[asterisk-users] IAX2 encryption - LAN. no, INET: yes???
Russell Bryant
russell at digium.com
Mon Aug 11 11:49:06 CDT 2008
Stefan Gofferje wrote:
> Hm, not sure if I get your point.
>
> This is the infrastructure (exempt):
>
> Zoiper --LAN-- Asterisk --INET-- Zoiper
> (my) | (friend)
> |
> Cisco
> phone
>
> When I dial the Cisco phone from my Zoiper, wireshark shows unencrypted
> packets. When my friend calls the Cisco phone from her Zoiper, wireshark
> shows "unknown" = encrypted(?) packets. We are both using the same
> Zoiper release, just she on MAC and I on Windows PC.
>
> I also now tested to make a call from the Cisco phone to my Zoiper -
> also no encryption.
Interesting. Here are a couple more sanity checks you can do. First,
double check to ensure that your entry in iax.conf has encryption=yes
set. Also, when you make the call into Asterisk, set the verbose
setting up a bit. You should see output from chan_iax2 which indicates
what peer you are authenticating as. Make sure that the call is
matching the entry that you think it is.
Also, is there any encryption option in Zoiper that you have to enable?
> Would it make sense to introduce a parameter forceencryption=yes per
> peer in iax.conf? In sensitive environments, people want to be certain
> that a call is encrypted. They probably rather want a call to fail than
> have a call that might be unencrypted without knowing it.
That is a good suggestion.
--
Russell Bryant
Senior Software Engineer
Open Source Team Lead
Digium, Inc.
More information about the asterisk-users
mailing list