Hi,

you are on the right track. Mediaproxy-ng/rtpengine does the conversion of SDP profiles for you, so basically, you will only need to flag the call with the right parameters and rtpengine will do the rest. 

Check out the webrtc example that comes with Kamailio, or my example [1]. You can use this as a starting point to understand how rptengine does the translations.

And in regards of TLS, check out the tls module documentation, but in summary, you can choose to encrypt communication in one socket, and maintain clear UDP/TCP in another. Kamailio will handle the routing among the two.

[1] https://github.com/caruizdiaz/kamailio-ws

Regards,
Carlos



On Thu, Jun 26, 2014 at 3:35 AM, Dani Kamailio <dani.kamailio@gmail.com> wrote:
Hello,

I need to build a VoIP system who receives SIP and RTP traffic in a public IP and encrypt both of them with TLS and SRTP respectively. The main point is to have security inside of the local network (I know it may sound unuseful).

So, I was trying to build the whole system in Kamailio but I got stucked with the RTP to SRTP bridge and I do not really know how to do it. I know that there are some modules like rtpproxy-ng and rtpengine as media relay that can handle SRTP... any ideas?
I just want to make sure that I am in the right way.

If it could be done in Kamailio, have I to write the code to encrypt RTP, like the algorithm or something?

Would it be convenient to send the RTP packets to Asterisk? (and Asterisk would somehow encrypt them?)

I am pretty new with all of this, any help will be apreciate,
thank you.

_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users@lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users




--
Carlos
http://caruizdiaz.com
http://ngvoice.com
+52 55 3048 3303