Need secure SIP trunks? use IPSec, proven and robust

December 8, 2008

When it comes to security with VoIP, few options are available – I mean proven and widely available. One of the most secure method is certainly VPN with IPSec. It offers many advantages:

– encrypt traffic from source to destination
– widely available
– proven and robust

What you can do as well, is to fool most ISPs that don’t like VoIP very much (we wonder why 😉 . In some countries they simply filter 5060 or anything related to VoIP (H323).

A simple way to setup IPsec is to use racoon (available on most Linux distributions).

Typical settings are :

Mode: transport
Security protocol: ESP(Encapsulating Security Protocol)
Encryption types: 3DES (Triple Data Encryption Algorithm)
Authentication algorithms: MD5 (Message-Digest Algorithm 5)
Authentication methods:PSK (pre-shared key)

Make sure that you share the same encryption key with the remote party – it can be anything.

You will find many tutorials on google explaining how to setup racoon – i recommend having a server with at least 2 ethernet interfaces so you can have the flexibility of encrypting a subset of your traffic, since maybe not all your traffic will need encryption.

Technorati Tags: , , , ,

MINUTETRADERS | Voice Exchange Marketplace – Buy/Sell VoIP/TDM AZ & Direct Termination Routes