asterisk users - Jun 2007 - What is the state of Asterisk Secure Remote Communications?

Hello all,

The wiki has a fairly detailed description of the the issues involved 
with encryption of Asterisk calls:
http://www.voip-info.org/wiki/view/Asterisk+encryption

I'm interested in hearing what is working for people today.

I think the ideal solution would be a hard phone that could be plugged 
in almost anywhere (dsl/cable modem, hotel, etc) and connect securely to 
a remote Asterisk server (both for signalling and the RTP media 
stream).  This might be a standalone phone, or maybe one plugged into a 
small (broadband router sized) box.

An example commercial phone system with this capability is the Mitel 
3300 or SX-200 with 5xxx IP phones having teleworker capability.

What solutions "just work" out there?  ("Just work" means
that the end
user only has to know enough to plug stuff in to get a dial-tone and 
incoming calls).

All ideas (commercial or otherwise) welcome.

Thanks,
Alvin

On 13 Jun 2007, at 22:48, Alvin Austin wrote:
> Hello all,
>
> The wiki has a fairly detailed description of the the issues  
> involved with encryption of Asterisk calls:
> http://www.voip-info.org/wiki/view/Asterisk+encryption
>
> I'm interested in hearing what is working for people today.
>
> I think the ideal solution would be a hard phone that could be  
> plugged in almost anywhere (dsl/cable modem, hotel, etc) and  
> connect securely to a remote Asterisk server (both for signalling  
> and the RTP media stream).  This might be a standalone phone, or  
> maybe one plugged into a small (broadband router sized) box.
>
> An example commercial phone system with this capability is the  
> Mitel 3300 or SX-200 with 5xxx IP phones having teleworker capability.
>
> What solutions "just work" out there?  ("Just work"
means that the
> end user only has to know enough to plug stuff in to get a dial- 
> tone and incoming calls).
>
> All ideas (commercial or otherwise) welcome.
Well, if you aren't wedded to SIP,  IAX's encryption seems to fit the  
bill.

It 'works for me'. The design goal was to have 'good enough'  
encryption that didn't require any
copying of keys.

If you have 2 modern asterisks that are talking to each other over  
IAX at the moment,
you can just say 'encryption=yes' in your iax.conf, and your calls  
between them will be encrypted.

There are a few (small) provisos:
	1) you have to be using password auth for the calls.
	2) I don't think it works with IAX trunking
	3) the called/calling numbers are in the clear. (encryption only  
kicks in with the
'accept' message).

I don't know of any hard phones that implement it, but I guess that  
quite a lot of
the small-asterisk-in-a-box solutions will run it just fine.

I've got a pre-production version of our softphone that supports it,  
and I guess that
iax-client probably will too soon.


Tim.
>
> Thanks,
> Alvin
>
>
>
>
> _______________________________________________
> --Bandwidth and Colocation provided by Easynews.com --
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>   http://lists.digium.com/mailman/listinfo/asterisk-users
Tim Panton

www.mexuar.net
www.westhawk.co.uk/