[Freeswitch-users] How to setup TLS and SRTP

Brian West brian at freeswitch.org
Sun Aug 3 17:46:36 PDT 2008

OK you have to go to the RTP tab and make sure the Encryption is on..  
then set it to optional or mandatory.  Call 9999 if you hear the bong  
it works.

Then in this condition <condition field="${sip_has_crypto}"  

You see that it has part of it commented out to secure the B-Leg  
also.  Uncomment that.  Since this is a variable you can also set this  
stuff on a user in the directory.

Then new snom 7.3.7(beta) firmware has both AES_CM_128_HMAC_SHA1_32  
and AES_CM_128_HMAC_SHA1_80.  I highly recommend you only enable one  
cypher suite...


On Aug 3, 2008, at 2:14 PM, Peter P GMX wrote:

> I got TLS working right now. It turned out that the modified start/ 
> stop
> script for freeswitch which I had from the Ubuntu package caused that
> problem.
> Starting freeswitch from the bin directory worked fine with TLS and
> unsecure RTP.
> Now I am stuck with SRTP. I followed
> http://wiki.freeswitch.org/wiki/SRTP . I could connect 2 Snom 320  
> phones
> with firmware 6.5.16 via TLS but could not hear anything. Then I
> upgraded the Snoms to 7.1.33 (as you suggsted here:
> http://www.mail-archive.com/freeswitch-users@lists.freeswitch.org/msg00836.html)
> and now the other phone hangs up directly after pickup. Calling
> voicemail didn't work either.

More information about the FreeSWITCH-users mailing list