Analog Gateway FXS configure TLS and SRTP with Openvox UC
TLS (Transport Layer Security) is a network security protocol used to encrypt and secure data transmission over the internet. It establishes an encrypted channel between two communicating devices (e.g. server and client) to ensure that transmitted data is not intercepted or tampered with.
This article provides an example of configuring TLS between an Analog Gateway FXS and Openvox UC. After configuration, when phone 1001 on the Analog Gateway dials phone 1002 on Openvox UC, the data will be encrypted using TLS.
Note: The configuration example in this article uses a self-signed TLS certificate, which has relatively weak security. It is not recommended for use in formal production environments.
Step 1.Create extension 1001 and 1002 on Openvox UC.
Set the transport mode to TLS in the advanced settings page of the extension.
If you want to use SRTP, change SRTP to Yes
Step 2.Create TLS certificates for extensions 1001 and 1002, and download them.
Go to System->Security->Certifications, create TLS certificates for extensions 1001 and 1002, and download them.
Step 3.Enable the TLS on Openvox UC
Go to PBX->Settings->PBX Settings, enable the TLS on Openvox UC.
Step 4.Enable TLS on the Analog Gateway FXS, and upload the client key and certificate for extension 1001.
Go to VoIP->SIP Account Security, enable the TLS, and upload the client key and certificate for extension 1001.
Step 5.Register extension 1001 on the Analog Gateway FXS, and bind it to the FXS port.
Register extension 1001, and choose TLS as the transport mode.
Step 6.Register extension 1002 on the softphone.
In this example, we use the free softphone software Blink for testing.
When configuring the account, pay attention to the following parameters related to TLS:
If you want to use SRTP, please change the configure of SRTP on softphone.
Test call
Use 1002 call 1001, the encryption icon will show on the softphone.
