<div dir="ltr"><div>Hi,</div><div><br></div><div>So audio is working properly until we don&#39;t set these following parameters (Changes has been done because we don&#39;t able to see secure parameter is set in <b>channels</b> table &amp; it&#39;s set only for caller&#39;s endpoint).</div><div><br></div><div>i). Change in default.xml in dialplan:</div><div><div><b>&lt;condition field=&quot;${rtp_has_crypto}&quot; expression=&quot;^($${rtp_sdes_suites})$&quot; break=&quot;never&quot;&gt;</b></div><div><b>        &lt;action application=&quot;set&quot; data=&quot;rtp_secure_media=true&quot;/&gt;</b></div><div><b>        &lt;!-- Offer SRTP on outbound legs if we have it on inbound. --&gt;</b></div><div><b>        <span style="background-color:rgb(255,255,0)">&lt;action application=&quot;export&quot; data=&quot;rtp_secure_media=true&quot;/&gt;</span></b></div><div><b>      &lt;/condition&gt;</b></div><div><b><br></b></div><div><b>      &lt;!--</b></div><div><b>         Since we have inbound-late-negotation on by default now the</b></div><div><b>         above behavior isn&#39;t the same so you have to do one extra step.</b></div><div><b>        --&gt;</b></div><div><b>      &lt;condition field=&quot;${endpoint_disposition}&quot; expression=&quot;^(DELAYED NEGOTIATION)&quot;/&gt;</b></div><div><b>      &lt;condition field=&quot;${switch_r_sdp}&quot; expression=&quot;(AES_CM_128_HMAC_SHA1_32|AES_CM_128_HMAC_SHA1_80)&quot; break=&quot;never&quot;&gt;</b></div><div><b>        &lt;action application=&quot;set&quot; data=&quot;rtp_secure_media=true&quot;/&gt;</b></div><div><b>        &lt;!-- Offer SRTP on outbound legs if we have it on inbound. --&gt;</b></div><div><b>        <span style="background-color:rgb(255,255,0)">&lt;action application=&quot;export&quot; data=&quot;rtp_secure_media=true&quot;/&gt;</span></b></div><div><b>      &lt;/condition&gt;</b></div></div><div><b><br></b></div><div><b><br></b></div><div>ii). Set inbound-late-megotiation to false in sip_profiles/internal.xml..</div><div><br></div><div><b style="background-color:rgb(255,255,0)">&lt;param name=&quot;inbound-late-negotiation&quot; value=&quot;false&quot;/&gt;</b><br></div><div><br></div><div class="gmail_extra"><div class="gmail_quote">On Fri, Sep 11, 2015 at 7:30 AM, Giovanni Maruzzelli <span dir="ltr">&lt;<a href="mailto:gmaruzz@gmail.com" target="_blank">gmaruzz@gmail.com</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><p dir="ltr">I would counseil to start from the dafault config, and change one thing at time.<br>
See at which change it breaks.</p>
<p dir="ltr">sent from my mobile,<br>
Giovanni Maruzzelli<br>
cell: +39 347 266 56 18</p>
<div class="gmail_quote"><div><div class="h5">On Sep 11, 2015 3:47 AM, &quot;Saurabh Kumar Verma&quot; &lt;<a href="mailto:saurabhkumar.verma@vvdntech.com" target="_blank">saurabhkumar.verma@vvdntech.com</a>&gt; wrote:<br type="attribution"></div></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div><div class="h5"><div dir="ltr"><font color="#0b5394">Hi, </font><div><font color="#0b5394"><br></font></div><div><font color="#0b5394">Hope you&#39;re doing good. </font></div><div><font color="#0b5394"><br></font></div><div><font color="#0b5394">I&#39;m facing an issue with having FreeSWITCH (TLS + SRTP). </font></div><div><font color="#0b5394"><br></font></div><div><font color="#0b5394"><b><u>Issue:</u></b> Audio not coming when I&#39;ve SRTP(media) enabled on both of the soft-phone endpoints. </font></div><div><font color="#0b5394"><b><u>Observation:</u> </b>Audio is coming if we don&#39;t use SRTP for media encryption. </font></div><div><font color="#0b5394"><br></font></div><div><font color="#0b5394"><br></font></div><div><b><u><font color="#0b5394">Set-up Description:</font></u></b></div><div><font color="#0b5394">I&#39;m registered using TLS and able to make call through FreeSWITCH, but call is disconnected after 30 sec because there is not media flow between the endpoints.