[Freeswitch-users] extended FS as ZRTP client

Assaf Dahary adahary at gmail.com
Thu Apr 7 16:07:11 MSD 2016


I've reinstalled both FS's, client and main, with the latest version 1.6.7.

None ZRTP SIP phone -> FS client -> NAT Internet -> FS main -> CSipSimple ZRTP enabled).

All set to PCMU codec (no transcoding).
All connect on same network (no NAT).

The FS client is setup with media-proxy=false (dialplan and profiles).

And

The FS main is setup with media-proxy=true.

I still get the same problem, I get zrtp CRC warning on the FS client - and no end-to-end encryption.

As before (with version 1.4) the FS client is NOT sending any zrtp hash, as I suppose it should do.

When FS main is set to media-proxy=false then there are no waning as it now acting as MITM.

Any tip/advise on the right direction will be very much appreciated.

Regards

Assaf



On Mar 28, 2016, 18:13, at 18:13, Michael Jerris <mike at jerris.com> wrote:
>did you try and see if this is the case with a current release instead
>of the old one?
>
>> On Mar 28, 2016, at 8:14 AM, Assaf Dahary <adahary at gmail.com> wrote:
>> 
>> Hi,
>>  
>> I would like to use FS (multiple) as a ZRTP client register on a the
>main FS.
>>  
>> I have already managed to setup a Gateway with user/pass on the FS
>client and register it on the main FS for regular incoming/outgoing
>calls (without ZRTP).
>>  
>> To enable ZRTP calls I setup the FS client/main as follow:
>> None ZRTP SIP phone -> FS client -> NAT Internet -> FS main ->
>CSipSimple ZRTP enabled).
>>  
>> FS Client (ver 1.4) :
>> ZRTP enabled globally in VARS and in dialplan.
>> Media proxy disabled on both internal and external profiles and in
>dialplan.
>>  
>> FS Main (ver 1.4):
>> Media proxy enabled – including late negotiation.
>>  
>> I forced the FS client and the CSipSimple to use only PCMU codec to
>avoid transcoding.
>>  
>> The problem is that on a call from the SIP phone via the FS client
>there are always CRC errors on the ZRTP log.
>> Only if the FS main is set to disable media proxy then there are no
>CRC errors – but then it becomes a MITM with incompatible SASs.
>>  
>> From reading other posts about FS and ZRTP CRC errors I assume that
>it happens because the FS client is not creating a zrtp hash in the
>invite SDP.
>>  
>> So my question is how to make the FS client to generate the zrtp hash
>in the invite SDP to act as real ZRTP enabled client? 
>> I've already tried to set the FS client internal/external/dialplan
>with several zrtp configs with no success.
>>  
>> I would appreciate any tip to resolve this issue.
>>  
>> Regards
>>  
>> Assaf  
>>  
>>  
>> The client FS 
>>  
>>
>_________________________________________________________________________
>> Professional FreeSWITCH Consulting Services: 
>> consulting at freeswitch.org <mailto:consulting at freeswitch.org>
>> http://www.freeswitchsolutions.com
><http://www.freeswitchsolutions.com/>
>> 
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org <http://www.freeswitch.org/>
>> http://confluence.freeswitch.org <http://confluence.freeswitch.org/>
>> http://www.cluecon.com <http://www.cluecon.com/>
>> 
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
><mailto:FreeSWITCH-users at lists.freeswitch.org>
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
><http://lists.freeswitch.org/mailman/listinfo/freeswitch-users>
>>
>UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
><http://lists.freeswitch.org/mailman/options/freeswitch-users>
>> http://www.freeswitch.org <http://www.freeswitch.org/>
>
>
>------------------------------------------------------------------------
>
>_________________________________________________________________________
>Professional FreeSWITCH Consulting Services: 
>consulting at freeswitch.org
>http://www.freeswitchsolutions.com
>
>Official FreeSWITCH Sites
>http://www.freeswitch.org
>http://confluence.freeswitch.org
>http://www.cluecon.com
>
>FreeSWITCH-users mailing list
>FreeSWITCH-users at lists.freeswitch.org
>http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>http://www.freeswitch.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20160407/9a9b21c6/attachment.html 


Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users mailing list