<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"></head><body ><div>"<span class="Apple-style-span" style="font-family: Calibri, sans-serif; font-size: 15px; ">So, tls is required for wss?"</span></div><div><span class="Apple-style-span" style="font-family: Calibri, sans-serif; font-size: 15px; "><br></span></div><div><span class="Apple-style-span" style="font-family: Calibri, sans-serif; font-size: 15px; ">Yes, as of the last rfc. It can work without it if the client software (browser) will accept it though by now most will treat it as insecure. I forget whether sipML5 will but my guess would be no. </span></div><div><br></div><div><br></div><br><br><br>-------- Original message --------<br>From: "Wilkins, Steve" <swwilkins@mitre.org> <br>Date: 11/24/2017 9:57 AM (GMT-08:00) <br>To: "Kamailio (SER) - Users Mailing List" <sr-users@lists.kamailio.org> <br>Subject: Re: [SR-Users] sipML5 through kamailio <br> <br><br>
<div class="WordSection1">
<p class="MsoNormal">Hello SamyGo,<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">So, tls is required for wss? I thought that when I set a listen to Kamailio-Server-IPAddress:10443 and I sent a request through that IP and Port, that Kamailio would at least see the request and attempt to do something with it. I will
go add tls and try again. Thank you!<o:p></o:p></p>
<p class="MsoNormal"><a name="_MailEndCompose"><o:p> </o:p></a></p>
<span style="mso-bookmark:_MailEndCompose"></span>
<p class="MsoNormal"><b>From:</b> sr-users [mailto:sr-users-bounces@lists.kamailio.org]
<b>On Behalf Of </b>SamyGo<br>
<b>Sent:</b> Thursday, November 23, 2017 12:40 PM<br>
<b>To:</b> Kamailio (SER) - Users Mailing List <sr-users@lists.kamailio.org><br>
<b>Subject:</b> Re: [SR-Users] sipML5 through kamailio<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<div>
<p class="MsoNormal">Can you clarify the IP addressing scheme as you've mentioned. There is no TLS interface?<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">Advertised address for 5060 but not for WSS interface. Both listen and advertise are public IPs ?<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">Also,you're handling WSS requests. Do you've xlog ines in the route[xhttp:request] to view when a request lands.!<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">My config has this:<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<div>
<p class="MsoNormal"><span style="font-family:"Courier New"">#!substdef "!MY_IP_ADDR!123.134.156.167!g"</span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><span style="font-family:"Courier New"">#!substdef "!MY_WS_PORT!6010!g"</span><o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class="MsoNormal"><span style="font-family:"Courier New"">#!substdef "!MY_WSS_PORT!6011!g"</span><o:p></o:p></p>
</div>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<div>
<p class="MsoNormal"><span style="font-family:"Courier New"">listen=tcp:MY_IP_ADDR:MY_WS_PORT</span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><span style="font-family:"Courier New"">listen=<b><span style="background:#FFE599">tls</span>:</b>MY_IP_ADDR:MY_WSS_PORT</span><o:p></o:p></p>
</div>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">Then the xhttp event route:<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">```<o:p></o:p></p>
</div>
<div>
<div>
<p class="MsoNormal"><span style="font-family:"Courier New"">event_route[xhttp:request] {</span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><span style="font-family:"Courier New""> set_reply_close();</span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><span style="font-family:"Courier New""> set_reply_no_connect();</span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal"><span style="font-family:"Courier New""> #Deny any HTTP requests on any port other than WS/WSS ports.</span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><span style="font-family:"Courier New""> if ($Rp != MY_WS_PORT && $Rp != MY_WSS_PORT ) {</span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><span style="font-family:"Courier New""> xlog("L_WARN", "HTTP request received on $Rp\n");</span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><span style="font-family:"Courier New""> xhttp_reply("403", "Forbidden", "", "");</span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><span style="font-family:"Courier New""> exit;</span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><span style="font-family:"Courier New""> }</span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal"><span style="font-family:"Courier New""> #Handle HTTP(s) onwards.</span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><span style="font-family:"Courier New""> xlog("L_INFO", "HTTP Request Received\n");</span><o:p></o:p></p>
</div>
</div>
<div>
<p class="MsoNormal"><span style="font-family:"Courier New"">```</span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<p class="MsoNormal">On Thu, Nov 23, 2017 at 12:18 PM, Wilkins, Steve <<a href="mailto:swwilkins@mitre.org" target="_blank">swwilkins@mitre.org</a>> wrote:<o:p></o:p></p>
<blockquote style="border:none;border-left:solid #CCCCCC 1.0pt;padding:0in 0in 0in 6.0pt;margin-left:4.8pt;margin-right:0in">
<div>
<div>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Hi Sammy,<o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">First of all, thank you for taking the time to respond.<o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Yes, port 10443 is opened. I have used this port before as asterisk’s WebRTC port and iptables shows it as open. No, I can’t even get a registration using the configuration I
