[Freeswitch-users] FreeSwith does not setup secure call with leg B.
Brian West
brian at freeswitch.org
Tue Sep 9 19:34:11 MSD 2014
You didn't mention what rev you're using, If you're in 1.4 then its
rtp_secure_media, please see latest configs and extensive docs in vars.xml
about srtp and all the nice knobs you can use to tweak it.
On Tue, Sep 9, 2014 at 12:52 AM, Chandrakant Marathe <cwmarathe at gmail.com>
wrote:
> Hi All,
> I have setup FreeSwith PBX. I am facing an issue of not having end to end
> secure call. Caller sends INVITE request with SIPS in request URI and
> RTP/SAVP in SDP. But when FreeSwith forwards the request to caller, it is
> not using RTP/SAVP in SDP.
>
> I have followed the steps mentioned in WIKI (
> https://wiki.freeswitch.org/wiki/SIP_TLS#Configuration) for TLS
> configuration and marked "exports sip_secure_media" true in
> "conf/dialplan/default.xml" file (as per
> https://wiki.freeswitch.org/wiki/SRTP). But still FreeSwitch does not use
> RTP/SAVP for leg-B.
>
> Also, I am bit confused with following condition in "default.xml" when
> wiki page suggests that
> late coded negotiation must NOT to be turned on.
>
> <!--
> Since we have inbound-late-negotation on by default now the
> above behavior isn't the same so you have to do one extra step.
> -->
>
> <condition field="${endpoint_disposition}" expression="^(DELAYED
> NEGOTIATION)"/>
> <condition field="${switch_r_sdp}"
> expression="(AES_CM_128_HMAC_SHA1_32|AES_CM_128_HMAC_SHA1_80)"
> break="never">
> <action application="set" data="sip_secure_media=true"/>
> <!-- Offer SRTP on outbound legs if we have it on inbound. -->
> <action application="export" data="sip_secure_media=true"/>
> </condition>
>
> By commenting/un-commenting "sip_secure_media=true" above, it did not
> worked.
>
> Any help with this would be greatly appreciated.
>
> --
> Thanks
> CWM
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://confluence.freeswitch.org
> http://www.cluecon.com
>
>
>
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
--
*Brian West*
brian at freeswitch.org
*Twitter: @FreeSWITCH , @briankwest*
http://www.freeswitchbook.com
http://www.freeswitchcookbook.com
*T:*+19184209001 | *F:*+19184209002 | *M:*+1918424WEST (9378)
*iNUM:*+883 5100 1420 9001 | *ISN:*410*543 | *Skype:*briankwest
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20140909/3fbbc3e7/attachment.html
Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users
mailing list