<div dir="ltr"><div class="gmail_default" style="font-family:courier new,monospace">Hi Brian.<br><br></div><div class="gmail_default" style="font-family:courier new,monospace">Should I remove <br><br>&lt;X-PRE-PROCESS cmd=&quot;set&quot; data=&quot;rtp_sdes_suites=AEAD_AES_256_GCM_8|AEAD_AES_128_GCM_8|AES_CM_256_HMAC_SHA1_80|AES_CM_192_HMAC_SHA1_80|AES_CM_128_HMAC_SHA1_80|AES_CM_256_HMAC_SHA1_32|AES_CM_192_HMAC_SHA1_32|AES_CM_128_HMAC_SHA1_32|AES_CM_128_NULL_AUTH&quot;/&gt;<br><br><br></div><div class="gmail_default" style="font-family:courier new,monospace">from vars.xml?<br><br></div><div class="gmail_default" style="font-family:courier new,monospace">Thanks!<br></div></div><div class="gmail_extra"><br><div class="gmail_quote">2015-02-23 11:28 GMT-04:30 Brian West <span dir="ltr">&lt;<a href="mailto:brian@freeswitch.org" target="_blank">brian@freeswitch.org</a>&gt;</span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Setting 







<p><span>rtp_secure_media=optional:AES_CM_128_HMAC_SHA1_32</span></p><p>Should be what you want, it will send both the AVP/SAVP profiles.  This is what I have mine set to right now and it will prefer srtp but offer both.</p></div><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Feb 23, 2015 at 8:20 AM, Victor Medina <span dir="ltr">&lt;<a href="mailto:victor.medina@cibersys.com" target="_blank">victor.medina@cibersys.com</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div class="gmail_default" style="font-family:courier new,monospace">Hi guys!<br><br></div><div class="gmail_default" style="font-family:courier new,monospace">I have configured my FS server to support TLS/SRTP... but I am facing the problem of providing the service only to selected destinations. Calls fails when calling to endpoints with no tls/srtp, for example a ext registered in the UDP port. Also fails when an outgoing call is routed to an external provider with no support.<br><br></div><div class="gmail_default" style="font-family:courier new,monospace">Using tls ONLY works just fine if connecting to external or udp only endpoints, it seems like FS is taking care of signalling from endpoint to the server and from there is goes as needed to the b-legs. <br><br>When using SRTP however it fails.<br><br></div><div class="gmail_default" style="font-family:courier new,monospace">Can I configure FS to support TLS/SRTP to the server and from there using it as needed? For example:<br><br></div><div class="gmail_default" style="font-family:courier new,monospace">A_LEG: TLS/SRTP - &gt; B_LEG: EXT with UDP only<br></div><div class="gmail_default" style="font-family:courier new,monospace">A_LEG: TLS/SRTP -&gt; B_LEG: EXT with TLS/SRTP<br></div><div class="gmail_default" style="font-family:courier new,monospace">A_LEG: TLS/SRTP -&gt; B_LEG: external channel, provider with no TLS/SRTP<br><br></div><div class="gmail_default" style="font-family:courier new,monospace">Thanks in advance with any help.<span><font color="#888888"><br clear="all"></font></span></div><span><font color="#888888"><br>-- <br><div><div dir="ltr"><font><span style="font-family:courier new,monospace"><img src="https://www.cibersys.com/img/cibersys.jpg" height="49" width="200"><br>Víctor E. Medina M.<br></span></font><div><font><span style="font-family:courier new,monospace">Software<br></span></font></div><font><span style="font-family:courier new,monospace"><span style="display:inline"><span style="display:inline"><img alt="Zoiper Click2Dial" style="margin:0 2px;padding:0;width:20px;min-height:20px" src="http://www.zoiper.com/images/ZoiperHead20x20.png" height="20" width="20"><a>+58424 291 4561</a><img alt="ve" style="margin:0 2px;padding:0;width:28px;min-height:16px" src="http://www.zoiper.com/images/Click2DialFlags/ve.png" height="16" width="28"></span></span><br>BB #79A8AFA2 /@VMCibersys<br><br></span></font></div></div>
</font></span></div>
<br>_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://confluence.freeswitch.org" target="_blank">http://confluence.freeswitch.org</a><br>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br></blockquote></div><br><br clear="all"><div><br></div>-- <br><div><div dir="ltr">







<p><font face="courier new, monospace"><b><i><font size="4">Brian West</font></i></b><br><span style="font-size:x-small"><a href="mailto:brian@freeswitch.org" target="_blank">brian@freeswitch.org</a></span></font></p>
<p><font size="1" face="courier new, monospace"><img src="http://billing.freeswitch.org/templates/default/img/whmcslogo.png"><br></font></p><p><font face="courier new, monospace"><b><i>Twitter: @FreeSWITCH , @briankwest</i></b><br><a href="http://www.freeswitchbook.com" target="_blank">http://www.freeswitchbook.com</a><br><a href="http://www.freeswitchcookbook.com" target="_blank">http://www.freeswitchcookbook.com</a></font></p>
<p><font face="courier new, monospace"><b>T:</b><a href="tel:%2B19184209001" value="+19184209001" target="_blank">+19184209001</a> | <b>F:</b><a href="tel:%2B19184209002" value="+19184209002" target="_blank">+19184209002</a> | <b>M:</b>+1918424WEST (9378)<br><b>iNUM:</b>+883 5100 1420 9001 | <b>ISN:</b>410*543 | <b>Skype:</b>briankwest</font></p></div></div>
</div>
<br>_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://confluence.freeswitch.org" target="_blank">http://confluence.freeswitch.org</a><br>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br></blockquote></div><br><br clear="all"><br>-- <br><div class="gmail_signature"><div dir="ltr"><font><span style="font-family:courier new,monospace"><img src="https://www.cibersys.com/img/cibersys.jpg" height="49" width="200"><br>Víctor E. Medina M.<br></span></font><div><font><span style="font-family:courier new,monospace">Software<br></span></font></div><font><span style="font-family:courier new,monospace">+58424 291 4561<br>BB #79A8AFA2 /@VMCibersys<br><br></span></font></div></div>
</div>