VoIP Mailing List Archives
Mailing list archives for the VoIP community |
|
| View previous topic :: View next topic |
| Author |
Message |
excelsio at gmx.net
Guest
|
 Posted: Thu Jan 01, 2009 11:53 am Post subject: [Freeswitch-users] encryption infos needed |
 |
|
Hi,
we want to enhance our old Siemens Hicom 300 and replace it step by step.
Therefore we decided to try out opensource solutions ourselves. One requirement
is that the solution has to encrypt all data. So try letīs look at Asterisk was
our first thought. Well, there seem to be unoffical patches for Asterisk 1.4.x
with SRTP/SIPS support. So, unofficial. With 1.6.x the support for it hasnīt
been fully integrated, yet.
So, whatīs next out there? => freeswitch
But what about encryption support?
SRTP is end to end encryption between phones, SIPS is used for the encryption of signaling "hop-by-hop", well which hop?
Talking about encryption, it seems there are many different scenarios to
consider, which looks like they couldnīt encrypted?
Letīs look at our planed setup
public telefon network <--ISDN/S2M--> Patton 4960 <--ISDN/S2M--> Siemens Hicom 300
Patton 4960 <--IP--> freeswitch <--IP--> Snom 320
SIP Provider <--IP-- freeswitch <--IP-- Snom 320
1. Incoming calls shoud be reached via landline:
[e.g. telefon network --ISDN/S2M--> Patton 4960 --IP--> freeswitch --IP--> Snom
320 users]
So, what about encryption between the Patton 4960, the freeswitch and der Snom
320? Is it possible to encrypt the whole path? Well, how? Is it supported with
freeswitch?
2. Outcoming calls should go to a SIP provider which supports sip trunking and
DDI, well SIPconnect:
[e.g. SIP Provider <--SIP trunk-- freeswitch <--IP-- Snom 320
users]
Same question here:
What about encryption between the Patton 4960, the freeswitch and der Snom 320?
Is it possible to encrypt the whole path? Well, how? Is it supported with
freeswitch?
2.1 Outcoming calls should be forwarded locally, if the SIP trunk between the
SIP provider and the freeswitch server fails
[e.g. telefon network <-- ISDN/S2M-- Patton 4960 <--IP-- freeswitch <--IP-- Snom
320 users]
Same question here:
What about encryption between the Patton 4960, the freeswitch and der Snom 320? Is
it possible to encrypt the whole IP path? Well, how? Is it supported with
freeswitch?
3. The next thing is the encryption of voice and signaling data in general.
Does the freeswitch solution support this? I think itīs an end to end encryption
between the users? As freeswitch seems to play a proxy part, I guess yes?
[e.g. freeswitch <--IP--> Snom 320 users <--SRTP/SIPS --> Snom 320]
4. Another problem is the encryption of the voice and signaling data between
our LAN and the SIP provider. Is it possible to encrypt all data between those
with the freeswitch solution? Do I need something additionally?
[e.g SIP Provider <--encrypted SIP trunk ??? --> freeswitch]
So what can be done with freeswitch? What else can be done support all scenarios above?
--
Psssst! Schon vom neuen GMX MultiMessenger gehört? Der kann`s mit allen: http://www.gmx.net/de/go/multimessenger
_______________________________________________
Freeswitch-users mailing list
Freeswitch-users@lists.freeswitch.org
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org |
|
| Back to top |
|
 |
oseslija at gmail.com
Guest
|
| Posted: Fri Jan 02, 2009 5:34 am Post subject: [Freeswitch-users] encryption infos needed |
|
|
Hello,
I'm using FreeSWITCH mostly as a PBX for multi tenants. Secure calling is supported fully by FreeSWITCH and to my knowledge it is the only open-source solution where it works w/o any hacks or tweaks.
Current major brand of phones supporting SRTP and TLS that I've tested are Linksys and Snom. I'm told on the IRC channel that there are more working.
