<div dir="ltr">Hello all!<div><br></div><div>Does anyone know if function tcp_set_otcpid() can be used in "event_route[tm:local-request]"? I added this to the configuration:</div><blockquote style="margin:0 0 0 40px;border:none;padding:0px"><div><i>$var(conid) = 10;</i></div><div><i>tcp_set_otcpid("$var(conid)");</i></div></blockquote><div>... and was expecting that Kamailio will not find a match (there is no connection id #10 at this point), go here <a href="https://github.com/kamailio/kamailio/blob/master/src/core/tcp_main.c#L1615">https://github.com/kamailio/kamailio/blob/master/src/core/tcp_main.c#L1615</a> and then initiate a new connection <a href="https://github.com/kamailio/kamailio/blob/master/src/core/tcp_main.c#L1993">https://github.com/kamailio/kamailio/blob/master/src/core/tcp_main.c#L1993</a>. But it went to <a href="https://github.com/kamailio/kamailio/blob/master/src/core/tcp_main.c#L1594">https://github.com/kamailio/kamailio/blob/master/src/core/tcp_main.c#L1594</a> and could find a match:</div><blockquote style="margin:0 0 0 40px;border:none;padding:0px"><div><i>Aug  9 17:08:31 kamailio-dev-2 /usr/sbin/kamailio[3858]: DEBUG: <core> [core/tcp_main.c:1610]: _tcpconn_find(): found connection by peer address (id: 2)</i></div></blockquote><div><br></div><div>Thanks a lot!</div><div><br></div><div>Regards, Volodymyr Ivanets.</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">пт, 6 серп. 2021 о 15:53 Володимир Іванець <<a href="mailto:volodyaivanets@gmail.com">volodyaivanets@gmail.com</a>> пише:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">Or maybe some special "id" to tell Kamailio to skip the verification and just create a new connection? Then I could use the real "id" for further outbound traffic.<div><br></div><div>Thank you!</div><div><br></div><div>Regards, Volodymyr Ivanets.</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">пт, 6 серп. 2021 о 15:45 Володимир Іванець <<a href="mailto:volodyaivanets@gmail.com" target="_blank">volodyaivanets@gmail.com</a>> пише:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">Hello Daniel!<div><br></div><div>Thank you for the suggestion. Unfortunately adding the "tcp_connection_match=1" did not made a difference. Kamailio found other connection to the same peer and used it instead:</div><blockquote style="margin:0px 0px 0px 40px;border:none;padding:0px"><div><i><core> [core/tcp_main.c:1610]: _tcpconn_find(): found connection by peer address (id: 2)</i></div><div><i><br></i></div></blockquote>Also, it looks like the answer is in this comment: <a href="https://github.com/kamailio/kamailio/blob/master/src/core/tcp_main.c#L1563" target="_blank">https://github.com/kamailio/kamailio/blob/master/src/core/tcp_main.c#L1563</a>. And below are active tls connections for the previous trunk. Is there a way to add an additional field like a "tag" that could be used in peer matching as well? Otherwise, I guess the only option I have is to run separate instances of Kamailio with a very basic configuration for each MS Teams connection.<div><br></div><blockquote style="margin:0px 0px 0px 40px;border:none;padding:0px"><i># kamcmd tls.list<br>{<br>        id: 2<br>        timeout: 0<br>        src_ip: 52.114.75.24<br>        src_port: 5061<br>        dst_ip: 172.16.30.206<br>        <b>dst_port: 0</b><br>        cipher: ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(256) Mac=AEAD<br>        ct_wq_size: 0<br>        enc_rd_buf: 0<br>        flags: 2<br>        state: established<br>}<br>{<br>        id: 3<br>        timeout: 0<br>        src_ip: 52.114.75.24<br>        src_port: 6272<br>        dst_ip: 172.16.30.206<br>        dst_port: 5063<br>        cipher: AES256-GCM-SHA384       TLSv1.2 Kx=RSA      Au=RSA  Enc=AESGCM(256) Mac=AEAD<br>        ct_wq_size: 0<br>        enc_rd_buf: 0<br>        flags: 2<br>        state: established<br>}<br>{<br>        id: 4<br>        timeout: 581<br>        src_ip: 52.114.75.24<br>        src_port: 6273<br>        dst_ip: 172.16.30.206<br>        dst_port: 5063<br>        cipher: AES256-GCM-SHA384       TLSv1.2 Kx=RSA      Au=RSA  Enc=AESGCM(256) Mac=AEAD<br>        ct_wq_size: 0<br>        enc_rd_buf: 0<br>        flags: 2<br>        state: established</i><div><i>} </i></div><div><i><br></i></div></blockquote>Thank you!<div><br></div><div>Regards, Volodymyr Ivanets.</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">ср, 4 серп. 2021 о 13:45 Daniel-Constantin Mierla <<a href="mailto:miconda@gmail.com" target="_blank">miconda@gmail.com</a>> пише:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
  
    
  
