<div dir="ltr"><div>Hi,</div><div>I am writing not for the problem with SIP calls but for other potential problems related to IPSEC client/server ports.</div><div>As I see from your pcscf.cfg you have:</div><div>  #!define IPSEC_CLIENT_PORT 5062<br>#!define IPSEC_SERVER_PORT 5063 </div><div>This is not OK because if you have more than one connected UE the client port for the second UE will overlap the server port. Check <a href="https://www.kamailio.org/docs/modules/5.4.x/modules/ims_ipsec_pcscf.html#idm103">ipsec_max_connections</a> parameter.</div><div>I suggest changing the values of the server port to 5100 or something bigger.</div><div><br></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Mon, 13 Apr 2020 at 22:37, Pavithra M <<a href="mailto:pavimohan3096@gmail.com">pavimohan3096@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="auto"><span style="color:rgb(34,34,34);font-family:arial,helvetica,sans-serif;font-size:small">Hi ,</span><div style="color:rgb(34,34,34);font-family:arial,helvetica,sans-serif;font-size:small" dir="auto"><br></div><div style="color:rgb(34,34,34);font-family:arial,helvetica,sans-serif;font-size:small" dir="auto">I have configured kamailio as an IMS server as VM based .</div><div style="color:rgb(34,34,34);font-family:arial,helvetica,sans-serif;font-size:small" dir="auto"><br></div><div style="color:rgb(34,34,34);font-family:arial,helvetica,sans-serif;font-size:small" dir="auto">PCSCF - 10.x.x.179</div><div style="color:rgb(34,34,34);font-family:arial,helvetica,sans-serif;font-size:small" dir="auto">ICSCF - 10.x.x.79</div><div style="color:rgb(34,34,34);font-family:arial,helvetica,sans-serif;font-size:small" dir="auto">SCSCF - 10.x.x.73</div><div style="color:rgb(34,34,34);font-family:arial,helvetica,sans-serif;font-size:small" dir="auto">HSS - 10.x.x.75</div><div style="color:rgb(34,34,34);font-family:arial,helvetica,sans-serif;font-size:small" dir="auto"><br></div><div style="color:rgb(34,34,34);font-family:arial,helvetica,sans-serif;font-size:small" dir="auto">I am using zoiper client for testing the call flow . The <b>registration is happening properly</b> in my both zoiper clients for hss configured users (alice and bob).</div><div style="color:rgb(34,34,34);font-family:arial,helvetica,sans-serif;font-size:small" dir="auto">When i am making an <b>INVITE , </b>I am getting <b>403 Forbidden - Domain not served </b>error from SCSCF.</div><div style="color:rgb(34,34,34);font-family:arial,helvetica,sans-serif;font-size:small" dir="auto"><br></div><div style="color:rgb(34,34,34);font-family:arial,helvetica,sans-serif;font-size:small" dir="auto">The Call Flow for invite is as follows . call from <a href="mailto:alice@sip.example.com" style="text-decoration-line:none;color:rgb(66,133,244)" target="_blank">alice@sip.example.com</a></div><div style="color:rgb(34,34,34);font-family:arial,helvetica,sans-serif;font-size:small" dir="auto"><br></div><div style="color:rgb(34,34,34);font-family:arial,helvetica,sans-serif;font-size:small" dir="auto">zoiper1 (UE) -> PCSCF ( INVITE <a href="mailto:sip%3Abob@sip.example.com" style="text-decoration-line:none;color:rgb(66,133,244)" target="_blank">sip:bob@sip.example.com</a>;transport=UDP )</div><div style="color:rgb(34,34,34);font-family:arial,helvetica,sans-serif;font-size:small" dir="auto">PCSCF -> SCSCF (  INVITE <a href="mailto:sip%3Abob@sip.example.com" style="text-decoration-line:none;color:rgb(66,133,244)" target="_blank">sip:bob@sip.example.com</a>;transport=UDP )</div><div