[Freeswitch-users] TLS/SRTP on selected destinations
Victor Medina
victor.medina at cibersys.com
Mon Feb 23 20:06:39 MSK 2015
Hi Brian.
Should I remove
<X-PRE-PROCESS cmd="set"
data="rtp_sdes_suites=AEAD_AES_256_GCM_8|AEAD_AES_128_GCM_8|AES_CM_256_HMAC_SHA1_80|AES_CM_192_HMAC_SHA1_80|AES_CM_128_HMAC_SHA1_80|AES_CM_256_HMAC_SHA1_32|AES_CM_192_HMAC_SHA1_32|AES_CM_128_HMAC_SHA1_32|AES_CM_128_NULL_AUTH"/>
from vars.xml?
Thanks!
2015-02-23 11:28 GMT-04:30 Brian West <brian at freeswitch.org>:
> Setting
>
> rtp_secure_media=optional:AES_CM_128_HMAC_SHA1_32
>
> Should be what you want, it will send both the AVP/SAVP profiles. This is
> what I have mine set to right now and it will prefer srtp but offer both.
>
> On Mon, Feb 23, 2015 at 8:20 AM, Victor Medina <victor.medina at cibersys.com
> > wrote:
>
>> Hi guys!
>>
>> I have configured my FS server to support TLS/SRTP... but I am facing the
>> problem of providing the service only to selected destinations. Calls fails
>> when calling to endpoints with no tls/srtp, for example a ext registered in
>> the UDP port. Also fails when an outgoing call is routed to an external
>> provider with no support.
>>
>> Using tls ONLY works just fine if connecting to external or udp only
>> endpoints, it seems like FS is taking care of signalling from endpoint to
>> the server and from there is goes as needed to the b-legs.
>>
>> When using SRTP however it fails.
>>
>> Can I configure FS to support TLS/SRTP to the server and from there using
>> it as needed? For example:
>>
>> A_LEG: TLS/SRTP - > B_LEG: EXT with UDP only
>> A_LEG: TLS/SRTP -> B_LEG: EXT with TLS/SRTP
>> A_LEG: TLS/SRTP -> B_LEG: external channel, provider with no TLS/SRTP
>>
>> Thanks in advance with any help.
>>
>> --
>>
>> Víctor E. Medina M.
>> Software
>> [image: Zoiper Click2Dial]+58424 291 4561[image: ve]
>> BB #79A8AFA2 /@VMCibersys
>>
>>
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services:
>> consulting at freeswitch.org
>> http://www.freeswitchsolutions.com
>>
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://confluence.freeswitch.org
>> http://www.cluecon.com
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>>
>
>
>
> --
>
> *Brian West*
> brian at freeswitch.org
>
>
> *Twitter: @FreeSWITCH , @briankwest*
> http://www.freeswitchbook.com
> http://www.freeswitchcookbook.com
>
> *T:*+19184209001 | *F:*+19184209002 | *M:*+1918424WEST (9378)
> *iNUM:*+883 5100 1420 9001 | *ISN:*410*543 | *Skype:*briankwest
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://confluence.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
--
Víctor E. Medina M.
Software
+58424 291 4561
BB #79A8AFA2 /@VMCibersys
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20150223/1c4e01d6/attachment-0001.html
Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users
mailing list