Nevertheless it's not being negotiated and this is possibly a bug in the phone. Adding a workaround in FS would decrease security because the phone is explicitly saying it'll only accept SRTP so sending plain RTP wouldn't be wise.<div>
<br></div><div>I assume both phones are the same make?<br><div><br></div><div>-Steve</div><div><br></div><div><br></div><div><br><br><div class="gmail_quote">On 7 February 2013 13:54, Levend Sayar <span dir="ltr"><<a href="mailto:levend.sayar@karel.com.tr" target="_blank">levend.sayar@karel.com.tr</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><u></u>
<div>
But the very same phone calls another phone and talk with RTP, not SRTP if the peer does not accept SRTP<br>
<br>
Here is the SDP offer by the same phone<br>
<br>
v=0<br>
o=- <a href="tel:20186%2020186" value="+12018620186" target="_blank">20186 20186</a> IN IP4 192.168.173.69<div class="im"><br>
s=SDP data<br>
c=IN IP4 192.168.173.69<br>
t=0 0<br></div>
m=audio 11782 RTP/SAVP 0 8 18 9 101<br>
a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:NzFmYjdiMjk1OTY2ODQwYzExZjM0ZmE2NGM0YWMw<br>
a=crypto:2 AES_CM_128_HMAC_SHA1_32 inline:M2MxMTE2OWFjOGY2ZjEwADEzZmZkNzAxNjRlMzFm<br>
a=crypto:3 F8_128_HMAC_SHA1_80 inline:NjkzZDg2Mjk0ZTkxMjg1YzdmYjFiNjRlMmFhNGFm<div class="im"><br>
a=rtpmap:0 PCMU/8000<br>
a=rtpmap:8 PCMA/8000<br>
a=rtpmap:18 G729/8000<br>
a=fmtp:18 annexb=no<br>
a=rtpmap:9 G722/8000<br>
a=fmtp:101 0-15<br>
a=rtpmap:101 telephone-event/8000<br>
a=ptime:20<br>
a=sendrecv<br>
<br></div>
And here is the SDP answer sent by the other phone<br>
<br>
v=0<br>
o=- 20029 20029 IN IP4 192.168.173.65<br>
s=SDP data<br>
c=IN IP4 192.168.173.65<br>
t=0 0<br>
m=audio 11794 RTP/SAVP 0 101<br>
a=rtpmap:0 PCMU/8000<br>
a=sendrecv<br>
a=ptime:20<div class="im"><br>
a=fmtp:101 0-15<br>
a=rtpmap:101 telephone-event/8000<br>
<br>
<br>
<br>
<br>
</div><div class="im"><table cellspacing="0" cellpadding="0" width="100%">
<tbody>
<tr>
<td>
<pre>--
İyi çalışmalar.
_lvnd_
{^_^}
KAREL`UCAP
</pre>
<br>
<br>
</td>
</tr>
</tbody>
</table></div><div><div class="h5">
On Thu, 2013-02-07 at 13:37 +0000, Steven Ayre wrote:<br>
<blockquote type="CITE">m=audio 11780 RTP/SAVP 0 8 18 9 101 </blockquote>
<blockquote type="CITE"><br>
<br>
</blockquote>
<blockquote type="CITE">RTP/SAVP means SRTP is mandatory. You need to reconfigure the phone.
</blockquote>
<blockquote type="CITE"><br>
<br>
</blockquote>
<blockquote type="CITE">If the phone sends RTP/AVP then that means plain RTP, and RTP/AVP with a a=crypto attribute means SRTP is optional.