</font></div><div><font color="#0b5394">I have two softphone (we&#39;re using Linphone as soft-phone) registered on FS server with extension 1003 &amp; 1010, call flow is like:</font></div><div><font color="#0b5394"><br></font></div><div><font color="#0b5394">Call Flow</font></div><div><font color="#0b5394">1003 ------&gt; FS Server -------&gt; 1010</font></div><div><font color="#0b5394"><br></font></div><div><font color="#0b5394">x.x.x.x - Server Public IP<br></font></div><div><font color="#0b5394">y.y.y.y - Server Local IP</font></div><div><font color="#0b5394"><i>NOTE:</i> <i>For security reasons replaced the actual IPs.</i></font></div><div><font color="#0b5394"><br></font></div><div><font color="#0b5394">FreeSWITCH Version Information:</font></div><div><div><b><font color="#0b5394">freeswitch@internal&gt; version</font></b></div><div><b><font color="#0b5394">FreeSWITCH Version 1.4.21+git~20150901T202622Z~a223dd0236~64bit (git a223dd0 2015-09-01 20:26:22Z 64bit)</font></b></div></div><div><font color="#0b5394"><br></font></div><div><font color="#0b5394">I&#39;ve done some changes in default dialplan/configuration in FreeSWITCH:</font></div><div><font color="#0b5394"><br></font></div><div><font color="#0b5394">1. Force FreeSWICTH to listen on TLS port only (By using this parameter <b>&lt;param name=&quot;tls-only&quot; value=&quot;true&quot;/&gt; </b>in internal as well as external profile).</font></div><div><font color="#0b5394"><br></font></div><div><div><b><font color="#0b5394">freeswitch@internal&gt; sofia status</font></b></div><div><b><font color="#0b5394">                     Name<span style="white-space:pre-wrap">        </span>   Type<span style="white-space:pre-wrap">        </span>                                      Data<span style="white-space:pre-wrap">        </span>State</font></b></div><div><b><font color="#0b5394">=================================================================================================</font></b></div><div><b><font color="#0b5394">                 external<span style="white-space:pre-wrap">        </span>profile<span style="white-space:pre-wrap">        </span>           sip:mod_sofia@x.x.x.x:5081<span style="white-space:pre-wrap">        </span>RUNNING (0) (TLS)</font></b></div><div><b><font color="#0b5394">    external::<a href="http://example.com" target="_blank">example.com</a><span style="white-space:pre-wrap">        </span>gateway<span style="white-space:pre-wrap">        </span>                   <a href="mailto:sip%3Ajoeuser@example.com" target="_blank">sip:joeuser@example.com</a><span style="white-space:pre-wrap">        </span>NOREG</font></b></div><div><b><font color="#0b5394">             x.x.x.x<span style="white-space:pre-wrap">        </span>  alias<span style="white-space:pre-wrap">        </span>                                  internal<span style="white-space:pre-wrap">        </span>ALIASED</font></b></div><div><b><font color="#0b5394">                 internal<span style="white-space:pre-wrap">        </span>profile<span style="white-space:pre-wrap">        </span>           sip:mod_sofia@x.x.x.x:5061<span style="white-space:pre-wrap">        </span>RUNNING (0) (TLS)</font></b></div><div><b><font color="#0b5394">=================================================================================================</font></b></div><div><b><font color="#0b5394">2 profiles 1 alias</font></b></div></div><div><font color="#0b5394"><br></font></div><div><font color="#0b5394">2. Use the ODBC driver for driver (By uncomment this <b>&lt;!--&lt;param name=&quot;odbc-dsn&quot; value=&quot;dsn:user:pass&quot;/&gt;--&gt;</b>  in config files)</font></div><div><font color="#0b5394"><br></font></div><div><font color="#0b5394"><br></font></div><div><font color="#0b5394">In Linphone soft-client, these are the changes has been done:</font></div><div><font color="#0b5394">1. <b>TLS </b>as Transport.