FreeSWITCH as an SIP B2BUA can be configured to offer SRTP in SDP negogitation in the B-leg (just use export sip_secure_media param). That means that if a phone and the other softswitch/gateway supports SRTP you can have whole path encrypted.
I have tried following scenario: Linkys phone calling 9888 ext which is a conference server at conference.freeswitch.org, so we have
Linksys SRTP -> FS SRTP -> other FS SRTP (whole media path between a phone and two FS servers encrypted).
The only question left to answer is does Patton offer SRTP/TLS. FreeSWITCH won't be an issue here.
Regards,
Ognjen
On Thu, Jan 1, 2009 at 12:27 PM, <excelsio@gmx.net (excelsio@gmx.net)> wrote:
| Quote: | Hi,
we want to enhance our old Siemens Hicom 300 and replace it step by step.
Therefore we decided to try out opensource solutions ourselves. One requirement
is that the solution has to encrypt all data. So try letīs look at Asterisk was
our first thought. Well, there seem to be unoffical patches for Asterisk 1.4.x
with SRTP/SIPS support. So, unofficial. With 1.6.x the support for it hasnīt
been fully integrated, yet.
So, whatīs next out there? => freeswitch
But what about encryption support?
SRTP is end to end encryption between phones, SIPS is used for the encryption of signaling "hop-by-hop", well which hop?
Talking about encryption, it seems there are many different scenarios to
consider, which looks like they couldnīt encrypted?
Letīs look at our planed setup
public telefon network <--ISDN/S2M--> Patton 4960 <--ISDN/S2M--> Siemens Hicom 300
Patton 4960 <--IP--> freeswitch <--IP--> Snom 320
SIP Provider <--IP-- freeswitch <--IP-- Snom 320
1. Incoming calls shoud be reached via landline:
[e.g. telefon network --ISDN/S2M--> Patton 4960 --IP--> freeswitch --IP--> Snom
320 users]
So, what about encryption between the Patton 4960, the freeswitch and der Snom
320? Is it possible to encrypt the whole path? Well, how? Is it supported with
freeswitch?
2. Outcoming calls should go to a SIP provider which supports sip trunking and
DDI, well SIPconnect:
[e.g. SIP Provider <--SIP trunk-- freeswitch <--IP-- Snom 320
users]
Same question here:
What about encryption between the Patton 4960, the freeswitch and der Snom 320?
Is it possible to encrypt the whole path? Well, how? Is it supported with
freeswitch?
2.1 Outcoming calls should be forwarded locally, if the SIP trunk between the
SIP provider and the freeswitch server fails
[e.g. telefon network <-- ISDN/S2M-- Patton 4960 <--IP-- freeswitch <--IP-- Snom
320 users]
Same question here:
What about encryption between the Patton 4960, the freeswitch and der Snom 320? Is
it possible to encrypt the whole IP path? Well, how? Is it supported with
freeswitch?
3. The next thing is the encryption of voice and signaling data in general.
Does the freeswitch solution support this? I think itīs an end to end encryption
between the users? As freeswitch seems to play a proxy part, I guess yes?
[e.g. freeswitch <--IP--> Snom 320 users <--SRTP/SIPS --> Snom 320]
4. Another problem is the encryption of the voice and signaling data between
our LAN and the SIP provider. Is it possible to encrypt all data between those
with the freeswitch solution? Do I need something additionally?
[e.g SIP Provider <--encrypted SIP trunk ??? --> freeswitch]
So what can be done with freeswitch? What else can be done support all scenarios above?
--
Psssst! Schon vom neuen GMX MultiMessenger gehört? Der kann`s mit allen: http://www.gmx.net/de/go/multimessenger
_______________________________________________
Freeswitch-users mailing list
Freeswitch-users@lists.freeswitch.org (Freeswitch-users@lists.freeswitch.org)
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org
|
|
|
| Back to top |
|
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
Powered by phpBB © 2001, 2005 phpBB Group
|
Search
