[Freeswitch-users] How to setup TLS and SRTP
Brian West
brian at freeswitch.org
Sun Aug 3 17:46:36 PDT 2008
OK you have to go to the RTP tab and make sure the Encryption is on..
then set it to optional or mandatory. Call 9999 if you hear the bong
it works.
Then in this condition <condition field="${sip_has_crypto}"
expression="^(AES_CM_128_HMAC_SHA1_32|AES_CM_128_HMAC_SHA1_80)$"
break="never">
You see that it has part of it commented out to secure the B-Leg
also. Uncomment that. Since this is a variable you can also set this
stuff on a user in the directory.
Then new snom 7.3.7(beta) firmware has both AES_CM_128_HMAC_SHA1_32
and AES_CM_128_HMAC_SHA1_80. I highly recommend you only enable one
cypher suite...
/b
On Aug 3, 2008, at 2:14 PM, Peter P GMX wrote:
> I got TLS working right now. It turned out that the modified start/
> stop
> script for freeswitch which I had from the Ubuntu package caused that
> problem.
> Starting freeswitch from the bin directory worked fine with TLS and
> unsecure RTP.
>
> Now I am stuck with SRTP. I followed
> http://wiki.freeswitch.org/wiki/SRTP . I could connect 2 Snom 320
> phones
> with firmware 6.5.16 via TLS but could not hear anything. Then I
> upgraded the Snoms to 7.1.33 (as you suggsted here:
> http://www.mail-archive.com/freeswitch-users@lists.freeswitch.org/msg00836.html)
> and now the other phone hangs up directly after pickup. Calling
> voicemail didn't work either.
More information about the FreeSWITCH-users
mailing list