</font></div><div><font color="#0b5394">2. <b>SRTP</b> in Media encryption.</font></div><div><font color="#0b5394"><br></font></div><div><font color="#0b5394"><br></font></div><div><font color="#0b5394">In FreeSWITCH, these are the registration logs showing I&#39;m softphones are using TLS</font></div><div><div><b><font color="#0b5394">freeswitch@internal&gt; sofia status profile internal reg</font></b></div><div><b><font color="#0b5394"><br></font></b></div><div><b><font color="#0b5394">Registrations:</font></b></div><div><b><font color="#0b5394">=================================================================================================</font></b></div><div><b><font color="#0b5394">Call-ID:    <span style="white-space:pre-wrap">        </span>xmuVdotDkb</font></b></div><div><b><font color="#0b5394">User:       <span style="background-color:rgb(255,255,0)"><span style="white-space:pre-wrap">        </span>1003</span>@x.x.x.x</font></b></div><div><b><font color="#0b5394">Contact:    <span style="white-space:pre-wrap">        </span>&quot;&quot; &lt;sip:1003@180.151.83.178:63093;app-id=622464153529;pn-type=google;pn-tok=APA91bF-MsdZGvDi951jjCoTDSJc2reyR2JvYHlgtwpeE1vLAlG2zrOIrBmwzx6PPPAHKfcE8aqaOHFtYFoLVztBeqAqz9Cr6D6waN7VCWSIQk7dAdm9HXQ;transport=tls&gt;</font></b></div><div><b><font color="#0b5394">Agent:      <span style="white-space:pre-wrap">        </span>LinphoneAndroid/2.4.1-28-g98516d9 (belle-sip/1.4.1)</font></b></div><div><b><font color="#0b5394">Status:    <span style="background-color:rgb(255,255,0)"> <span style="white-space:pre-wrap">        </span>Registered(TLS)</span>(unknown) EXP(2015-09-09 11:16:30) EXPSECS(3137)</font></b></div><div><b><font color="#0b5394">Ping-Status:<span style="white-space:pre-wrap">        </span>Reachable</font></b></div><div><b><font color="#0b5394">Host:       <span style="white-space:pre-wrap">        </span>ip-y-y-y-y.ec2.internal</font></b></div><div><b><font color="#0b5394">IP:         <span style="white-space:pre-wrap">        </span>180.151.83.178</font></b></div><div><b><font color="#0b5394">Port:       <span style="white-space:pre-wrap">        </span>63093</font></b></div><div><b><font color="#0b5394">Auth-User:  <span style="white-space:pre-wrap">        </span>1003</font></b></div><div><b><font color="#0b5394">Auth-Realm: <span style="white-space:pre-wrap">        </span>x.x.x.x</font></b></div><div><b><font color="#0b5394">MWI-Account:<span style="white-space:pre-wrap">        </span>1003@x.x.x.x</font></b></div><div><b><font color="#0b5394"><br></font></b></div><div><b><font color="#0b5394">Call-ID:    <span style="white-space:pre-wrap">        </span>6B25YNRXb5</font></b></div><div><b><font color="#0b5394">User:       <span style="white-space:pre-wrap">        </span><span style="background-color:rgb(255,255,0)">1010</span>@x.x.x.x</font></b></div><div><b><font color="#0b5394">Contact:    <span style="white-space:pre-wrap">        </span>&quot;&quot; &lt;sip:1010@180.151.83.178:13916;app-id=622464153529;pn-type=google;pn-tok=APA91bFqivAK_KIDpU_6PM0pf0U8rx9DOKm0vhyNRqjE1Dpq_uPRbTbT-BMwxNP5NmEyCMfnKxa-fjEhI2J-lzLkCcfFphO1hL39cE4VNqAnnfDbVeQbvmQ;transport=tls&gt;</font></b></div><div><b><font color="#0b5394">Agent:      <span style="white-space:pre-wrap">        </span>LinphoneAndroid/2.4.1-28-g98516d9 (belle-sip/1.4.1)</font></b></div><div><b><font color="#0b5394">Status:    <span style="background-color:rgb(255,255,0)"> <span style="white-space:pre-wrap">        </span>Registered(TLS)</span>(unknown) EXP(2015-09-09 11:11:31) EXPSECS(2838)</font></b></div><div><b><font color="#0b5394">Ping-Status:<span style="white-space:pre-wrap">        </span>Reachable</font></b></div><div><b><font color="#0b5394">Host:       <span style="white-space:pre-wrap">        </span>ip-y-y-y-y.ec2.internal</font></b></div><div><b><font color="#0b5394">IP:         <span style="white-space:pre-wrap">        </span>180.151.83.178</font></b></div><div><b><font