<p dir="ltr">We recently implemented strongswan project which supports ipsec.</p>
<p dir="ltr"><a href="https://www.strongswan.org/">https://www.strongswan.org/</a></p>
<div class="gmail_quote">On Jun 2, 2015 6:59 AM, "Måns Nilsson" <<a href="mailto:mansaxel@besserwisser.org">mansaxel@besserwisser.org</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Subject: [SR-Users] IPSec supporting open source SIP Server Date: Mon, Jun 01, 2015 at 02:51:00PM +0530 Quoting Priyaranjan Nayak (<a href="mailto:priyaranjan4169@gmail.com">priyaranjan4169@gmail.com</a>):<br>
> Hi All,<br>
><br>
> I need one IPSec supported opensource SIP server for testing my sip client<br>
> endpoint.Could you please tell me which SIP server supporting IPSec ?<br>
<br>
It is not the server but the operating system that handles the ipsec<br>
support. As Daniel wrote down-thread you can run an IPsec VPN endpoint<br>
on your server, or you can run ipsec in host-to-host mode.<br>
<br>
I run some replication connections protected by ipsec in host-to-host<br>
mode in my Kamailio environment, and it simply works from the application<br>
point of view. . In the ipsec policy setup I've defined that all traffic<br>
to a given host must be protected by AH / ESP and that goes for traffic<br>
to that host as well.<br>
<br>
Once this is in place, the IP stack will take the packets from the<br>
applications that match those rules and encapsulate them before they<br>
hit the wire, and also check that all packet from those hosts are<br>
correspondingly treated.<br>
<br>
The net result is that most if not all sensible applications will support<br>
ipsec once they are on a operating system that does do ipsec.<br>
<br>
For finding phones / terminals / devices that support ipsec, I assume<br>
that you will have to look a bit harder, but there are indications of<br>
openvpn support in snom phones, among others. Now, OpenVPN is not ipsec,<br>
it is a SSL tunnel, but given the pathetic state of the "broadband"<br>
that sometimes is the best one can achieve.<br>
<br>
--<br>
Måns Nilsson primary/secondary/besserwisser/machina<br>
MN-1334-RIPE <a href="tel:%2B46%20705%20989668" value="+46705989668">+46 705 989668</a><br>
Hello, GORRY-O!! I'm a GENIUS from HARVARD!!<br>
<br>_______________________________________________<br>
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list<br>
<a href="mailto:sr-users@lists.sip-router.org">sr-users@lists.sip-router.org</a><br>
<a href="http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users" target="_blank">http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users</a><br>
<br></blockquote></div>