</blockquote>
<blockquote type="CITE"><br>
<br>
</blockquote>
<blockquote type="CITE">-Steve </blockquote>
<blockquote type="CITE"><br>
<br>
</blockquote>
<blockquote type="CITE"><br>
<br>
</blockquote>
<blockquote type="CITE">On 7 February 2013 13:26, Levend Sayar <<a href="mailto:levend.sayar@karel.com.tr" target="_blank">levend.sayar@karel.com.tr</a>> wrote:
</blockquote>
<blockquote type="CITE">
<blockquote>Below is the SDP offer sent by the phone.<br>
<br>
v=0<br>
o=- <a href="tel:20185%2020185" target="_blank">20185 20185</a> IN IP4 192.168.173.69<br>
s=SDP data<br>
c=IN IP4 192.168.173.69<br>
t=0 0<br>
m=audio 11780 RTP/SAVP 0 8 18 9 101<br>
a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:MTM2MjVhMGI1NDZjYmRjADU5NWVjNGVkNTNlYzA1<br>
a=crypto:2 AES_CM_128_HMAC_SHA1_32 inline:YmExYmZhNQAzN2ZjNDgzYTRkNGU2ZjFiN2Q0MmE3<br>
a=crypto:3 F8_128_HMAC_SHA1_80 inline:N2Q2NTRiYQAxZjA3MWY3ZjI1YTI5NjIyM2FjODYw<br>
a=rtpmap:0 PCMU/8000<br>
a=rtpmap:8 PCMA/8000<br>
a=rtpmap:18 G729/8000<br>
a=fmtp:18 annexb=no<br>
a=rtpmap:9 G722/8000<br>
a=fmtp:101 0-15<br>
a=rtpmap:101 telephone-event/8000<br>
a=ptime:20<br>
a=sendrecv<br>
<br>
<br>
<br>
And below is the SDP answer sent by FS<br>
<br>
v=0<br>
o=FreeSWITCH 1360230601 1360230602 IN IP4 192.168.169.114<br>
s=FreeSWITCH<br>
c=IN IP4 192.168.169.114<br>
t=0 0<br>
m=audio 12532 RTP/SAVP 9 101<br>
a=rtpmap:9 G722/8000<br>
a=rtpmap:101 telephone-event/8000<br>
a=fmtp:101 0-16<br>
a=silenceSupp:off - - - -<br>
a=ptime:20<br>
a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:l8v0R64H7CP0vEx9j0Ycdbob8bgMCpLDppWGy7Dy<br>
<br>
<br>
<br>
<br>
<table cellspacing="0" cellpadding="0" width="100%">
<tbody>
<tr>
<td>
<pre>--
İyi çalışmalar.
_lvnd_
{^_^}
KAREL`UCAP
</pre>
<br>
<br>
<br>
</td>
</tr>
</tbody>
</table>
</blockquote>
</blockquote>
<blockquote type="CITE">
<blockquote>On Thu, 2013-02-07 at 13:09 +0000, Steven Ayre wrote:<br>
<blockquote type="CITE">What I mean is you'll see two separate m=audio lines within the callee's SDP, one for 'RTP/AVP' and one for 'SRTP/AVP'. If there is no m=audio line for RTP/AVP the caller won't know of a port that's expecting RTP. So if the callee only
sends SRTP/AVP the caller can't send RTP. <br>
<br>
<br>
Can you show us the SDP being sent by the phone? <br>
<br>
<br>
-Steve <br>
<br>
<br>
<br>
<br>
<br>
On 7 February 2013 11:01, Levend Sayar <<a href="mailto:levend.sayar@karel.com.tr" target="_blank">levend.sayar@karel.com.tr</a>> wrote:<br>
<blockquote>Thanx Steven. <br>
<br>
<br>
Caller makes the offer for SDP but callee chooses whatever it wants. So caller can offer SRTP but callee can prefer not to talk encrypted. In our case I want FS to choose non secure media.<br>
Phone will offer SRTP on the conference call but FS must prefer RTP, not SRTP.<br>
<br>
<br>
İyi çalışmalar. <br>
<br>
<br>
_lvnd_ <br>
{^_^} <br>
<br>
<br>
KAREL`UCAP <br>
<br>
<br>
<br>
On 7 Şub 2013, at 11:13, "Steven Ayre" <<a href="mailto:steveayre@gmail.com" target="_blank">steveayre@gmail.com</a>> wrote:<br>
<br>
<br>
<blockquote type="CITE">It's also going to rely on the phone actually offering RTP/AVP as well as SRTP/AVP in their SDP - without that there'd be nowhere to send insecure RTP.<br>
<br>
<br>
-Steve <br>
<br>
<br>
<br>
<br>
On 6 February 2013 16:09, Levend Sayar <<a href="mailto:levend.sayar@karel.com.tr" target="_blank">levend.sayar@karel.com.tr</a>> wrote:<br>
<blockquote>Thanks Daniel for the reply. <br>
<br>
<br>
I tried <br>
<br>
<br>
<action application="set" data="sip_secure_media=false" /> <br>
<br>
<br>
But did not work. Upon your reply I also tried <br>
<br>
<br>
<action application="set" data="secure_media=false" /> <br>
<br>
<br>
But did not work either. I am doing something wrong ?<br>
<br>
İyi çalışmalar. <br>
<br>