  <div>
    <p>Hello,</p>
    <p>can you set
      <a href="https://www.kamailio.org/wiki/cookbooks/5.5.x/core#tcp_connection_match" target="_blank">https://www.kamailio.org/wiki/cookbooks/5.5.x/core#tcp_connection_match</a>
      ?</p>
    <p>It may work only for connections accepted by Kamailio, but worth
      a try.<br>
    </p>
    <p>Cheers,<br>
      Daniel<br>
    </p>
    <div>On 03.08.21 14:48, Володимир Іванець
      wrote:<br>
    </div>
    <blockquote type="cite">
      
      <div dir="ltr">Hello Daniel,
        <div><br>
        </div>
        <div>Yes, I have "socket=tls:<a href="http://172.16.30.206:5062" target="_blank">172.16.30.206:5062</a>" and
          "socket=tls:<a href="http://172.16.30.206:5063" target="_blank">172.16.30.206:5063</a>" attributes
          for corresponding records in the Dispatcher configuration
          table. $fs prints out correct values in the
          "event_route[tm:local-request]".</div>
        <div><br>
        </div>
        <div>But I thought that TCP/TLS connections are established from
          a random port to a destination port on the peer side. And then
          the remote peer connects from its random port to our port
          5062/5063.</div>
        <div><br>
        </div>
        <div>If understood Kamailio log correctly when it is about to
          establish a second connection to the same peer it sees an
          active connection for the previous trunk and uses it instead
          of creating a new one.</div>
        <div><br>
        </div>
        <div>Thank you!</div>
        <div><br>
        </div>
        <div>Regards, Volodymyr Ivanets.</div>
      </div>
      <br>
      <div class="gmail_quote">
        <div dir="ltr" class="gmail_attr">пн, 2 серп. 2021 о 22:21
          Daniel-Constantin Mierla <<a href="mailto:miconda@gmail.com" target="_blank">miconda@gmail.com</a>>
          пише:<br>
        </div>
        <blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
          <div>
            <p>Hello,</p>
            <p>do you force local send socket?</p>
            <p>Cheers,<br>
              Daniel<br>
            </p>
            <div>On 02.08.21 18:21, Володимир Іванець wrote:<br>
            </div>
            <blockquote type="cite">
              <div dir="ltr">Hello Daniel!
                <div><br>
                </div>
                <div>I updated Kamailio to the latest released version.
                  The problem is that still with
                  tls_set_connect_server_id() I can not make a single
                  instance of Kamailio connect to multiple MS Teams
                  domains. I use a single IP address with different
                  ports for different trunks. I can see it establishing
                  a connection to one trunk and using it for other
                  domains.</div>
                <div><br>
                </div>
                <div>Is there a way to force Kamailio to make a new TLS
                  connection to the same peer address that it is already
                  connected to?</div>
                <div><br>
                </div>
                <div>Thank you!</div>
                <div><br>
                </div>
                <div>Regards, Volodymyr Ivanets.</div>
              </div>
              <br>
              <div class="gmail_quote">
                <div dir="ltr" class="gmail_attr">пн, 2 серп. 2021 о
                  13:44 Daniel-Constantin Mierla <<a href="mailto:miconda@gmail.com" target="_blank">miconda@gmail.com</a>>
                  пише:<br>
                </div>
                <blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
                  <div>
                    <p>Hello,</p>
                    <p>upgrading is the recommended way, indeed, if you
                      want to use tls_set_connect_server_id(). For older
                      version you may want to try looping back to
                      kamailio (can be over udp) and the use the xavps.
                      Adds some overhead and hops, but if you are stuck
                      to a version and can't really upgrade soon, might
                      be an option to look at.</p>
                    <p>Cheers,<br>
                      Daniel<br>
                    </p>
                    <div>On 29.07.21 18:48, Володимир Іванець wrote:<br>
                    </div>
                    <blockquote type="cite">
                      <div dir="ltr">Hello Rob!
