By the default settings, Blink, and SNOM’s does not work if you have res_srtp.so loaded.
I’m trying to setup a box so that extensions that use the encrypted RTP or STRP, set to something called “optional”, will work.
Currently, Asterisk will return with:
Its simple to fix if you have access the to phone settings. Just set SRTP to either on or off, and the call will be either encrypted or not.
But what if you don’t have access to the phones?
Asterisk have documented to this behavior, but say SRTP does not make sense to be “optional”, and does not conform to standards. Although this may be true, it still seems to be the default setup for thousands of our client’s phones.
What’s the workaround - SRTP needs to be set either on or off, per extension, from the server side?
Howdy,
See the media_encryption_optimistic option that’s part of chan_pjsip in 13.1 and newer.
Cheers
Any chance of doing this with chan_sip and Asterisk 11?
I’m unlikely to upgrade, or change our system to PJSIP - its a large installation.
As you can imagine, im unlikely to be able to configure thousands of extensions to disable SRTP. So for now the res_srtp module stays unloaded.
[quote=“Euphorian”]Any chance of doing this with chan_sip and Asterisk 11?
I’m unlikely to upgrade, or change our system to PJSIP - its a large installation.
As you can imagine, im unlikely to be able to configure thousands of extensions to disable SRTP. So for now the res_srtp module stays unloaded.[/quote]
Negative. 11 existed before the days of mid-stream feature adds. That didn’t happen until 12. Someone in the community could make a similar feature add for chan_sip in 13 - they’ll need some tests, too - if they wanted to.
Cheers