[VOIPSEC] What the most popular key exchange method(MIKEY, SDP Security Descriptions, ...) in VoIP marketing ?
dennis
m8939605 at yahoo.com.tw
Fri Jan 13 08:43:19 CST 2006
Hi all,
I think that there is a Firewall issue here.
To imagine a client A and client B are both behind
routers, and the routers have NAT/Firewall. If A and B
run the SIP over TLS and A make a call to B. Because
the SIP siganl are encrypted, firewall of B's router
can't inspect SDP for the RTP ports used (ALG), and
SRTP
stream can't pass firewall.
The solutions are below:
1.FWs open all UDP ports for RTP
2.Routers have TLS connection with proxy and client.
3.UPnP(Can UPnP solve the issue?)
TLS TLS
A------->Router------->SIP Proxy
TLS
------->Router------>B
Best regards,
Dennis
--- Harry Behrens <hb at snom.de> 說:
---------------------------------
in fact no, actually makes life easier for
signalling (but that isnever a problem with NAT
anyway).
On the media side: SRTP is just UDP as before, so it
stays as stable orbuggy as before...
-h
___________________________________________________ 最新版 Yahoo!奇摩即時通訊 7.0,免費網路電話任你打! http://messenger.yahoo.com.tw/
More information about the Voipsec
mailing list