1

I have to setup a secured sip session between android phones on 3G network. SIP signaling would be secured with TLS and media stream with SRTP. And I have never touched these protocols and components required to accomplish this.
I want to test it first with a LAN setup, for that I am trying to setup following with latest versions so that I don't miss on some security features:

  1. Asterisk (+ Dahdi + LibPre)
  2. Apache
  3. MySQL
  4. FreePBX
  5. Sipdroid on Android.


But for reducing variables I am going to test it on two PCs with some minimalistic SIP UAs and without any secure protocols. Just to make sure that asterisk is running fine.

I have Ubuntu 10.04 running on Parallels Desktop on MacBook Pro.

Problems

  1. What are the components needed to make this happen, meaning do I need FreePBX for Lan based call is Asterisk is not a PBX?
  2. I have read "asterisk to asterisk" calling. Is it a SIP UA as well, I have also read that it will act as a SIP Server.
  3. Some link where I can get myself educated to set up the environment.
  4. Is running that on virtual machine going to work. I have tested apache and its working from another PC in my LAN.

Thanking in advance for your support.

Harsh Vardhan
  • 675
  • 1
  • 11
  • 24

1 Answers1

3

Such setup will be too complex for beginner to be stable.

Better option(and more secure) use openvpn.org tunnel and not use TLS.

1) Freepbx is just web for simpler control asterisk. I not recomend use freepbx for public systems(for internal use it ok if firewalled). You also need add fail2ban to your installation.

3) http://www.asteriskdocs.org/, http://cdn.oreilly.com/books/9780596510480.pdf. But i am afraid you will need some REAL experience to got working what you requested.

4)Dahdi on virtual machine will not work. Conference will not work. Sound can have issues. All other would work ok.

arheops
  • 15,544
  • 1
  • 21
  • 27
  • Thanks arheops, I have successfully established a call with aforementioned settings, although you were right about sound issues on VM. Now I want to add TLS for signaling in SipDroid. Do you have any idea where should I put my security certificates to enable TLS? – Harsh Vardhan Oct 15 '13 at 09:06
  • Perhaps what I want to know is where to put the certificates in the SIP UA; in my android device. SIPDroid website is not informative enough. – Harsh Vardhan Oct 16 '13 at 07:03
  • I have no idea where to put cert in your client. That is depend of client. You can check source code to be sure. – arheops Oct 16 '13 at 13:28