Phone SRTP <-> FreeSWITCH <-> Trunk or Phone no SRTP

Hello everyone!
I don’t know if my question is in the right place.

I’m on FusionPBX and everything is great!

I would like extensions that are registered in TLS (5061) to be able to communicate in srtp with stations registered (5060) without srtp.
Then my trunk (5080) without srtp.

In the variables, modifying:
internal_auth_calls=true
rtp_secure_media=optional

• If I call from my yealink extensions (5061)-> SRTP OK
• If I call from my extension registered in 5060, it works (5060 unencrypted, to yealink 5061 (encrypted)
• If I call from one of my yealink extensions to a telephone registered in 5060, it does not work.
  He denies me the call because I am offering crypto.
  How can I not offer crypto for extensions registered in 5060?

Do you have an idea? Create two internal profiles, one for the 5060 and another for the 5061?

Thank you all!

You probably need to set additional variables on the bridge line facing the phone that you don’t want SRTP on. Set those inside the {rtp_secure_media=false}

/b

Thanks for the info, but it doesn’t work.
I think I’m doing the wrong thing in the right place.

If I add rtp_secure_media=false in the variables, in SIP internal, calls from TLS phone no longer work.

In Variable of FusionPBX I have:
SIP, SIP External, SIP Internal.

Maybe put rtp_secure_media=false in SIP and not SIP Internal.

Sorry I’m new to Freeswitch.

Assuming SIP Internal is your internal SIP Profile, then the parameters you add will be applied to all calls for that SIP profile.

To apply this for specific calls, you need to apply this as a variable on the bridge action inside curly brackets, either in the Dialplan or in a LUA script. You could apply some logic using LUA to only enable SRTP on calls to certain extensions, perhaps based on a setting for that extension in the database.

More info on bridge here:

I didn’t say set it in vars.xml or on the profile, you set it on the bridge line inside {rtp_secure_media=false}sofia/something/something
/b