The OpenIMSCore P-CSCF is capable of TLS encrypted connections over the Gm interface.

To enable TLS, the configuration script pcscf.cfg must be modified according to the commented lines. Please check this FAQ for more information on how make your P-CSCF TLS ready.

The OpenIMSCore P-CSCF is capable of dynamic IPSec communication over the Gm interface.

To test IPSec, we needed to slightly change SIPp. Here you can find SIPp with this patch applied. Mainly the modifications were required in order to extract the Cypher and Integrity Keys and pass them to the IPSec SA creating scripts.

To use TLS you need first OpenSSL installed. Then you need to re-make ser_ims with the following command:

cd /opt/OpenIMSCore/
make all include_modules=tls

Base on how you have compiled OpenSSL, you might need to add some extra parameters to the make above, like:

make all include_modules=tls TLS_EXTRA_LIBS="-lz -lkrb5" 

Download and install RTPProxy. You can get it from http://www.iptel.org/downloads. Then start it with the following command line:
rtpproxy -l 1.2.3.4 -s udp:127.0.0.1:34999 -f
Edit the pcscf.cfg and enable the RTPProxy:

Install the ipsec-tools. "setkey" is included there and it is used to set-up the IPSec Security Associations. Also, don't forget to check if you have IPSec AH and ESP compiled in your kernel.