HOW TO Add Secure RTP to Asterisk 1.8

支才
2023-12-01

http://www.pbxinaflash.com/community/index.php?threads/how-to-add-secure-rtp-to-asterisk-1-8.8881/

http://www.voip-info.org/wiki/view/Asterisk+SRTP

http://www.remiphilippe.fr/2011/01/16/asterisk-srtp-with-1-8/


It turns out that it's quite straightforward to add sRTP functionality to Asterisk 1.8 (purple for us PIAF users). You just need to compile and install libsrtp, and then re-configure and re-compile Asterisk. Here's a short howto.


1) Download libsrtp source. There are a couple of spots out there to get it, but I found this link that already has everything set up for CentOS.

f-t-p://f-t-p.owlriver.com/pub/local/ORC/srtp/srtp-1.4.4-1orc.src.rpm

2) Install the source package.

rpm -ivv srtp-1.44-1orc.src.rpm

It will complain about not having a particular user on your system, but that's not a big deal.

3) cd to /usr/src/redhat/SOURCES and extract the tarball

tar xvf srtp-1.4.4.tgz

4) cd to /usr/src/redhat/SOURCES/srtp and build libsrtp.

cd srtp
./configure
make
make install

5) cd to /usr/src/asterisk and reconfigure.

cd /usr/src/asterisk
./configure

Note - I didn't use any extra configure flags. Not sure if the official PIAF build does or not. If there should be some, somebody will let me know, I'm guessing. My build seems to work fine without any.

6) Make sure that res_srtp is enabled in the menuconfig.

make menuconfig

Go to the resources section and check that res_srtp has a * by it.

7) Build asterisk.

amportal stop
make
make install
amportal start

8) Rebuild Flite

amportal stop
cd /usr/src/asterisk-flite
make
make install
amportal start

That's all - you should now have sRTP support.

I've got a Polycom 601 phone that supports sRTP. To get that working, I added the following lines to my local-sip.cfg for provisioning the phone:

sec.srtp.enable="1"
sec.srtp.leg.enable="1"
sec.srtp.offer="1"
sec.srtp.leg.allowLocalConf="0"

According to the Polycom documentation, this set of commands should enable sRTP for registrations that support it. If you try to register to an older version of asterisk without sRTP support, the phone quietly ignores these settings. You can see that the encryption is enabled by the padlock on the display when making a call.

Several other brands of IP phones support sRTP, and there are even a couple of soft-phones that support it.

Dave
 类似资料:

相关阅读

相关文章

相关问答