sipwitch-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sipwitch-devel] Sipwitch and csipsimple failure over WAN

From: sipwitch
Subject: Re: [Sipwitch-devel] Sipwitch and csipsimple failure over WAN
Date: Sat, 14 Jun 2014 21:40:56 -0400 
Sipwitch worked fine on the local LAN 10.0.0.0/24. After I moved to the 
permanent public IP I gave up :-( Sipwitch simply doesn't work. This IP is only 
for me from ISP. It never changes, ports are not blocked. Raspberry PI works 
and almost all works properly.
Sipwitch can’t setup ZRTP or NO ZRTP call between 2 CsipSimple Android phones 
and it doesn’t meter if they are on some public addresses but different classes 
or one is behind NAT or both or behind the same NAT or different. The only one 
setup works when Sipwitch and both Csipsimples are at the same IP/24 subnet.

But what is worse. I tested FreeSwitch (3 wasted days) and the situation is not 
far better :-) FreeSwitch operating in the similar (as SW) mode – “bypass media 
mode” sets up ZRTP when RasberryPi is on the public IP and CsipSimples are on 
the same subnet behind NAT :-) But only then:-)
There is another mode of the FreeSwitch called “Proxy Media” and in theory it 
should cure NAT traversal problems when the call goes through exposed public IP 
:-) But it also doesn’t work :-) “Proxy Media” should be transparent to 
everything but FS tries to analyze stream anyway and breaks ZRTP negotiation. 
Symptoms are as follows... no sound and no ZRTP, 15-20 seconds of voice and no 
ZRTP or no ZRTP with good voice. FS is better then Sipwitch because at least 
there is a configuration which allows me to call when FS is on public IP :-)
More funny is the “out of the box mode” haha :-) It sets up ZRTP but in the 
MiTM mode :-) LOL :-) Both SAS  codes don’t mach because FS works as a MiTM and 
a voicemail garbage is in between and we can’t disable it :-) ZRTP is between 
each extension and RaspberryPi but on RaspberryPi it is unencrypted and you 
can’t disable it. I can call it “NSA mode of operation” :-)

I tested also YATE.null.ro … As expected authors forgot about security.

Now all of these software is garbage :-) Sipwitch is a small piece of software. 
Enough for ZRTP calls but only inside the same subnet.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]