[Freeswitch-users] encryption infos needed
excelsio at gmx.net
excelsio at gmx.net
Thu Jan 1 03:27:56 PST 2009
Hi,
we want to enhance our old Siemens Hicom 300 and replace it step by step.
Therefore we decided to try out opensource solutions ourselves. One requirement
is that the solution has to encrypt all data. So try let´s look at Asterisk was
our first thought. Well, there seem to be unoffical patches for Asterisk 1.4.x
with SRTP/SIPS support. So, unofficial. With 1.6.x the support for it hasn´t
been fully integrated, yet.
So, what´s next out there? => freeswitch
But what about encryption support?
SRTP is end to end encryption between phones, SIPS is used for the encryption of signaling "hop-by-hop", well which hop?
Talking about encryption, it seems there are many different scenarios to
consider, which looks like they couldn´t encrypted?
Let´s look at our planed setup
public telefon network <--ISDN/S2M--> Patton 4960 <--ISDN/S2M--> Siemens Hicom 300
Patton 4960 <--IP--> freeswitch <--IP--> Snom 320
SIP Provider <--IP-- freeswitch <--IP-- Snom 320
1. Incoming calls shoud be reached via landline:
[e.g. telefon network --ISDN/S2M--> Patton 4960 --IP--> freeswitch --IP--> Snom
320 users]
So, what about encryption between the Patton 4960, the freeswitch and der Snom
320? Is it possible to encrypt the whole path? Well, how? Is it supported with
freeswitch?
2. Outcoming calls should go to a SIP provider which supports sip trunking and
DDI, well SIPconnect:
[e.g. SIP Provider <--SIP trunk-- freeswitch <--IP-- Snom 320
users]
Same question here:
What about encryption between the Patton 4960, the freeswitch and der Snom 320?
Is it possible to encrypt the whole path? Well, how? Is it supported with
freeswitch?
2.1 Outcoming calls should be forwarded locally, if the SIP trunk between the
SIP provider and the freeswitch server fails
[e.g. telefon network <-- ISDN/S2M-- Patton 4960 <--IP-- freeswitch <--IP-- Snom
320 users]
Same question here:
What about encryption between the Patton 4960, the freeswitch and der Snom 320? Is
it possible to encrypt the whole IP path? Well, how? Is it supported with
freeswitch?
3. The next thing is the encryption of voice and signaling data in general.
Does the freeswitch solution support this? I think it´s an end to end encryption
between the users? As freeswitch seems to play a proxy part, I guess yes?
[e.g. freeswitch <--IP--> Snom 320 users <--SRTP/SIPS --> Snom 320]
4. Another problem is the encryption of the voice and signaling data between
our LAN and the SIP provider. Is it possible to encrypt all data between those
with the freeswitch solution? Do I need something additionally?
[e.g SIP Provider <--encrypted SIP trunk ??? --> freeswitch]
So what can be done with freeswitch? What else can be done support all scenarios above?
--
Psssst! Schon vom neuen GMX MultiMessenger gehört? Der kann`s mit allen: http://www.gmx.net/de/go/multimessenger
More information about the FreeSWITCH-users
mailing list