<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">
<div class="">Daniel Hello,</div>
<div class=""><br class="">
</div>
<div class="">Pasted below, 200 OK and Following ACK(Recorded at the client side via wireshark configured with private key)</div>
<div class=""><br class="">
</div>
<div class=""><br class="">
</div>
<div class="">BR,</div>
<div class="">Arik</div>
<div class=""><br class="">
</div>
<div class=""><br class="">
</div>
<div class="">Session Initiation Protocol (200)</div>
<div class=""> Status-Line: SIP/2.0 200 OK</div>
<div class=""> Message Header</div>
<div class=""> Via: SIP/2.0/TLS 192.168.2.2:48182;received=82.80.164.63;rport=33898;branch=z9hG4bKPjVppvYKQb4X5lJrYpod1wUN.j3KVLrEiT;alias</div>
<div class=""> Record-Route: <sips:10.168.10.227:5099;r2=on;lr=on;ftag=ZmXcXh6ReoLbMco46J0fCpKOHkUR1sWF;nat=yes></div>
<div class=""> Record-Route: <sips:70.36.25.65:443;transport=tls;r2=on;lr=on;ftag=ZmXcXh6ReoLbMco46J0fCpKOHkUR1sWF;nat=yes></div>
<div class=""> From: "number" <sips:<a href="mailto:17813000000@XXXXXX.com" class="">17813000000@XXXXXX.com</a>>;tag=ZmXcXh6ReoLbMco46J0fCpKOHkUR1sWF</div>
<div class=""> To: <sips:<a href="mailto:1111111@XXXXXX.com" class="">1111111@XXXXXX.com</a>>;tag=7t2StmvUeNpQD</div>
<div class=""> Call-ID: yekcL-0b2PhpgdQo52l921tjX1Z8wErH</div>
<div class=""> CSeq: 10885 INVITE</div>
<div class=""> Contact: <<a href="sip:1111111@10.168.10.200:5080;transport=tls" class="">sip:1111111@10.168.10.200:5080;transport=tls</a>></div>
<div class=""> User-Agent: FreeSWITCH-mod_sofia/1.6.20+git~20180123T214909Z~987c9b9a2a~64bit</div>
<div class=""> Accept: application/sdp</div>
<div class=""> Allow: INVITE, ACK, BYE, CANCEL, OPTIONS, MESSAGE, INFO, UPDATE, REGISTER, REFER, NOTIFY</div>
<div class=""> Require: timer</div>
<div class=""> Supported: timer, path, replaces</div>
<div class=""> Allow-Events: talk, hold, conference, refer</div>
<div class=""> Session-Expires: 1800;refresher=uac</div>
<div class=""> Content-Type: application/sdp</div>
<div class=""> Content-Disposition: session</div>
<div class=""> Content-Length: 1056</div>
<div class=""> Remote-Party-ID: "1111111" <<a href="sip:1111111@XXXXXX.com" class="">sip:1111111@XXXXXX.com</a>>;party=calling;privacy=off;screen=no</div>
<div class=""> Message Body</div>
<div class=""> Session Description Protocol</div>
<div class=""> Session Description Protocol Version (v): 0</div>
<div class=""> Owner/Creator, Session Id (o): FreeSWITCH 1528683321 1528683322 IN IP4 70.36.25.66</div>
<div class=""> Session Name (s): FreeSWITCH</div>
<div class=""> Connection Information (c): IN IP4 70.36.25.66</div>
<div class=""> Time Description, active time (t): 0 0</div>
<div class=""> Session Attribute (a): msid-semantic: WMS V60mDk4CUtzxt4H5xDQPB48KjzMcYE1K</div>
<div class=""> Media Description, name and address (m): audio 37680 RTP/SAVP 107 96</div>
<div class=""> Media Attribute (a): ice-ufrag:b6TC1SdbiQd6k5GL</div>
<div class=""> Media Attribute (a): ice-pwd:NtGGa3jbPjvwRLASIklz2oAa</div>
<div class=""> Media Attribute (a): candidate:5807878115 1 udp 659136 10.168.10.200 38056 typ host generation 0</div>
<div class=""> Media Attribute (a): candidate:5807878115 2 udp 659135 10.168.10.200 38057 typ host generation 0</div>
<div class=""> Media Attribute (a): ssrc:3542382753 cname:ASW42RxMaWauQHpe</div>
<div class=""> Media Attribute (a): ssrc:3542382753 msid:V60mDk4CUtzxt4H5xDQPB48KjzMcYE1K a0</div>
<div class=""> Media Attribute (a): ssrc:3542382753 mslabel:V60mDk4CUtzxt4H5xDQPB48KjzMcYE1K</div>
