<div>Hello,</div>
<div> </div>
<div>I'm using FreeSWITCH mostly as a PBX for multi tenants. Secure calling is supported fully by FreeSWITCH and to my knowledge it is the only open-source solution where it works w/o any hacks or tweaks.</div>
<div>Current major brand of phones supporting SRTP and TLS that I've tested are Linksys and Snom. I'm told on the IRC channel that there are more working.</div>
<div>FreeSWITCH as an SIP B2BUA can be configured to offer SRTP in SDP negogitation in the B-leg (just use export sip_secure_media param). That means that if a phone and the other softswitch/gateway supports SRTP you can have whole path encrypted.</div>
<div>I have tried following scenario: Linkys phone calling 9888 ext which is a conference server at <a href="http://conference.freeswitch.org">conference.freeswitch.org</a>, so we have</div>
<div>Linksys SRTP -> FS SRTP -> other FS SRTP (whole media path between a phone and two FS servers encrypted).</div>
<div><br>The only question left to answer is does Patton offer SRTP/TLS. FreeSWITCH won't be an issue here.</div>
<div> </div>
<div>Regards,</div>
<div>Ognjen<br></div>
<div class="gmail_quote">On Thu, Jan 1, 2009 at 12:27 PM, <span dir="ltr"><<a href="mailto:excelsio@gmx.net">excelsio@gmx.net</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">Hi,<br><br>we want to enhance our old Siemens Hicom 300 and replace it step by step.<br>Therefore we decided to try out opensource solutions ourselves. One requirement<br>
is that the solution has to encrypt all data. So try letīs look at Asterisk was<br>our first thought. Well, there seem to be unoffical patches for Asterisk 1.4.x<br>with SRTP/SIPS support. So, unofficial. With 1.6.x the support for it hasnīt<br>
been fully integrated, yet.<br><br>So, whatīs next out there? => freeswitch<br>But what about encryption support?<br>SRTP is end to end encryption between phones, SIPS is used for the encryption of signaling "hop-by-hop", well which hop?<br>
Talking about encryption, it seems there are many different scenarios to<br>consider, which looks like they couldnīt encrypted?<br><br>Letīs look at our planed setup<br><br>public telefon network <--ISDN/S2M--> Patton 4960 <--ISDN/S2M--> Siemens Hicom 300<br>
Patton 4960 <--IP--> freeswitch <--IP--> Snom 320<br> SIP Provider <--IP-- freeswitch <--IP-- Snom 320<br><br>1. Incoming calls shoud be reached via landline:<br>
<br>[e.g. telefon network --ISDN/S2M--> Patton 4960 --IP--> freeswitch --IP--> Snom<br>320 users]<br><br>So, what about encryption between the Patton 4960, the freeswitch and der Snom<br>320? Is it possible to encrypt the whole path? Well, how? Is it supported with<br>
freeswitch?<br><br><br>2. Outcoming calls should go to a SIP provider which supports sip trunking and<br>DDI, well SIPconnect:<br><br>[e.g. SIP Provider <--SIP trunk-- freeswitch <--IP-- Snom 320<br>users]<br><br>Same question here:<br>
What about encryption between the Patton 4960, the freeswitch and der Snom 320?<br>Is it possible to encrypt the whole path? Well, how? Is it supported with<br>freeswitch?<br><br><br>2.1 Outcoming calls should be forwarded locally, if the SIP trunk between the<br>
SIP provider and the freeswitch server fails<br><br>[e.g. telefon network <-- ISDN/S2M-- Patton 4960 <--IP-- freeswitch <--IP-- Snom<br>320 users]<br><br>Same question here:<br>What about encryption between the Patton 4960, the freeswitch and der Snom 320? Is<br>
it possible to encrypt the whole IP path? Well, how? Is it supported with<br>freeswitch?<br><br><br>3. The next thing is the encryption of voice and signaling data in general.<br>Does the freeswitch solution support this? I think itīs an end to end encryption<br>
between the users? As freeswitch seems to play a proxy part, I guess yes?<br><br>[e.g. freeswitch <--IP--> Snom 320 users <--SRTP/SIPS --> Snom 320]<br><br><br><br>4. Another problem is the encryption of the voice and signaling data between<br>
our LAN and the SIP provider. Is it possible to encrypt all data between those<br>with the freeswitch solution? Do I need something additionally?<br><br>[e.g SIP Provider <--encrypted SIP trunk ??? --> freeswitch]<br>
<br><br>So what can be done with freeswitch? What else can be done support all scenarios above?<br>--<br>Psssst! Schon vom neuen GMX MultiMessenger gehört? Der kann`s mit allen: <a href="http://www.gmx.net/de/go/multimessenger" target="_blank">http://www.gmx.net/de/go/multimessenger</a><br>
<br>_______________________________________________<br>Freeswitch-users mailing list<br><a href="mailto:Freeswitch-users@lists.freeswitch.org">Freeswitch-users@lists.freeswitch.org</a><br><a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br><a href="http://www.freeswitch.org/" target="_blank">http://www.freeswitch.org</a><br>
</blockquote></div><br>