[asterisk-users] TLS, SRTP, Asterisk11 and Snom870s
James B. Byrne
byrnejb at harte-lyne.ca
Tue Mar 3 16:04:22 CST 2015
On Tue, March 3, 2015 16:34, James Cloos wrote:
> Other things to consider:
>
> The transport config, which can be in [general] or in a peer's []
> block.
> if you want tls-only, use transport=tls
> it also accepts tcp, udp or a comma-separated list.
> if given a list, it tries them in order
>
The specific device I am using to test this with has only
transport=tls set. Which is why it cannot register because the
default fall-back to udp is not permitted.
> If you need ast to register over tls, use something like this:
>
> register => tls://username:xxxxxx@sip-tls-proxy.example.org
Does this go in the device context? In other words is it placed in
the same context that the device's transport value is set? Would the
following be valid?
[device]
register => tls://user:extension@192.168.6.112:5061
How would multiple users at a single device be handled?
>
> (copied from the example sip.conf).
>
> Set tlsbindaddr to the address to which to bind(2) the tls socket.
> tlsbindaddr=0.0.0.0 is typical in ipv4-only configs.
>
> -JimC
Presumably this is equivalent to tlsbindaddr=0.0.0.0/0.0.0.0? Is the
syntax tlsbindaddr=0.0.0.0/0.0.0.0:5061 is also correct?
--
*** E-Mail is NOT a SECURE channel ***
James B. Byrne mailto:ByrneJB at Harte-Lyne.ca
Harte & Lyne Limited http://www.harte-lyne.ca
9 Brockley Drive vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada L8E 3C3
More information about the asterisk-users
mailing list