[Freeswitch-users] Freeswitch extended with ZRTP

[Assaf Dahary]

Hi,

 

I would like to setup FS1 as a 'ZRTP gateway' to a none-zrtp sip client.

 

Here is my net setup: 

Client1 (without ZRTP)-> LAN -> FS1 (Gateway: register to FS2) -> NAT ->
Internet-> Public IP (not NAT) FS2 -> CSipSimple (ZRTP enabled).

 

Client1:

Ø  Ex#1000, Registered over LAN to FS1.

FS1:

Ø  Being NAT with dynamic IP address

Ø  Registered as a Gateway to FS2 (in Internal profile). So FS1 is extended
on FS2.

Ø  Setup as 'Proxy-Media = false' && zrtp_enrollment=true (trusted MITM).

FS2:

Ø  Connected with static public IP address (not behind NAT)

Ø  Setup as 'Proxy-Media = true' && inbound-late-negotiation=true. 

CSipSimple:

Ø  Behind NAT (remote WiFi/3G) and is registered on FS2 (Internal profile).

FS2 is successfully serving multiple CSipSimple ZRTP clients with end-to-end
ZRTP secure calls.

 

The problem:

When calling from Client1/FS1 to FS2/CSipSimple, 

then FS1 shows ' WARNING! Incoming ZRTP CRC validation fails' 

and FS2 shows ' ZRTP not negotiated on both sides; disabling ZRTP passthr
'.

 

I have tested FS1 locally with CSipSimple and it manages to connect with
ZRTP/MITM so it is capable of ZRTP.

 

I follow up what have been recommended on the forum to extend FS1 and to
verify matching codecs (I forced PCMU only on all devices) and to check
RTP/UDP ports flow (SIP trace).

 

I would appreciate any help on how to setup end-to-end ZRTP calls between
FS1 and remote CsipSimple (FS2).

 

Regards

 

Assaf  

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20160221/5c5e9711/attachment.html