                        <div><br>
                        </div>
                        <div>Yes, I'm using Letsencrypt while I'm
                          testing. But I would like to be able to use
                          different certificates with different sockets.</div>
                        <div><br>
                        </div>
                        <div>I found this discussion <a href="https://github.com/kamailio/kamailio/issues/2413" target="_blank">https://github.com/kamailio/kamailio/issues/2413</a>.
                          Looks like I need to use
                          "tls_set_connect_server_id()" instead of
                          setting $xavp(tls=>server_name)" and
                          "$xavp(tls[0]=>server_id)". Unfortunately
                          I'm currently using Kamailio v5.4 on my test
                          system and this function is not available. I
                          will update Kamailio and give it another try.
                          Then I will update everyone in the hope it
                          will be useful for someone :)</div>
                        <div><br>
                        </div>
                        <div>Thank you!</div>
                        <div><br>
                        </div>
                        <div>Regards, Volodymyr Ivanets</div>
                      </div>
                      <br>
                      <div class="gmail_quote">
                        <div dir="ltr" class="gmail_attr">чт, 29 лип.
                          2021 о 19:07 Rob van den Bulk <<a href="mailto:rob.van.den.bulk@gmail.com" target="_blank">rob.van.den.bulk@gmail.com</a>>
                          пише:<br>
                        </div>
                        <blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
                          <div>
                            <div style="color:rgb(33,33,33);background-color:rgb(255,255,255)" dir="auto"> Hello, are u using
                              letsencrypt?</div>
                            <div style="color:rgb(33,33,33);background-color:rgb(255,255,255)" dir="auto"> <br>
                            </div>
                            <div style="color:rgb(33,33,33);background-color:rgb(255,255,255)" dir="auto"> U can use a multi domain.</div>
                            <div style="color:rgb(33,33,33);background-color:rgb(255,255,255)" dir="auto"> <br>
                            </div>
                            <div style="color:rgb(33,33,33);background-color:rgb(255,255,255)" dir="auto"> Muti domain names in one
                              certificate </div>
                            <div id="gmail-m_5678364894436833869gmail-m_-3001795702805371351gmail-m_-6632762735013147973gmail-m_1139423320388653005gmail-m_-6848938456874736057gmail-m_-6409659204268948705ms-outlook-mobile-signature">
                              <div><br>
                              </div>
                              <a href="https://aka.ms/AAb9ysg" target="_blank">Outlook
                                voor Android</a> downloaden</div>
                            <hr style="display:inline-block;width:98%">
                            <div id="gmail-m_5678364894436833869gmail-m_-3001795702805371351gmail-m_-6632762735013147973gmail-m_1139423320388653005gmail-m_-6848938456874736057gmail-m_-6409659204268948705divRplyFwdMsg" dir="ltr"><font style="font-size:11pt" face="Calibri, sans-serif" color="#000000"><b>From:</b> sr-users
                                <<a href="mailto:sr-users-bounces@lists.kamailio.org" target="_blank">sr-users-bounces@lists.kamailio.org</a>>
                                on behalf of Володимир Іванець <<a href="mailto:volodyaivanets@gmail.com" target="_blank">volodyaivanets@gmail.com</a>><br>
                                <b>Sent:</b> Thursday, July 29, 2021
                                4:44:16 PM<br>
                                <b>To:</b> Kamailio (SER) - Users
                                Mailing List <<a href="mailto:sr-users@lists.kamailio.org" target="_blank">sr-users@lists.kamailio.org</a>><br>
                                <b>Subject:</b> [SR-Users] Integration
                                with multiple MS Teams instances</font>
                              <div> </div>
                            </div>
                            <div>
                              <div dir="ltr">Hello all!
                                <div><br>
                                </div>
                                <div>I was able to connect Kamailio with
                                  MS Teams and now trying to add one
                                  more Teams instance. It looks like I
                                  have some misconfiguration or there is
                                  a bug.</div>
                                <div><br>
                                </div>
                                <div>My test server has 2 domain records
                                  pointing at it (<a href="http://kamailio.domain1.com" target="_blank">kamailio.domain1.com</a>
                                  and <a href="http://kamailio.domain2.com" target="_blank">kamailio.domain2.com</a>).