color="#0b5394">Port:       <span style="white-space:pre-wrap">        </span>13916</font></b></div><div><b><font color="#0b5394">Auth-User:  <span style="white-space:pre-wrap">        </span>1010</font></b></div><div><b><font color="#0b5394">Auth-Realm: <span style="white-space:pre-wrap">        </span>x.x.x.x</font></b></div><div><b><font color="#0b5394">MWI-Account:<span style="white-space:pre-wrap">        </span>1010@x.x.x.x</font></b></div><div><b><font color="#0b5394"><br></font></b></div><div><b><font color="#0b5394">Total items returned: 2</font></b></div><div><b><font color="#0b5394">=================================================================================================</font></b></div></div><div><font color="#0b5394"><br></font></div><div><font color="#0b5394">For an active call I can see in the channels table, I&#39;m able to see secure parameter is set during the call for both of the call legs.</font></div><div><font color="#0b5394"><br></font></div><div><div><b><font color="#0b5394">freeswitch=# select * from channels ;</font></b></div><div><b><font color="#0b5394">                 uuid                 | direction |       created       | created_epoch |                   name                   |       state       |    cid_name    | cid_num |    ip_addr </font></b></div><div><b><font color="#0b5394">    | dest | application |    application_data    | dialplan | context | read_codec | read_rate | read_bit_rate | write_codec | write_rate | write_bit_rate |              secure              </font></b></div><div><b><font color="#0b5394"> |           hostname           |    presence_id    | presence_data | callstate |  callee_name  | callee_num | callee_direction |              call_uuid               | sent_callee_name | sen</font></b></div><div><b><font color="#0b5394">t_callee_num | initial_cid_name | initial_cid_num | initial_ip_addr | initial_dest | initial_dialplan | initial_context </font></b></div><div><b><font color="#0b5394">--------------------------------------+-----------+---------------------+---------------+------------------------------------------+-------------------+----------------+---------+------------</font></b></div><div><b><font color="#0b5394">----+------+-------------+------------------------+----------+---------+------------+-----------+---------------+-------------+------------+----------------+----------------------------------</font></b></div><div><b><font color="#0b5394">-+------------------------------+-------------------+---------------+-----------+---------------+------------+------------------+--------------------------------------+------------------+----</font></b></div><div><b><font color="#0b5394">-------------+------------------+-----------------+-----------------+--------------+------------------+-----------------</font></b></div><div><b><font color="#0b5394"> 485d07d6-56da-11e5-ac1a-a53fe62ce2f9 | outbound  | 2015-09-09 10:05:22 |    1441793122 | sofia/internal/<a href="http://1010@180.151.83.178:13916" target="_blank">1010@180.151.83.178:13916</a> | CS_EXCHANGE_MEDIA | Extension 1003 | 1003    | 180.151.83.</font></b></div><div><b><font color="#0b5394">178 | 1010 |             |                        | XML      | default | opus       | 48000     | 0             | opus        | 48000      | 0              |<span style="background-color:rgb(255,255,0)"> srtp:sdes:AES_CM_256_HMAC_SHA1_80</span></font></b></div><div><b><font color="#0b5394"> | ip-172-31-42-34.ec2.internal | 1010@x.x.x.x |               | ACTIVE    | Outbound Call | 1010       | SEND             | 47fa445c-56da-11e5-abf5-a53fe62ce2f9 | Extension 1003   | 100</font></b></div><div><b><font color="#0b5394">3            | Extension 1003   | 1003            | 180.151.83.178  | 1010         | XML              | default</font></b></div><div><b><font color="#0b5394"> 47fa445c-56da-11e5-abf5-a53fe62ce2f9 | inbound   | 2015-09-09 10:05:22 |    1441793122 | sofia/internal/1003@x.x.x.x         | CS_EXECUTE        | 1003           | 1003    | 180.151.83.