[Freeswitch-users] TLS/SRTP on selected destinations

Brian West brian at freeswitch.org
Mon Feb 23 18:58:54 MSK 2015


Setting

rtp_secure_media=optional:AES_CM_128_HMAC_SHA1_32

Should be what you want, it will send both the AVP/SAVP profiles.  This is
what I have mine set to right now and it will prefer srtp but offer both.

On Mon, Feb 23, 2015 at 8:20 AM, Victor Medina <victor.medina at cibersys.com>
wrote:

> Hi guys!
>
> I have configured my FS server to support TLS/SRTP... but I am facing the
> problem of providing the service only to selected destinations. Calls fails
> when calling to endpoints with no tls/srtp, for example a ext registered in
> the UDP port. Also fails when an outgoing call is routed to an external
> provider with no support.
>
> Using tls ONLY works just fine if connecting to external or udp only
> endpoints, it seems like FS is taking care of signalling from endpoint to
> the server and from there is goes as needed to the b-legs.
>
> When using SRTP however it fails.
>
> Can I configure FS to support TLS/SRTP to the server and from there using
> it as needed? For example:
>
> A_LEG: TLS/SRTP - > B_LEG: EXT with UDP only
> A_LEG: TLS/SRTP -> B_LEG: EXT with TLS/SRTP
> A_LEG: TLS/SRTP -> B_LEG: external channel, provider with no TLS/SRTP
>
> Thanks in advance with any help.
>
> --
>
> Víctor E. Medina M.
> Software
> [image: Zoiper Click2Dial]+58424 291 4561[image: ve]
> BB #79A8AFA2 /@VMCibersys
>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://confluence.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>



-- 

*Brian West*
brian at freeswitch.org


*Twitter: @FreeSWITCH , @briankwest*
http://www.freeswitchbook.com
http://www.freeswitchcookbook.com

*T:*+19184209001 | *F:*+19184209002 | *M:*+1918424WEST (9378)
*iNUM:*+883 5100 1420 9001 | *ISN:*410*543 | *Skype:*briankwest
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20150223/519590af/attachment-0001.html 


Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users mailing list