<div class=""> Media Attribute (a): ssrc:3542382753 label:V60mDk4CUtzxt4H5xDQPB48KjzMcYE1Ka0</div>
<div class=""> Media Attribute (a): rtpmap:107 opus/48000/2</div>
<div class=""> Media Attribute (a): rtpmap:96 telephone-event/8000</div>
<div class=""> Media Attribute (a): fmtp:107 useinbandfec=1; minptime=10; maxptime=40</div>
<div class=""> Media Attribute (a): fmtp:96 0-16</div>
<div class=""> Media Attribute (a): sendrecv</div>
<div class=""> Media Attribute (a): rtcp:37681</div>
<div class=""> Media Attribute (a): crypto:1 AES_CM_128_HMAC_SHA1_80 inline:/KCNveJuRh5lQ+g3YWnyb2QwQhl0GgdmxtKAJ5G3</div>
<div class=""> Media Attribute (a): ptime:20</div>
<div class=""> Media Attribute (a): candidate:K6gXQsPK0KD4MsGa 1 UDP 2130706431 70.36.25.66 37680 typ host</div>
<div class=""> Media Attribute (a): candidate:K6gXQsPK0KD4MsGa 2 UDP 2130706430 70.36.25.66 37681 typ host</div>
<div class=""> Media Attribute (a): end-of-candidates</div>
<div class=""><br class="">
</div>
<div class=""><br class="">
</div>
<div class=""><br class="">
</div>
<div class=""><br class="">
</div>
<div class=""> 1201 272.987349 192.168.2.2 70.36.25.65 SIP 695 Request: ACK
<a href="sip:1111111@10.168.10.200:5080;transport=tls" class="">sip:1111111@10.168.10.200:5080;transport=tls</a> | 1201</div>
<div class=""><br class="">
</div>
<div class="">Frame 1201: 695 bytes on wire (5560 bits), 695 bytes captured (5560 bits) on interface 0</div>
<div class="">Ethernet II, Src: Htc_50:62:7b (ac:37:43:50:62:7b), Dst: 9a:01:a7:d9:66:64 (9a:01:a7:d9:66:64)</div>
<div class="">Internet Protocol Version 4, Src: 192.168.2.2, Dst: 70.36.25.65</div>
<div class="">Transmission Control Protocol, Src Port: 48182, Dst Port: 443, Seq: 8791, Ack: 10303, Len: 629</div>
<div class="">Secure Sockets Layer</div>
<div class="">Session Initiation Protocol (ACK)</div>
<div class=""> Request-Line: ACK <a href="sip:1111111@10.168.10.200:5080;transport=tls" class="">
sip:1111111@10.168.10.200:5080;transport=tls</a> SIP/2.0</div>
<div class=""> Message Header</div>
<div class=""> Via: SIP/2.0/TLS 192.168.2.2:48182;rport;branch=z9hG4bKPjFpv1IqHt9ON8nS6zOYuUZ5HxhNTDTBq7;alias</div>
<div class=""> Max-Forwards: 70</div>
<div class=""> From: "number" <sips:<a href="mailto:17813000000@XXXXXXXX.com" class="">17813000000@XXXXXXXX.com</a>>;tag=ZmXcXh6ReoLbMco46J0fCpKOHkUR1sWF</div>
<div class=""> To: sips:<a href="mailto:1111111@XXXXXXX.com" class="">1111111@XXXXXXX.com</a>;tag=7t2StmvUeNpQD</div>
<div class=""> Call-ID: yekcL-0b2PhpgdQo52l921tjX1Z8wErH</div>
<div class=""> CSeq: 10885 ACK</div>
<div class=""> Route: <sips:70.36.25.65:443;transport=tls;lr;r2=on;ftag=ZmXcXh6ReoLbMco46J0fCpKOHkUR1sWF;nat=yes></div>
<div class=""> Route: <sips:10.168.10.227:5099;lr;r2=on;ftag=ZmXcXh6ReoLbMco46J0fCpKOHkUR1sWF;nat=yes></div>
<div class=""> Content-Length: 0</div>
<div class=""><br class="">
</div>
<div><br class="">
<blockquote type="cite" class="">
<div class="">On 11 Jun 2018, at 13:32, Daniel-Constantin Mierla <<a href="mailto:miconda@gmail.com" class="">miconda@gmail.com</a>> wrote:</div>
<br class="Apple-interchange-newline">
<div class="">
<div text="#000000" bgcolor="#FFFFFF" class="">
<p class="">Hello,</p>
<p class="">can you paste here the 200OK for INVITE sent out by kamailio and the ACK received by kamailio?</p>
<p class="">Cheers,<br class="">
Daniel<br class="">
</p>
<br class="">
<div class="moz-cite-prefix">On 11.06.18 09:51, Arik Halperin wrote:<br class="">
</div>
<blockquote type="cite" cite="mid:1623CA64-0131-4549-8CC4-1FFB41A4F365@mobilinq.io" class="">
Daniel, Thank you!
