adahary at gmail.com Guest
|
Posted: Sun Feb 21, 2016 8:00 am Post subject: [Freeswitch-users] Freeswitch extended with ZRTP |
|
|
Hi,
I would like to setup FS1 as a 'ZRTP gateway' to a none-zrtp sip client.
Here is my net setup:
Client1 (without ZRTP)-> LAN -> FS1 (Gateway: register to FS2) -> NAT -> Internet-> Public IP (not NAT) FS2 -> CSipSimple (ZRTP enabled).
Client1:
<![if !supportLists]>Ø <![endif]>Ex#1000, Registered over LAN to FS1.
FS1:
<![if !supportLists]>Ø <![endif]>Being NAT with dynamic IP address
<![if !supportLists]>Ø <![endif]>Registered as a Gateway to FS2 (in Internal profile). So FS1 is extended on FS2.
<![if !supportLists]>Ø <![endif]>Setup as 'Proxy-Media = false' && zrtp_enrollment=true (trusted MITM).
FS2:
<![if !supportLists]>Ø <![endif]>Connected with static public IP address (not behind NAT)
<![if !supportLists]>Ø <![endif]>Setup as 'Proxy-Media = true' && inbound-late-negotiation=true.
CSipSimple:
<![if !supportLists]>Ø <![endif]>Behind NAT (remote WiFi/3G) and is registered on FS2 (Internal profile).
FS2 is successfully serving multiple CSipSimple ZRTP clients with end-to-end ZRTP secure calls.
The problem:
When calling from Client1/FS1 to FS2/CSipSimple,
then FS1 shows ' WARNING! Incoming ZRTP CRC validation fails'
and FS2 shows ' ZRTP not negotiated on both sides; disabling ZRTP passthr…'.
I have tested FS1 locally with CSipSimple and it manages to connect with ZRTP/MITM so it is capable of ZRTP.
I follow up what have been recommended on the forum to extend FS1 and to verify matching codecs (I forced PCMU only on all devices) and to check RTP/UDP ports flow (SIP trace).
I would appreciate any help on how to setup end-to-end ZRTP calls between FS1 and remote CsipSimple (FS2).
Regards
Assaf |
|