listed. I have an xdbg log statement right after the request_route, and I see nothing. I do know that my xdbg logs are working though because, if I register or make a call using any sip tool, I see all my logging and everything works correctly.<o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">-Steve<o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><a name="m_3449783854072532162__MailEndCompose"> </a><o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><b>From:</b> sr-users [mailto:<a href="mailto:sr-users-bounces@lists.kamailio.org" target="_blank">sr-users-bounces@lists.kamailio.org</a>]
<b>On Behalf Of </b>SamyGo<br>
<b>Sent:</b> Thursday, November 23, 2017 12:00 PM<br>
<b>To:</b> Kamailio (SER) - Users Mailing List <<a href="mailto:sr-users@lists.kamailio.org" target="_blank">sr-users@lists.kamailio.org</a>><br>
<b>Subject:</b> Re: [SR-Users] sipML5 through kamailio<o:p></o:p></p>
<div>
<div>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
<div>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Hi Steve,<o:p></o:p></p>
<div>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Can you confirm that port 10443 is reachable behind the NAT to Kamailio server, validate iptables too Does your SIPml5 demo client register successfully to Kamailio? are there enough
xlog lines to print out if anything lands in Kamailio.<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Regards,<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Sammy<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
</div>
</div>
<div>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
<div>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">On Thu, Nov 23, 2017 at 11:34 AM, Wilkins, Steve <<a href="mailto:swwilkins@mitre.org" target="_blank">swwilkins@mitre.org</a>> wrote:<o:p></o:p></p>
<blockquote style="border:none;border-left:solid #CCCCCC 1.0pt;padding:0in 0in 0in 6.0pt;margin-left:4.8pt;margin-top:5.0pt;margin-right:0in;margin-bottom:5.0pt">
<div>
<div>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Hello,<o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">I am attempting to use sipML5 to test WebRTC. I have not been successful in getting messages through to Kamailio though. I am running Kamailio 5.0.3 on Cento 7.<o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><b>My listen’s in the kamailio configuration file are =>
</b><o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">listen=tcp:<a href="http://112.22.3.108:5060" target="_blank">112.22.3.108:5060</a> advertise
<a href="http://34.226.187.61:5060" target="_blank">34.226.187.61:5060</a><o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">listen=udp:<a href="http://112.22.3.108:5060" target="_blank">112.22.3.108:5060</a> advertise
<a href="http://34.226.187.61:5060" target="_blank">34.226.187.61:5060</a><o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">listen=tcp:<a href="http://112.22.3.108:10443" target="_blank">112.22.3.108:10443</a> (which I will use in the sipML5 Expert mode)<o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><b>My sipML5 settings are =>
</b><o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Public Identity -
<a href="sip:user1@112.22.3.108">sip:user1@112.22.3.108</a><o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Realm -
<b>112.22.3.108</b><o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><b>Export mode setting are =>
</b><o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">WebSocket Server URL -
<b>wss://<a href="http://112.22.3.108:10443" target="_blank">112.22.3.108:10443</a>
</b>(I have also tried <b>wss://<a href="http://112.22.3.108:10443/ws" target="_blank">112.22.3.108:10443/ws</a>)</b><o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">SIP outbound Proxy URL -
<b>udp://<a href="http://112.22.3.108:5060" target="_blank">112.22.3.108:5060</a>
</b>(I have also left this blank)<o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><b> </b><o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">When I make a call I see no Kamailio activity (I have logging at the start of request_route) so I am not sure where the configuration error is. If I change the sipML5 configuration
IP Address to use the asterisk IP Address, sipML5 works. My goal is to go WebRTC Client => Kamailio => Asterisk and eventually through some sort of media proxy.<o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Thank you,<o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">-Steve<o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
</div>
</div>
<p class="MsoNormal" style="mso-margin-top-alt:auto;margin-bottom:12.0pt"><br>
_______________________________________________<br>
Kamailio (SER) - Users Mailing List<br>
<a href="mailto:sr-users@lists.kamailio.org" target="_blank">sr-users@lists.kamailio.org</a><br>
<a href="https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users" target="_blank">https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users</a><o:p></o:p></p>
</blockquote>
</div>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
</div>
</div>
</div>
</div>
</div>
<p class="MsoNormal" style="margin-bottom:12.0pt"><br>
_______________________________________________<br>
Kamailio (SER) - Users Mailing List<br>
<a href="mailto:sr-users@lists.kamailio.org">sr-users@lists.kamailio.org</a><br>
<a href="https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users" target="_blank">https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users</a><o:p></o:p></p>
</blockquote>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</div>
</body>