<div class=""><br class="">
</div>
<div class="">You are right about this.
<div class=""><br class="">
</div>
<div class="">I configured PJSIP not to check whether the contact contains SIPS. </div>
<div class=""><br class="">
</div>
<div class="">This solved the problem on one of my setups where I have one NIC that has a public IP.</div>
<div class=""><br class="">
</div>
<div class="">However on the original setup, the kamailio has one public IP and one private IP. In that setup, the ACK to the 200 OK is not forwarded over the private IP to the freeswitch. This only happens in TLS, when I work with TCP it works well. I believe
it is somehow connected to the record route, and I’m looking into PJSIP to try to find the answer, but is there anything I could do in the kamailio? </div>
<div class=""><br class="">
</div>
<div class="">I have the same problems with other SIP clients(Bria for example)</div>
<div class=""><br class="">
</div>
<div class=""><br class="">
</div>
<div class="">Thanks,</div>
<div class="">Arik Halperin<br class="">
<div class=""><br class="">
<blockquote type="cite" class="">
<div class="">On 11 Jun 2018, at 9:43, Daniel-Constantin Mierla <<a href="mailto:miconda@gmail.com" class="" moz-do-not-send="true">miconda@gmail.com</a>> wrote:</div>
<br class="Apple-interchange-newline">
<div class="">
<div text="#000000" bgcolor="#FFFFFF" class="">
<p class="">Hello,</p>
<p class="">Kamailio is not involved in the issue reported here. Practically, pjsip expects sips: scheme in the contact URI, which was set by FreeSwitch in 200ok. Maybe there is an option that you have to turn on for FreeSwitch to use sips: scheme.</p>
<p class="">Otherwise, you can try to replace sip with sips in kamailio config and do the reverse the other way.</p>
<p class="">Cheers,<br class="">
Daniel<br class="">
</p>
<br class="">
<div class="moz-cite-prefix">On 05.06.18 06:56, Arik Halperin wrote:<br class="">
</div>
<blockquote type="cite" cite="mid:140EA09C-16A9-4FF2-9370-D03E6AAD2B08@mobilinq.io" class="">
Hello,
<div class=""><br class="">
</div>
<div class="">I’m using TLS</div>
<div class=""><br class="">
</div>
<div class="">After receiving 200OK from kamailio:</div>
<div class=""><br class="">
</div>
<div class="">
<div class="">
<div class="">r2voip.clear2voipdialer I/(NativeSdk_2_0) 1528174138320 PJSIP: (NativeSdk_2_0) 1528174138320 PJSIP:2018-05 07:48:58.319 pjsua_core.c RX 2203 bytes Response msg 200/INVITE/cseq=8107 (rdata0x7a2c56fb38) from TLS 70.36.25.65:443:</div>
<div class=""> SIP/2.0 200 OK</div>
<div class=""> Via: SIP/2.0/TLS 10.134.232.109:44097;received=109.253.173.146;rport=31373;branch=z9hG4bKPj4MV5llP9SW5ufk-OcFB-Qh78PmIQFrRk;alias</div>
<div class=""> Record-Route: <sips:10.168.10.227:5099;r2=on;lr=on;ftag=mgMLDFMLmCZGzcpASoODG8XgeFJVtcRO;nat=yes></div>
<div class=""> Record-Route: <sips:70.36.25.65:443;transport=tls;r2=on;lr=on;ftag=mgMLDFMLmCZGzcpASoODG8XgeFJVtcRO;nat=yes></div>
<div class=""> From: "number" <sips:<a href="mailto:972523391991@kamprod.telemessage.com" class="" moz-do-not-send="true">972523391991@XXXXXXX.com</a>>;tag=mgMLDFMLmCZGzcpASoODG8XgeFJVtcRO</div>