<br>
_lvnd_ <br>
{^_^} <br>
<br>
<br>
KAREL`UCAP <br>
<br>
<br>
<br>
On 6 Şub 2013, at 18:00, "Daniel Ivanov" <<a href="mailto:sertys@gmail.com" target="_blank">sertys@gmail.com</a>> wrote:<br>
<br>
<br>
<br>
<blockquote type="CITE">Of course you can. Just set the secure_media var to false and you will be srtp-free in sip.<br>
<br>
On Feb 5, 2013 6:06 PM, "Levend Sayar" <<a href="mailto:levend.sayar@karel.com.tr" target="_blank">levend.sayar@karel.com.tr</a>> wrote:<br>
<blockquote>Hi all.<br>
<br>
I am using FS as a conference server. Some of my phones are using SRTP , some of them not. Both type of phone can<br>
join a conference. FS can talk to each peer with SRTP or not depending on the phone itself.<br>
<br>
My question:<br>
<br>
Is it possible to disable SRTP on FS ?<br>
<br>
I suppose if i can disable SRTP, FS will talk without SRTP with each phone whether they are using SRTP or not.<br>
<br>
TIA<br>
<br>
<br>
<table cellspacing="0" cellpadding="0" width="100%">
<tbody>
<tr>
<td>
<pre>--
_lvnd_
{^_^}
</pre>
<br>
<br>
<br>
<br>
</td>
</tr>
</tbody>
</table>
<br>
_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>
<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<br>
</blockquote>
_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>
<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<br>
</blockquote>
<br>
_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>
<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<br>
</blockquote>
<br>
<br>
_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>
<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:http://<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<br>
</blockquote>
<br>
_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>
<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<br>
</blockquote>
<br>
<br>
</blockquote>
</blockquote>
</blockquote>
<blockquote type="CITE">
<blockquote>
<blockquote type="CITE">
<table cellspacing="0" cellpadding="0" border="1">
<tbody>
<tr>
<td>plain text document attachment (ATT00001) </td>
</tr>
</tbody>
</table>
</blockquote>
</blockquote>
</blockquote>
<blockquote type="CITE">
<blockquote>
<blockquote type="CITE">
<pre>_________________________________________________________________________
Professional FreeSWITCH Consulting Services:
<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server
<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a>
Official FreeSWITCH Sites
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a>
<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a>
FreeSWITCH-users mailing list
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a>
</pre>
</blockquote>
</blockquote>
</blockquote>
<blockquote type="CITE">
<blockquote><br>
_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>
<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<br>
</blockquote>
</blockquote>
<blockquote type="CITE"><br>
<br>
</blockquote>
<blockquote type="CITE">
<table cellspacing="0" cellpadding="0" border="1">
<tbody>
<tr>
<td><font>plain text document attachment (ATT00001)</font> </td>
</tr>
</tbody>
</table>
<pre>_________________________________________________________________________
Professional FreeSWITCH Consulting Services:
<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server
<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a>
Official FreeSWITCH Sites
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a>
<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a>
FreeSWITCH-users mailing list
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a>
</pre>
</blockquote>
</div></div></div>
<br>_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>
<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<br></blockquote></div><br></div></div>