I have to setup a secured sip session between android phones on 3G network. SIP signaling would be secured with TLS and media stream with SRTP. And I have never touched these protocols and components required to accomplish this.
I want to test it first with a LAN setup, for that I am trying to setup following with latest versions so that I don't miss on some security features:
Asterisk (+ Dahdi + LibPre)
Apache
MySQL
FreePBX
Sipdroid on Android.
But for reducing variables I am going to test it on two PCs with some minimalistic SIP UAs and without any secure protocols. Just to make sure that asterisk is running fine.
I have Ubuntu 10.04 running on Parallels Desktop on MacBook Pro.
Problems
What are the components needed to make this happen, meaning do I need FreePBX for Lan based call is Asterisk is not a PBX?
I have read "asterisk to asterisk" calling. Is it a SIP UA as well, I have also read that it will act as a SIP Server.
Some link where I can get myself educated to set up the environment.
Is running that on virtual machine going to work. I have tested apache and its working from another PC in my LAN.
Thanking in advance for your support.
Such setup will be too complex for beginner to be stable.
Better option(and more secure) use openvpn.org tunnel and not use TLS.
1) Freepbx is just web for simpler control asterisk. I not recomend use freepbx for public systems(for internal use it ok if firewalled). You also need add fail2ban to your installation.
3) http://www.asteriskdocs.org/, http://cdn.oreilly.com/books/9780596510480.pdf. But i am afraid you will need some REAL experience to got working what you requested.
4)Dahdi on virtual machine will not work. Conference will not work. Sound can have issues. All other would work ok.
Related
I want to develop a client server application in which server is on PC having wifi and client application in on android phone. I want to make server application using vc++.Net and client application in android. I am newbie in network programming and i am unable to find any clue about this on internet. And I also don't know is it possible that server is made using vc++.net and client is made using android.
Can anybody please direct me how can i move for this. And if possible please provide me some links related to this.
Any help will be appreciated.
Your question is vague and open to a lot of potentially "correct" answers. First of all, the whole wifi v.s. internet part is irrelevant, you just want to communicate from your Android devices to your pc over the network.
The term to look for is sockets. What you do is listen to particular port on the PC (the "server"). You'll have to open up the relevant ports in the firewall.
You then write an android app that communicates with this server, see here for a proper introduction.
There is no problem using a single socket (ip address + port) to connect with multiple devices, as long as your protocol includes a way for each client to identify itself.
...
That said, you can also do all of this at a higher level, running a SOAP/JSON-based client/server scheme (as opposed to writing your own socket-based protocol). See http://wiebe-elsinga.com/blog/?p=405 for an example.
What is the most appropriate choice depends on your exact requirements (performance, deployment) and your level of experience.
Update
You can use jmDNS to achieve this. It's a really helpful library and once you detect the all devices connected to the same wifi you can get their ip and port so you can establish a connection. You can learn more about how to use it here.
Or you can use Android Wi-Fi Direct API which works only for API Level 14+. Here is more information about the API : Wifi-Direct.
how to achieve transfer file between client and server using java socket
Hope it is what you are looking for! : )
I have been looking for a way to set up the Android SIP stack to be able to establish a SIP call between two devices on the same network, in an ad-hoc manner. i.e without REGISTERing to a SIP server.
I have not been able to get this to work, as the SIP Demo includes server registration, and I cannot get it to make or receive a call without this step.
I am not even sure if this is supposed to be possible. The little mention of this I have been able to find is conflicting (some say it can be done with a specific set up which they do not say what is, and some say the Android SIP API is not meant for this).
I was wondering if anyone has got this to work or has any clues as to how I could go about configuring the API for this, as I would like to use the built in SIP API before looking at third party ones.
The application I am developing is an internal one which will always be running on the same devices, so the fact that the SIP API is not present on all devices will not be an issue for me.
I have been stuck on the same problematic.
If you can make it without the android sip api, you can look at the rtp api which gives you a bit lower-level tools to make a P2P VOIP application without the need of a server.
To support audio conferencing and similar usages, you need to
instantiate two classes as endpoints for the stream:
AudioStream specifies a remote endpoint and consists of network
mapping and a configured AudioCodec. AudioGroup represents the local
endpoint for one or more AudioStreams. The AudioGroup mixes all the
AudioStreams and optionally interacts with the device speaker and the
microphone at the same time.
The counterpart is that you have to write your own device discovery protocol in order to know the port used by the audiostream peer as explained in this answer
The problem is not so hard if you only intend to make one-to-one conversation but is a little bit trickier if you want to make one-to-n conversation.
For a one-to-n conversation, the conference host has to instanciate n audiostream for each remote device he wants to call. Each remote peer has only one audiostream linked to one of the host audiostream.
You can do this with CSipSimple, which is open source: http://code.google.com/p/csipsimple/
You set up local accounts, register to yourself instead of a server, then make a phone call using TXT mode and dial remote_account_name#remote_ip_address.
Sip peer is like an extension number used to configure in sip phone . Please find details for creating sip peer . I am using centos 6.9 64 bit and having installed asterisk 11
You can create sip peer using asterisk server .