style="color:rgb(34,34,34);font-family:arial,helvetica,sans-serif;font-size:small" dir="auto">SCSCF -> PCSCF (100 trying)</div><div style="color:rgb(34,34,34);font-family:arial,helvetica,sans-serif;font-size:small" dir="auto">SCSCF -> ICSCF   ( INVITE <a href="mailto:sip%3Abob@sip.example.com" style="text-decoration-line:none;color:rgb(66,133,244)" target="_blank">sip:bob@sip.example.com</a>;transport=UDP )</div><div style="color:rgb(34,34,34);font-family:arial,helvetica,sans-serif;font-size:small" dir="auto">ICSCF -> SCSCF (100 trying)</div><div style="color:rgb(34,34,34);font-family:arial,helvetica,sans-serif;font-size:small" dir="auto">ICSCF -> SCSCF ( INVITE <a href="mailto:sip%3Abob@sip.example.com" style="text-decoration-line:none;color:rgb(66,133,244)" target="_blank">sip:bob@sip.example.com</a>;transport=UDP )</div><div style="color:rgb(34,34,34);font-family:arial,helvetica,sans-serif;font-size:small" dir="auto">SCSCF -> ICSCF (100 trying)</div><div style="color:rgb(34,34,34);font-family:arial,helvetica,sans-serif;font-size:small" dir="auto">SCSCF -> ICSCF (<b>403 Forbidden - Domain not served</b>)</div><div style="color:rgb(34,34,34);font-family:arial,helvetica,sans-serif;font-size:small" dir="auto">ICSCF -> SCSCF (Request: ACK <a href="mailto:sip%3Abob@sip.example.com" style="text-decoration-line:none;color:rgb(66,133,244)" target="_blank">sip:bob@sip.example.com</a> | )</div><div style="color:rgb(34,34,34);font-family:arial,helvetica,sans-serif;font-size:small" dir="auto">ICSCF -> SCSCF ( 403 Forbidden - Domain not served )</div><div style="color:rgb(34,34,34);font-family:arial,helvetica,sans-serif;font-size:small" dir="auto">SCSCF -> PCSCF ( 403 Forbidden - Domain not served )</div><div style="color:rgb(34,34,34);font-family:arial,helvetica,sans-serif;font-size:small" dir="auto">PCSCF -> UE ( 403 Forbidden - Domain not served )</div><div style="color:rgb(34,34,34);font-family:arial,helvetica,sans-serif;font-size:small" dir="auto"><br></div><div style="color:rgb(34,34,34);font-family:arial,helvetica,sans-serif;font-size:small" dir="auto">Below are the alias configuration i have done in pcscf,icscf,scscf nodes</div><div style="color:rgb(34,34,34);font-family:arial,helvetica,sans-serif;font-size:small" dir="auto"><b>PCSCF.CFG</b></div><div style="color:rgb(34,34,34);font-family:arial,helvetica,sans-serif;font-size:small" dir="auto"># IP-Adress for incoming SIP-Traffic, in the following format:<br><br># SIP / UDP<br>listen=udp:10.x.x.179:4060<br># SIP / TCP<br>listen=tcp:10.x.x.179:4060<br># SIP / TCP/TLS<br>listen=tls:10.x.x.179:4060<br><br># IPSEC / UDP<br>#!define IPSEC_LISTEN_ADDR "0.0.0.0"<br>#!define IPSEC_CLIENT_PORT 5062<br>#!define IPSEC_SERVER_PORT 5063<br>#alias="<a href="http://sip.example.com:4060/" style="text-decoration-line:none;color:rgb(66,133,244)" target="_blank">sip.example.com:4060</a>"<br>alias=<a href="http://pcscf.sip.example.com:4060/" style="text-decoration-line:none;color:rgb(66,133,244)" target="_blank">pcscf.sip.example.com:4060</a><br><br>#!define MY_WS_PORT 80<br>#!define MY_WSS_PORT 443<br><br>#!define PCSCF_URL "sip:<a href="http://pcscf.sip.example.com:4060/" style="text-decoration-line:none;color:rgb(66,133,244)" target="_blank">pcscf.sip.example.com:4060</a>"<br><br>#!define TCP_PROCESSES 8<br><br>#!subst "/NETWORKNAME/<a href="http://sip.example.com/" style="text-decoration-line:none;color:rgb(66,133,244)" target="_blank">sip.example.com/</a>"<br>#!subst "/HOSTNAME/<a href="http://pcscf.sip.example.com/" style="text-decoration-line:none;color:rgb(66,133,244)" target="_blank">pcscf.sip.example.com/</a>"<br><b><br></b></div><div