</font></b></div><div><b><font color="#0b5394">178 | 1010 | bridge      | user/1010@x.x.x.x | XML      | default | opus       | 48000     | 0             | opus        | 48000      | 0              | <span style="background-color:rgb(255,255,0)">srtp:sdes:AES_CM_128_HMAC_SHA1_80</span></font></b></div><div><b><font color="#0b5394"> | ip-172-31-42-34.ec2.internal | 1003@x.x.x.x |               | ACTIVE    | Outbound Call | 1010       | SEND             | 47fa445c-56da-11e5-abf5-a53fe62ce2f9 | Outbound Call    | 101</font></b></div><div><b><font color="#0b5394">0            | 1003             | 1003            | 180.151.83.178  | 1010         | XML              | default</font></b></div><div><b><font color="#0b5394">(2 rows)</font></b></div></div><div><b><font color="#0b5394"><br></font></b></div><div><font color="#0b5394"> </font></div><div><font color="#0b5394">Attached herewith the complete FreeSWITCH log. Please let me know if any other information is required.<br></font></div><div><font color="#0b5394"><br></font></div><div><font color="#0b5394">Any help from your side would be really appreciated. Seeking some guidance &amp; help from FreeSWITCH team.</font></div><div><br></div><div>-- <br><div><div dir="ltr"><div><div dir="ltr"><p style="color:rgb(7,55,99)"><font face="arial narrow, sans-serif"><b>Thanks:</b><br></font></p><p style="color:rgb(7,55,99)"><font face="arial narrow, sans-serif">Saurabh Kumar Verma<br></font></p><p style="color:rgb(7,55,99)"><font face="arial narrow, sans-serif">VVDN Technologies Pvt Ltd</font></p><font face="arial narrow, sans-serif"><b style="color:rgb(7,55,99)">Cell</b><span style="color:rgb(7,55,99)"> : <a href="tel:%2B91%207042378747" value="+917042378747" target="_blank">+91 7042378747</a> | </span><b style="color:rgb(7,55,99)">Skype</b><span style="color:rgb(7,55,99)"> : saurabh.verma001</span></font><br></div></div></div></div>
</div></div>
<br></div></div>_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" rel="noreferrer" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" rel="noreferrer" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://confluence.freeswitch.org" rel="noreferrer" target="_blank">http://confluence.freeswitch.org</a><br>
<a href="http://www.cluecon.com" rel="noreferrer" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" rel="noreferrer" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" rel="noreferrer" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" rel="noreferrer" target="_blank">http://www.freeswitch.org</a><br></blockquote></div>
<br>_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" rel="noreferrer" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" rel="noreferrer" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://confluence.freeswitch.org" rel="noreferrer" target="_blank">http://confluence.freeswitch.org</a><br>
<a href="http://www.cluecon.com" rel="noreferrer" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" rel="noreferrer" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" rel="noreferrer" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" rel="noreferrer" target="_blank">http://www.freeswitch.org</a><br></blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature"><div dir="ltr"><div><div dir="ltr"><p style="color:rgb(7,55,99)"><font face="arial narrow, sans-serif"><b>Thanks:</b><br></font></p><p style="color:rgb(7,55,99)"><font face="arial narrow, sans-serif">Saurabh Kumar Verma<br></font></p><p style="color:rgb(7,55,99)"><font face="arial narrow, sans-serif">VVDN Technologies Pvt Ltd</font></p><font face="arial narrow, sans-serif"><b style="color:rgb(7,55,99)">Cell</b><span style="color:rgb(7,55,99)"> : +91 7042378747 | </span><b style="color:rgb(7,55,99)">Skype</b><span style="color:rgb(7,55,99)"> : saurabh.verma001</span></font><br></div></div></div></div>
</div></div>