while FreePBX is fine with my provider, I gave the SBC (as VM) a try, but that didn’t work with encrypted media. I found that when making a call, the SBC sends two media proposals in the SIP-INVITE with the SDP-request, one with RTP/SAVP and a a=crypto-section and one as RTP/AVP without a=crypto.
Here’s the question: How can I configure the SIP-Profile / -Trunk to only send the crypto-proposal?
I think what it does ist called “opportunistic RTP”, I found a draft-RFC somewhere. My provider does not allow that and terminates the call with “488 Secure RTP is forced”.
I stumbled across Lync-compatibility and “secure AVP” (in the SIP-profile), where, when enabled, the INVITE only contains RTP/AVP but with a a=crypto-line. That is non-standard but outgoing calls work that way; sadly, incoming calls don’t. So I’m guessing that is not the way - not knowing what it does anyways.
Has anyone had the problem before (and a solution at hand)?