<div class=""> To: <sips:<a href="mailto:1111111@kamprod.telemessage.com" class="" moz-do-not-send="true">1111111@XXXXXX.com</a>>;tag=64H63g861ajHj</div>
<div class=""> Call-ID: Sq4jR85o3Caz2XTXo-71FKAdbJ1x9vz2</div>
<div class=""> CSeq: 8107 INVITE</div>
<div class=""> Contact: <<a href="sip:1111111@10.168.10.200:5080;transport=tls" class="" moz-do-not-send="true">sip:1111111@10.168.10.200:5080;transport=tls</a>></div>
<div class=""> User-Agent: FreeSWITCH-mod_sofia/1.6.20+git~20180123T214909Z~987c9b9a2a~64bit</div>
<div class=""> Accept: application/sdp</div>
<div class=""> Allow: INVITE, ACK, BYE, CANCEL, OPTIONS, MESSAGE, INFO, UPDATE, REGISTER, REFER, NOTIFY</div>
<div class=""> Require: timer</div>
<div class=""> Supported: ti</div>
</div>
<div class=""><br class="">
</div>
<div class=""><br class="">
</div>
<div class=""><b class="">PJSIP responds with:</b></div>
<div class=""><b class=""><br class="">
</b></div>
<div class=""><b class="">Secure dialog requires SIPS scheme in Contact and Record-Route headers, ending the session</b></div>
</div>
<div class=""><b class=""><br class="">
</b></div>
<div class="">What is the reason for this? How can I fix this issue?</div>
<div class=""><br class="">
</div>
<div class="">Thanks,</div>
<div class="">Arik Halperin</div>
<!--'"--><br class="">
<fieldset class="mimeAttachmentHeader"></fieldset> <br class="">
<pre class="" wrap="">_______________________________________________
Kamailio (SER) - Users Mailing List
<a class="moz-txt-link-abbreviated" href="mailto:sr-users@lists.kamailio.org" moz-do-not-send="true">sr-users@lists.kamailio.org</a>
<a class="moz-txt-link-freetext" href="https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users" moz-do-not-send="true">https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users</a>
</pre>
</blockquote>
<br class="">
<pre class="moz-signature" cols="72">--
Daniel-Constantin Mierla -- <a class="moz-txt-link-abbreviated" href="http://www.asipto.com/" moz-do-not-send="true">www.asipto.com</a>
<a class="moz-txt-link-abbreviated" href="http://www.twitter.com/miconda" moz-do-not-send="true">www.twitter.com/miconda</a> -- <a class="moz-txt-link-abbreviated" href="http://www.linkedin.com/in/miconda" moz-do-not-send="true">www.linkedin.com/in/miconda</a>
Kamailio World Conference -- <a class="moz-txt-link-abbreviated" href="http://www.kamailioworld.com/" moz-do-not-send="true">www.kamailioworld.com</a></pre>
</div>
</div>
</blockquote>
</div>
<br class="">
</div>
</div>
</blockquote>
<br class="">
<pre class="moz-signature" cols="72">--
Daniel-Constantin Mierla -- <a class="moz-txt-link-abbreviated" href="http://www.asipto.com/">www.asipto.com</a>
<a class="moz-txt-link-abbreviated" href="http://www.twitter.com/miconda">www.twitter.com/miconda</a> -- <a class="moz-txt-link-abbreviated" href="http://www.linkedin.com/in/miconda">www.linkedin.com/in/miconda</a>
Kamailio World Conference -- <a class="moz-txt-link-abbreviated" href="http://www.kamailioworld.com/">www.kamailioworld.com</a></pre>
</div>
</div>
</blockquote>
</div>
<br class="">
</body>
</html>