Goto vi /etc/asterisk/sip.conf
[1001]
username=1001
secret=123
qualify=yes
type=friend
disallow=all
allow=ulaw,alaw,gsm
host=dynamic
For more detail and easy understanding. Please refer given below link
https://youtu.be/27wm-fu25SM
or
http://rulariteducation.blogspot.in/2017/07/how-to-add-sip-peer-in-asterisk.html
I know Google Talk for Android tries to connect to mtalk.google.com:5228 (or port 5223 or port 5222) but when I'm connected to University Wifi I can't use gTalk because all outgoing connection to port 5228 (etc.) are blocked. I know also that the Google Talk services are accessible trought port mtalk.google.com:443. [Correct me if I'm wrong].
Can I redirect all my outgoing traffic to mtalk.google.com:5228 to mtalk.google.com:443 ? Maybe using an app? Or using iptables? And how can I do?
Hopefully someone else will have a solution, but it seems like Google Talk in the browser automatically does this (hence, service available through 443), but the Android version only uses 5228.
This thread suggest it may be a fallback-only scenario, so you might run into problems with redirection even if you can redirect the traffic on the phone.
This issue suggests, once again, that the 443 port is only available for the browser version of Google Talk.
Finally, while it isn't absolutely a reliable user, here is a little more support for the possibility that Android GTalk just outright can't use port 443.
Yes, there are many ways to do it.
There are stand alone proxy apps or apps that provide the service as well.
One simple solution that can just work is to use Orbot: Tor on Android.
Another solution that does not related to tor https://play.google.com/store/apps/details?id=com.mgranja.autoproxy_lit
Since you mentioned Iptables you can also try ProxyDroid but you'll need a proxy server from out there.
BTW.what android version are you using? I think that gtalk moved to https on recent versions.
How do we make handheld devices secure to login to a domain (mobile device management)? For example: if you have a laptop or if you are working from home using a desktop, you do a VPN and connect to your company’s domain. Once you connect, only then you can access your work email, share point sites, timesheets, etc. So instead of laptops and desktops, how do we create/develop an app on mobile devices which can ensure 100% security to the environment which we are connecting to.i dont have any idea regaring this.Anybody know, just help me.
The problem is essentially establishing a VPN tunnel. The issue with that is that Android does not support the Cisco protocol/extensions out-of-the-box. Cisco have released versions of AnyConnect for phone brands (different kernels, with/without tun.ko, etc.) but that means your users would have to manually connect to the VPN first. You really do not want to implement your own VPN. In fact, you don't want to implement any cryptography whatsoever, since you are guaranteed to get it wrong.
Unfortunately, there's little automation that could be done without root access or support from Cisco (e.g., hooks to start connecting via an external intent). Given root access, you could just run the command-line openvpn tool with a pre-configured config and establish a VPN tunnel to your facilities. This is not an entirely brilliant idea but at least you're not dealing with crypto directly (just kernel versions, tun/tap.ko modules, etc.). The upside of OpenVPN is the granularity of control. The downside of OpenVPN is the granularity of control, i.e. setting up CAs, Server/Client certificate pairs, etc (which you'll need if you're at all serious about doing this on a large scale).
Of course, the easiest solution, if starting completely from scratch, would be to use Android's built-in VPN support. However, that's limited to a subset of L2TP/IPSec, which are not trivial to set up or that widely deployed.
Once the tunnel is established, the rest is just access to the local network.
For a while now I've been playing around with the SipDemo in the Android 2.3
SDK.
The documentation on Android's developer page is nicely written, but it's
not a lot. It does not explain anything about IPs, ports, NAT and STUN.
I know how this stuff is supposed to work, but it doesn't say how
Android's SIP API handles it. Or does it handle NATs at all...
Here, someone mentioned that the API does do some tests for public IP
and port, but it's the first time I read it:
http://code.google.com/p/android/issues/detail?id=14043&can=1&q=sip%20ip&colspec=ID%20Type%20Status%20Owner%20Summary%20Stars
So I'm not sure this is true. At least for me, it didn't work.
But now to my problem:
When I deploy the SipDemo as-is either to my device connected to WiFi
or to the emulator, provide my credentials (I know they work with
SipDroid and other SIP apps) the SipDemo displays "registration
failed".
I did some sniffing and found out the packets sent to the SipServer
all include the devices or emulators local IP, not my NAT's public
one. Something like Via: SIP/2.0/UDP 192.168.0.106:53230
The server replies correctly that RFC1918 IPs are not allowed.
I added a STUN test to the SipDemo and successfully retrieved my
public IP and port. But I can't find a way how to pass it on to my
created SipProfile or the SipManager.
My question:
Has anyone ever made an application working with the SIP API behind a
NAT?
How does the API handle NATs? How can I pass the information I got
from my own STUN client to the SIP API?
I know SipDroid and a lot of other SIP implementations, but they
all do not use the built-in API.
I added a STUN test to the SipDemo and successfully retrieved my
public IP and port. But I can't find a way how to pass it on to my
created SipProfile or the SipManager.
If you are behind symmetric NAT it doesn't matter, because a new NAT binding will be created for the outbound SIP connection, so the information you gathered with STUN is not really usable.
You shouldn't bother about NAT from a SIP API, the server needs to implement NAT traversal techniques for you.
There are cases in which you can actually do something from the client: when ICE is being used and you choose your own TURN server, but I don't think Android implements ICE and TRUN support yet. Even if it would, you'd still need to deploy a TRUN server...
Free services out there do implement NAT traversal techniques, you may try http://sip2sip.info for instance.