old/" target="_blank">http://wiki.snom.com/Old/</a><br>
> FAQ#Q:_How_can_I_setup_snom3xx_phones_for_TLS_support.3F<br>><br>> Be warned you'll need to have var sip-force-contact set to NDLB-tls-<br>> connectile-dysfunction on the user. set so we watch for the correct<br>
> port. As for the grandstream no clue. I don't have one that actually<br>> works.<br>><br>> Snom is fixing this TLS but in up coming firmware releases as it<br>> reports the wrong contact in the register.<br>
><br>> /b<br>><br>><br>> On Jan 31, 2008, at 12:52 AM, Irshad Ahamed wrote:<br>><br>>> I have SNOM 300 and Grandstream GXP2000 with me.<br>>><br>>> BR,<br>>> Irshad.<br>>><br>
>> On Jan 31, 2008 12:03 PM, Brian West <<a href="mailto:brian.west@mac.com">brian.west@mac.com</a>> wrote:<br>>> What phone do you have?<br>>><br>>> /b<br>>><br>>> On Jan 31, 2008, at 12:21 AM, Irshad Ahamed wrote:<br>
>><br>>>> Hi,<br>>>><br>>>> I have added the below lines in /usr/local/freeswitch/conf/<br>>>> sip_profiles/default.xml.<br>>>><br>>>> <!-- TLS: disabled by default, set to "true" to enable --><br>
>>> <param name="tls" value="true"/><br>>>> <!-- additional bind parameters for TLS --><br>>>> <param name="tls-bind-params" value="transport=tls"/><br>
>>> <!-- Port to listen on for TLS requests. (5061 will be used if<br>>>> unspecified) --><br>>>> <param name="tls-sip-port" value="5061"/><br>>>> <!-- Location of the agent.pem and cafile.pem ssl certificates<br>
>>> (needed for TLS server) --><br>>>> <param name="tls-cert-dir" value="$${base_dir}/conf/ssl"/><br>>>> <!-- TLS version ("sslv23" (default), "tlsv1"). NOTE: Phones may<br>
>>> not work with TLSv1 --><br>>>> Which phones you mean will not work????<br>>>> <param name="tls-version" value="tlsv1"/><br>>>><br>>>> I also copied cafile.pem and agent.pem to /usr/local/freeswitch/<br>
>> conf/<br>>>> ssl/<br>>>><br>>>> But I am seeing SIP siganlling going on UDP still. Am i missing some<br>>>> link here????<br>>>><br>>>> BR,<br>>>> Irshad.<br>
>><br>>><br>>> _______________________________________________<br>>> Freeswitch-dev mailing list<br>>> <a href="mailto:Freeswitch-dev@lists.freeswitch.org">Freeswitch-dev@lists.freeswitch.org</a><br>
>> <a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-dev" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-dev</a><br>>> UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-</a><br>
>> dev<br>>> <a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>>><br>>> _______________________________________________<br>>> Freeswitch-dev mailing list<br>
>> <a href="mailto:Freeswitch-dev@lists.freeswitch.org">Freeswitch-dev@lists.freeswitch.org</a><br>>> <a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-dev" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-dev</a><br>
>> UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-</a><br>>> dev<br>>> <a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
><br>><br>> _______________________________________________<br>> Freeswitch-dev mailing list<br>> <a href="mailto:Freeswitch-dev@lists.freeswitch.org">Freeswitch-dev@lists.freeswitch.org</a><br>> <a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-dev" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-dev</a><br>
> UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-dev" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-dev</a><br>> <a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<br><br>_______________________________________________<br>Freeswitch-dev mailing list<br><a href="mailto:Freeswitch-dev@lists.freeswitch.org">Freeswitch-dev@lists.freeswitch.org</a><br><a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-dev" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-dev</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-dev" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-dev</a><br><a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
</div></div></blockquote></div><br>