SIP/TLS and SRTP support

Question

Hi,    A little confused at the moment - does v4 of the FortiOS (running on a 60C) support SIP/TLS and SRTP? I have a new requirement to provide these services to roaming managers, etc so looking for some insight - passing traffic to an Asterisk server behind the firewall.    Thanks - Ed

stephen_ren_FTNT · Answer

As far as I know,v4 does not support it.It' s a v5.0 new feature,v5.0 supports  SIP over SSL.  example topo:  SIP-Server(Asterisk)       |      FGT       |   Phone1    1. Create a voip profile with enable ssl as below:  config voip profile      edit " sip"           set extended-utm-log enable              config sip                  set log-violations enable                  set ssl-mode full                  set ssl-send-empty-frags disable                  set ssl-server-certificate " Fortinet_Factory"               end      next  end    2. configure the sip port as below:  FTG_200B (vdom1) # config sys setting    FTG_200B (settings) # get  ...  sip-tcp-port : 5060   sip-udp-port : 5060   sip-ssl-port : 5061      3. Create a firewall policy in which the above voip profile is enable  config firewall policy      edit 1          set srcintf " port10"           set dstintf " port9"           set srcaddr " all"           set dstaddr " all"           set action accept          set schedule " always"           set service " ALL"           set utm-status enable          set voip-profile " sip"           set profile-protocol-options " default"           set nat enable      next  end

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded