[asterisk-dev] RTP/SAVP & TLS
Ross Beer
ross.beer at outlook.com
Wed Jan 6 08:07:53 CST 2016
> Date: Wed, 6 Jan 2016 08:22:34 -0400
> From: jcolp at digium.com
> To: asterisk-dev at lists.digium.com
> Subject: Re: [asterisk-dev] RTP/SAVP & TLS
>
> Ross Beer wrote:
> > Hi Dev,
> >
> > In Asterisk 1.8 Snom phones accept calls when RTP/SAVP is set to
> > 'mandatory' which means that the RTP/SAVP options appear in the SDP 'm'
> > lines. However in Asterisk 13 chan_pjsip, no such lines exist when using
> > 'SDES' encryption.
>
> The "media_encryption=sdes" option turns on SRTP support and thus makes
> the media RTP/SAVP. You can also turn on optimistic SRTP support as well
> using "media_encryption_optimistic=yes" which will use RTP/AVP but
> include a crypto line. I just checked the testsuite tests for SDP
> offer/answer and they are passing, I also manually enabled it and
> confirmed it is RTP/SAVP. You may have a configuration error. Snom devices work correctly when 'media_encryption_optimistic=no', when this is set to yes the RTP/SAVP is replaced: Set to No = "m=audio 41988 RTP/SAVP 8 0 3 101" Set to Yes = "m=audio 36240 RTP/AVP 8 0 3 101" I have updated my configuration to not use the optimistic setting.
>
> >
> > Therefore Snom phones require this option to be set to 'off'. Should
> > Asterisk 13 be offering RTP/SAVP in the same way as chan_sip did?
> >
> > With regards to TLS, devices reject calls if a 'transport=transport-tls'
> > is specified. Is this also a bug as it appears that Asterisk doesn't
> > re-use an active connection in this situation?
>
> This is a bug in PJSIP which has an issue on our side[1]. If an explicit
> transport is specified PJSIP will not reuse a connection.
>
> [1] https://issues.asterisk.org/jira/browse/ASTERISK-22658
> Great, I can work around this until a fix is in place. Thank you for your assistance.
> --
> Joshua Colp
> Digium, Inc. | Senior Software Developer
> 445 Jan Davis Drive NW - Huntsville, AL 35806 - US
> Check us out at: www.digium.com & www.asterisk.org
>
>
> --
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>
> asterisk-dev mailing list
> To UNSUBSCRIBE or update options visit:
> http://lists.digium.com/mailman/listinfo/asterisk-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-dev/attachments/20160106/eb3ec3cc/attachment.html>
More information about the asterisk-dev
mailing list