[Freeswitch-users] srtp clarification

Mitch Johnson mitch.johnson7 at gmail.com
Mon Mar 7 00:18:04 MSK 2011 

I do understand the need for tls, I have no issues with tls, it works fine, it's the srtp I haven't managed to get working.

Thanks for your reply.

Mitch

> From: Steven Ayre <steveayre at gmail.com>
> Date: March 6, 2011 2:05:17 PM EST
> To: FreeSWITCH Users Help <freeswitch-users at lists.freeswitch.org>
> Subject: Re: [Freeswitch-users] srtp clarification
> Reply-To: FreeSWITCH Users Help <freeswitch-users at lists.freeswitch.org>
> 
> 
>> The problem comes in when I require SRTP only on the phones.
> 
> If you use SRTP without TLS, you get no security at all. The
> encryption key used for the SRTP is passed within the SIP signalling.
> Unless you encrypt that then anyone intercepting the call can get the
> key from the signalling and then decrypt the media at will.
> 
> -Steve
> 
> 
> 
> On 6 March 2011 16:43, Mitch Johnson <mitch.johnson7 at gmail.com> wrote:
>> My previous post may have suggested that the TLS/SRTP was not working.  Where in fact, the TLS works like a charm.
>> 
>> The problem comes in when I require SRTP only on the phones.  When SRTP s turned off it works great, and so does TLS.
>> 
>> I've been trying to understand how the voice part of the call is setup using SRTP.  When I go through the logs, I don't see anything that says that SRTP failed anywhere.  I'm pretty sure it's somewhere in my configuration.  In Asterisk I had to define the transport mechanism of tls and encryption=yes to make it supposed to work.  But then I never got it working there either, the difference with Asterisk is that it was showing SRTP as failing, but there's a bug causing that so it was pretty much a brick wall for me.
>> 
>> Am I supposed to do something under the user profile or somewhere else where that call is encrypted using SRTP?  I followed the TLS and SRTP guides to do the setup.
>> 
>> Any help on this would be greatly appreciated.  As with any problem, it's consuming my life until I can sort it out.
>> 
>> Thanks so much ahead of time,
>> 
>> Mitch
>> _______________________________________________
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>> 
> 
> 
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20110306/90a5aad2/attachment.html

More information about the FreeSWITCH-users mailing list