Hi everyone, I was trying to support SRTP in asterisk for our Linksys IP Phones to prevent of ISP blocking issue. I compiled successfully SRTP from http://srtp.sourceforge.net/srtp.html But i don't know from where i should start to configure in Asterisk. Could someone please give me the example sip.conf for the way how i can support? You replies will be high appriciated. Abdul __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Abdul Lateef wrote:> Hi everyone, > > I was trying to support SRTP in asterisk for our > Linksys IP Phones to prevent of ISP blocking issue. > > I compiled successfully SRTP from > http://srtp.sourceforge.net/srtp.html > But i don't know from where i should start to > configure in Asterisk. > > Could someone please give me the example sip.conf for > the way how i can support? > > You replies will be high appriciated.Most of the blocking in other countries, was not for RTP traffic, but for signaling traffic (SIP usually, Mexico x Vonage comes to mind). You are sure they are blocking RTP traffic ? And, from what I understand, in some places the gov. forced the ISPs to remove the blocking (at least, I heard of one such a case in Brazil, a DSL provider started to block SIP, and Anatel, Brazil gov. entity that regulate telephony and others, asked them to remove the blocking, others with more knowledge of the case may be able to add their remarks) Blocking SIP if you control the server is somewhat easy to prevent (if is a plain dumb UDP port 5060 filtering), just have your server listen in another UDP port...
Hello, In some countries i found that they are blocking SIP port 5060 so instead of this i change to another port 1221, and its work well. But in one country the are not blocking SIP but they are playing with RTP packets, if they filtered it is VoIP RTP they are doing something called party cannot hear or some time caller cannot hear but called party can hear well. So i cosider to use SRTP to make encryption. and i am using my asterisk in VPS so i have full control to manage the server. If you guys have better Idea to prevent such kind of issue, it will be good for us. Abdul Most of the blocking in other countries, was not for RTP traffic, but for signaling traffic (SIP usually, Mexico x Vonage comes to mind). You are sure they are blocking RTP traffic ? And, from what I understand, in some places the gov. forced the ISPs to remove the blocking (at least, I heard of one such a case in Brazil, a DSL provider started to block SIP, and Anatel, Brazil gov. entity that regulate telephony and others, asked them to remove the blocking, others with more knowledge of the case may be able to add their remarks) Blocking SIP if you control the server is somewhat easy to prevent (if is a plain dumb UDP port 5060 filtering), just have your server listen in another UDP port... --------------------------------- See the all-new, redesigned Yahoo.com. Check it out. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20060716/c2eca1b6/attachment.htm
On Jul 16, 2006, at 9:45 PM, Abdul wrote:> Hello, > > In some countries i found that they are blocking SIP port 5060 > so instead of this i change to another port 1221, and its work > well. But in one country the are not blocking SIP but they are > playing with RTP packets, if they filtered it is VoIP RTP they > are doing something called party cannot hear or some time caller > cannot hear but called party can hear well. > > > So i cosider to use SRTP to make encryption. and i am using > my asterisk in VPS so i have full control to manage the server. > If you guys have better Idea to prevent such kind of issue, it > will be good for us. >Why not use IAX2? Then you only have one port to worry about reconfiguring.... -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/enriched Size: 904 bytes Desc: not available Url : http://lists.digium.com/pipermail/asterisk-users/attachments/20060716/a525a74e/attachment.bin
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Martin Joseph wrote:> > On Jul 16, 2006, at 9:45 PM, Abdul wrote: > >> Hello, >> >> In some countries i found that they are blocking SIP port 5060 >> so instead of this i change to another port 1221, and its work >> well. But in one country the are not blocking SIP but they are >> playing with RTP packets, if they filtered it is VoIP RTP they >> are doing something called party cannot hear or some time caller >> cannot hear but called party can hear well. >> >> >> So i cosider to use SRTP to make encryption. and i am using >> my asterisk in VPS so i have full control to manage the server. >> If you guys have better Idea to prevent such kind of issue, it >> will be good for us. >> > Why not use IAX2? Then you only have one port to worry about > reconfiguring....Or alternatively run the whole thing over a OpenVPN UDP encrypted network (really simple to set up): http://openvpn.net/ - -- Cheers, Matt Riddell _______________________________________________ http://www.sineapps.com/news.php (Daily Asterisk News - html) http://freevoip.gedameurope.com (Free Asterisk Voip Community) http://www.sineapps.com/rssfeed.php (Daily Asterisk News - rss) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFEuzuhS6d5vy0jeVcRAuYvAJ0UTWw2nZK+DWH8a9BE0w/klT8VpQCfSqd/ 07NexDPcXZsJA/t0VGFqZMA=BcfJ -----END PGP SIGNATURE-----