style="color:rgb(34,34,34);font-family:arial,helvetica,sans-serif;font-size:small" dir="auto"><b>ICSCF.CFG</b></div><div style="color:rgb(34,34,34);font-family:arial,helvetica,sans-serif;font-size:small" dir="auto"><b><br></b></div><div style="color:rgb(34,34,34);font-family:arial,helvetica,sans-serif;font-size:small" dir="auto"># SIP / UDP<br>listen=udp:10.x.x.79:4070<br># SIP / TCP<br>listen=tcp:10.x.x.79:4070<br># SIP / TCP/TLS<br>listen=tls:10.x.x.79:4071<br><br>alias="<a href="http://icscf.sip.example.com:4070/" style="text-decoration-line:none;color:rgb(66,133,244)" target="_blank">icscf.sip.example.com:4070</a>"<br><br>#!define NETWORKNAME "<a href="http://sip.example.com/" style="text-decoration-line:none;color:rgb(66,133,244)" target="_blank">sip.example.com</a>"<br>#!define HOSTNAME "<a href="http://icscf.sip.example.com/" style="text-decoration-line:none;color:rgb(66,133,244)" target="_blank">icscf.sip.example.com</a>"<br></div><div style="color:rgb(34,34,34);font-family:arial,helvetica,sans-serif;font-size:small" dir="auto"><br></div><div style="color:rgb(34,34,34);font-family:arial,helvetica,sans-serif;font-size:small" dir="auto"><b>SCSCF.CFG</b><br></div><div style="color:rgb(34,34,34);font-family:arial,helvetica,sans-serif;font-size:small" dir="auto"><br></div><div style="color:rgb(34,34,34);font-family:arial,helvetica,sans-serif;font-size:small" dir="auto"># SIP / UDP<br>listen=udp:10.x.x.73:4080<br># SIP / TCP<br>listen=tcp:10.x.x.73:4080<br># SIP / TCP/TLS<br>listen=tls:10.x.x.73:4081<br><br>#!define NETWORKNAME "<a href="http://sip.example.com/" style="text-decoration-line:none;color:rgb(66,133,244)" target="_blank">sip.example.com</a>"<br>#!define HOSTNAME "<a href="http://scscf.sip.example.com/" style="text-decoration-line:none;color:rgb(66,133,244)" target="_blank">scscf.sip.example.com</a>"<br>#!define URI "sip:<a href="http://scscf.sip.example.com:4080/" style="text-decoration-line:none;color:rgb(66,133,244)" target="_blank">scscf.sip.example.com:4080</a>"<br>alias=<a href="http://scscf.sip.example.com:4080/" style="text-decoration-line:none;color:rgb(66,133,244)" target="_blank">scscf.sip.example.com:4080</a><br><br># ENUM-Server to query:<br>#!define ENUM_SUFFIX "<a href="http://scscf.sip.example.com/" style="text-decoration-line:none;color:rgb(66,133,244)" target="_blank">scscf.sip.example.com</a>."<br></div><div style="color:rgb(34,34,34);font-family:arial,helvetica,sans-serif;font-size:small" dir="auto"><br></div><div style="color:rgb(34,34,34);font-family:arial,helvetica,sans-serif;font-size:small" dir="auto"><br></div><div style="color:rgb(34,34,34);font-family:arial,helvetica,sans-serif;font-size:small" dir="auto">Kindly let me know where i am missing . Kindly need help in this issue since the registration is happening successfully and dropping in the INVITE level.</div><div style="color:rgb(34,34,34);font-family:arial,helvetica,sans-serif;font-size:small" dir="auto">Kindly help.</div></div>
_______________________________________________<br>
Kamailio (SER) - Development Mailing List<br>
<a href="mailto:sr-dev@lists.kamailio.org" target="_blank">sr-dev@lists.kamailio.org</a><br>
<a href="https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-dev" rel="noreferrer" target="_blank">https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-dev</a><br>
</blockquote></div><br clear="all"><div><br></div>-- <br><div dir="ltr" class="gmail_signature"><div dir="ltr"><div>Best Regards,<br></div>Aleksandar Yosifov<br></div></div></div>