[Freeswitch-users] SIPS & SRTP questions

Bzzz lazyvirus at gmx.com
Wed Mar 14 16:58:36 MSK 2012


Hi list,

I'm running a FS server @home to create a small network of people
that need confidentiality upon their calls/conferences.

I'm reading the SIPS/SRTP FS wiki page at this moment and I've got
some questions:

* I've a dyndns WAN name for my adsl box (that I loop on my DNS to 
  the server LAN's name: nslookup extname.org => 192.168.1.50); so I
  suppose I must have the WAN name as the 'cn' in my cert/key for
  external clients being able to connect? (but what about internal
  ones?)

* If I'm not using auto-nat, is forwarding port 5081 from the WAN to
  the server sufficient for making and receiving external calls?
* BTW, SIP 5060 is supposed to be internal, so why is it also part of
  the uPNP forwards?

* How can I force FS to only work in SSLv23 + SRTP modes? (how?)

* Is there a possibility for each user to have its own certificate,
  so I would be able to revoke permissions atomically if needed?

Jean-Yves
-- 
We are Pentium of Borg. Division is futile. You will be approximated.
(seen in someone's .signature)



Join us at ClueCon 2011 Aug 9-11, 2011
More information about the FreeSWITCH-users mailing list