<div dir="ltr">For lack of other responses so far.. these may be hacky:<div>1) mess with the ports - TLS and regular are on different ports. set 5060 for the tls and disable / firewall the non-tls port.<div>2) re: srtp you can check if it's on in the dialplan, and if not redirect to some sort of error message instead of completing the call.</div>
<div>Not sure you would want to completely disable non-tls/srtp though... I suppose it depends on your usage.</div><div><br></div><div>-Avi<br><br><div class="gmail_quote">On Sun, May 29, 2011 at 7:37 PM, Chris Cureau <span dir="ltr"><<a href="mailto:cmcureau@gmail.com">cmcureau@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">Hi, everyone.<div><br></div><div>I've begun experimenting with SRTP and TLS connections since the ZRTP download seems offline for the foreseeable future...sigh.</div>
<div><br></div><div>I've got the SRTP enabled in my conf/vars.xml for both internal and external connections, but it appears that I can still connect without security from an unconfigured ATA. What I want to know is how to enforce a secure connection at registration time. Ideally, I'd like to do this both between two freeswitch servers and between a freeswitch server and an ATA.</div>
<div><br></div><div>Thanks in advance!</div>
<br>_______________________________________________<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<br></blockquote></div><br></div></div></div>