Cant seem to send a fax through secure media

[grandpa_sam]

I've been trying to set up a fax server. I have successfully been able to send a fax under non SRTP settings with my SIP trunk. But when I turn those on Twilio sends me an error saying "SIP: Secure media required: SIP trunk or domain is required to use secure media (SRTP)." I'm supposedly using the same outbound route that I make calls with and those have been creating secure connections for quite some time now. I had to add this action to my outbound route in order to get the calls to work "export nolocal:rtp_secure_media = true:AES_CM_128_HMAC_SHA1_80."

Is there a similar action set I need to have in order to do faxes?

 

[km4ibc]

I'm facing the exact same issue with Twilio and SRTP with outbound faxes. I've been digging into FreeSwitch documentation thinking it may be something Mark did not anticipate in FusionPBX. Unfortunately, I'm not finding any reference to SRTP with faxing. I'm also a little confused as to how faxed are handled differently with FreeSwitch. It's clearly using the same outbound route because if I disable, it reverts back to the other carrier for sending. But as you discovered, it is not establishing the same encrypted connection as outbound voice.

Did you find any other information?

 

[grandpa_sam]

I'm afraid I have not come across any more information. Deadlines forced me to move on. The last I saw looking at the logs is that it seemed to do its own route matching and then just looked up the gateway information without doing any of the other actions

 

[grandpa_sam]

Tomorrow if you want I can spend a little time and pool any information I have

 

[km4ibc]

I'm certainly up for collaborating to find a solution for us both. I hate taking the efforts to secure everything only to have an ancient fax technology toss a wrench in the works. I've considered moving fax servers to their own tenant with its own outbound routing to send those on an unsecured Twilio trunk. It just seems like a band-aid approach.

I think I was following along the same path as you in regards to the fax seeming to do its own route. But what didn't make sense to me if I still had my prior carrier's route and could simply disable the new Twilio outbound route to make it work. So it had to be using that route somehow. I went digging into XML files being fed to FreeSwitch looking for some answer. As best I can determine from FreeSwitch documentation, I could not find any variable in the fax module to specify anything pertaining to encryption. My feeling at the moment is the outbound route is in fact being used but it is ignoring variables that aren't valid.

I have not confirmed this but were you able to receive faxes on the secured trunk?