[Freeswitch-users] Unable to secure b-leg to user

Peter Waldheim struwwelp at gmail.com
Thu Jun 13 15:32:33 MSD 2013


Dear list,

I am trying to configure SRTP.
This seems to work fine for calls from a local sip user. Clients are
registered via TLS and outbound-call a-legs use SRTP.

The problem is to secure the call to local sip users, coming in via openzap
in this case.
On this call's b-leg, I am unable to make freeswitch offer SAVP (in this
case then leading to bria refusing the call due to being configured to
accept secure calls only).

The local sdp:
2013-06-13 13:13:50.040774 [DEBUG] sofia_glue.c:1219 Local SDP:
v=0
o=FreeSWITCH 1371101270 1371101271 IN IP4 out.ip.address
s=FreeSWITCH
c=IN IP4 our.ip.address
t=0 0
m=audio 20760 RTP/AVP 8 3 101 13
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-16
a=ptime:20
a=sendrecv
m=video 19462 RTP/AVP 34 98
a=rtpmap:34 H263/90000
a=rtpmap:98 H264/90000

In the dialplan I tried combinations of these:
      <action application="set" data="sip_secure_media=true" />
      <action application="set" data="sdp_secure_savp_only=true" />
      <action application="export" data="sip_secure_media=true" />
      <action application="export" data="sdp_secure_savp_only=true" />
 <action application="bridge"
data="{local_var_clobber=true,sip_secure_media=true}user/$1 at our.profile"/>

Also I tried setting the sip_secure_media variable in the user's profile.

Any hints on how to make this work (or further debug) would be greatly
appreciated.

Best regards,
Peter
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20130613/c1f4b5c5/attachment.html 


Join us at ClueCon 2011 Aug 9-11, 2011
More information about the FreeSWITCH-users mailing list