subject:"\[asterisk\-users\] snom and srtp"

[asterisk-users] snom and srtp

2011-08-02 Thread James Perkins

Hi,
I am running asterisk 1.8.5.0 and have compiled in the srtp module
All but Snom phones are working.
I have set the srtp tag on the snoms to 80 and RTP/SAVP to mandatory and they 
worked for a few hours. This morning all snoms are reporting this when trying 
to make a call (this is snom calling snom).
-snip--
  == Using SIP RTP CoS mark 5
-- Executing [1@default-outbound08:1] Dial("SIP/10002-0012", 
"SIP/1,30") in new stack
  == Using SIP RTP CoS mark 5
-- Called SIP/1
-- SIP/1-0013 is circuit-busy
  == Everyone is busy/congested at this time (1:0/1/0)
-- Executing [1@default-outbound08:2] VoiceMail("SIP/10002-0012", 
"1,uj") in new stack
[Aug  3 11:58:29] WARNING[9543]: res_srtp.c:384 ast_srtp_unprotect: SRTP 
unprotect: authentication failure
[Aug  3 11:58:29] WARNING[9543]: res_srtp.c:384 ast_srtp_unprotect: SRTP 
unprotect: authentication failure
--  Playing 'vm-theperson.g729' (language 'en')
--  Playing 'digits/1.g729' (language 'en')
--  Playing 'digits/0.g729' (language 'en')
--  Playing 'digits/0.g729' (language 'en')
--  Playing 'digits/0.g729' (language 'en')
--  Playing 'digits/0.g729' (language 'en')
sage*CLI>
Disconnected from Asterisk server
[root@sage asterisk]#
---snip---

The interesting thing here is the call fails at this point and for some reason 
the cli disconnects when the call fails.
Here is a call to a mobile which connects but the call dies in about 4 seconds
--snip
  == Using SIP RTP CoS mark 5
-- Executing [0429835743@default-outbound08:1] Dial("SIP/10002-", 
"SIP/private-sip/0429835743") in new stack
  == Using SIP RTP CoS mark 5
-- Called SIP/private-sip/0429835743
-- SIP/private-sip-0001 is ringing
-- SIP/private-sip-0001 answered SIP/10002-
[Aug  3 12:06:05] WARNING[10146]: res_srtp.c:384 ast_srtp_unprotect: SRTP 
unprotect: authentication failure
[Aug  3 12:06:05] WARNING[10146]: res_srtp.c:384 ast_srtp_unprotect: SRTP 
unprotect: authentication failure
sage*CLI>
Disconnected from Asterisk server
--snip

I have done heaps of reading on SRTP unprotect error but cant really work it 
out from that.
Q. should I try the patch mentioned below and forget about snoms doing 80 bit 
incription or should I persevere with making this work?
thanks James

---snip---
Patch SRTP for 32bit
SRTP have a cryptographic hash to check the integrity of the encrypted packets.
It support two hash size:
● 32bit
● 80bit
In order to properly fine tune SRTP for mobile networks and to have 
compatibility with PrivateGSM Enterprise we must use
SRTP with hash at 32bit (HMAC_SHA1_32).
Asterisk 1.8 by default does not announce in SDP both 32bit and 80bit, but only 
the 80bit version even if both are supported.
This very small 1 line patch make Asterisk by default work with SRTP hash at 
32bit .
Download the patch for HMAC_SHA1_32 RTP crypto offer
48. wget 
http://sourceforge.net/projects/Asterisk-amr/files/1.8.0-rc2_crypto_offer.diff/download
Apply the patch
49. cd Asterisk-1.8.0/ && patch -p2 < ../1.8.0-rc2_crypto_offer.diff
Go to Asterisk-1.8.0/ folder50. cd ..
Recompile Asterisk ,
51. make ; make instal
snip--
--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] snom and srtp

2011-08-03 Thread Paul Hayes


On 03/08/11 03:15, James Perkins wrote:

Hi,
I am running asterisk 1.8.5.0 and have compiled in the srtp module
All but Snom phones are working.
I have set the srtp tag on the snoms to 80 and RTP/SAVP to mandatory and
they worked for a few hours. This morning all snoms are reporting this
when trying to make a call (this is snom calling snom).


What firmware version have you got on the snom phones?  It needs a 
pretty new version to work properly.  I wrote some notes when I got this 
working here:


http://blog.provu.co.uk/item/212/catid/3

Although that was back on Asterisk 1.8.4.1.  The same server is 
currently on 1.8.4.3 and still working OK.


cheers,
Paul.

--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
  http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
  http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] snom and srtp

2011-09-14 Thread Alexis de BRUYN

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hi James,

How did you resolve this issue?

> [Aug  3 11:58:29] WARNING[9543]: res_srtp.c:384 ast_srtp_unprotect:
SRTP unprotect: authentication failure
> [Aug  3 11:58:29] WARNING[9543]: res_srtp.c:384 ast_srtp_unprotect:
SRTP unprotect: authentication failure

I am experiencing this problem too with Asterisk 1.8.4.x to 1.8.6.0 and
srtp 1.4.2 & 1.4.4.

Thanks for your answer.

Regards,

- --
Alexis de BRUYN
email : ale...@de-bruyn.fr
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAk5wrOoACgkQNy3UyEOc6xX4AQCglEM6Xz3Hf/B0XELuP+w3YpQ+
Mh0AnRNAR0rO9erpS+kzoZlgnq9MhmQ0
=uiTR
-END PGP SIGNATURE-

--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
   http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

[asterisk-users] snom and srtp

Re: [asterisk-users] snom and srtp

Re: [asterisk-users] snom and srtp

3 matches

Site Navigation

Mail list logo

Footer information