                                  My tls.cfg configuration file looks
                                  like this. As you can see the Default
                                  section is configured with a <a href="http://kamailio.domain1.com" target="_blank">kamailio.domain1.com</a>
                                  sertificate:</div>
                                <blockquote style="margin:0px 0px 0px 40px;border:none;padding:0px">
                                  <div><i>[server:default]</i></div>
                                  <div><i>method = TLSv1.0+</i></div>
                                  <div><i>require_certificate = no</i></div>
                                  <div><i>verify_certificate = no</i></div>
                                  <div><i>private_key =
                                      /var/kamailio/certificates/<a href="http://kamailio.domain1.com/server/key.pem" target="_blank">kamailio.domain1.com/server/key.pem</a></i></div>
                                  <div><i>certificate =
                                      /var/kamailio/certificates/<a href="http://kamailio.domain1.com/server/cert.pem" target="_blank">kamailio.domain1.com/server/cert.pem</a></i></div>
                                  <div><i>ca_list =
                                      /var/kamailio/certificates/<a href="http://kamailio.domain1.com/CA/cert.pem" target="_blank">kamailio.domain1.com/CA/cert.pem</a></i></div>
                                </blockquote>
                                <div><i><br>
                                  </i></div>
                                <blockquote style="margin:0px 0px 0px 40px;border:none;padding:0px">
                                  <div><i>[client:default]</i></div>
                                  <div><i>method = TLSv1.0+</i></div>
                                  <div><i>require_certificate = no</i></div>
                                  <div><i>verify_certificate = no</i></div>
                                  <div><i>private_key =
                                      /var/kamailio/certificates/<a href="http://kamailio.domain1.com/server/key.pem" target="_blank">kamailio.domain1.com/server/key.pem</a></i></div>
                                  <div><i>certificate =
                                      /var/kamailio/certificates/<a href="http://kamailio.domain1.com/server/cert.pem" target="_blank">kamailio.domain1.com/server/cert.pem</a></i></div>
                                  <div><i>ca_list =
                                      /var/kamailio/certificates/<a href="http://kamailio.domain1.com/CA/cert.pem" target="_blank">kamailio.domain1.com/CA/cert.pem</a></i></div>
                                </blockquote>
                                <div><i><br>
                                  </i></div>
                                <div><i><br>
                                  </i></div>
                                <blockquote style="margin:0px 0px 0px 40px;border:none;padding:0px">
                                  <div><i>[server:<a href="http://172.16.30.206:5062" target="_blank">172.16.30.206:5062</a>]</i></div>
                                  <div><i>method = TLSv1.0+</i></div>
                                  <div><i>require_certificate = no</i></div>
                                  <div><i>verify_certificate = no</i></div>
                                  <div><i>private_key =
                                      /var/kamailio/certificates/<a href="http://kamailio.domain1.com/server/key.pem" target="_blank">kamailio.domain1.com/server/key.pem</a></i></div>
                                  <div><i>certificate =
                                      /var/kamailio/certificates/<a href="http://kamailio.domain1.com/server/cert.pem" target="_blank">kamailio.domain1.com/server/cert.pem</a></i></div>
                                  <div><i>ca_list =
                                      /var/kamailio/certificates/<a href="http://kamailio.domain1.com/CA/cert.pem" target="_blank">kamailio.domain1.com/CA/cert.pem</a></i></div>
                                  <div><i>server_name = "<a href="http://kamailio.domain1.com" target="_blank">kamailio.domain1.com</a>"</i></div>
                                  <div><i>server_id = "</i><i>"<a href="http://kamailio.domain1.com" target="_blank">kamailio.domain1.com</a>"</i><i><br>
                                    </i></div>
                                </blockquote>
                                <div><i><br>
                                  </i></div>
                                <blockquote style="margin:0px 0px 0px 40px;border:none;padding:0px">
                                  <div><i>[client:<a href="http://172.16.30.206:5062" target="_blank">172.16.30.206:5062</a>]</i></div>
                                  <div><i>method = TLSv1.0+</i></div>
                                  <div><i>require_certificate = no</i></div>
                                  <div><i>verify_certificate = no</i></div>
                                  <div><i>private_key =
                                      /var/kamailio/certificates/<a href="http://kamailio.domain1.com/server/key.pem" target="_blank">kamailio.domain1.com/server/key.pem</a></i></div>
                                  <div><i>certificate =
                                      /var/kamailio/certificates/<a href="http://kamailio.domain1.com/server/cert.pem" target="_blank">kamailio.domain1.com/server/cert.pem</a></i></div>
                                  <div><i>ca_list =
                                      /var/kamailio/certificates/<a href="http://kamailio.domain1.com/CA/cert.pem" target="_blank">kamailio.domain1.com/CA/cert.pem</a></i></div>
                                </blockquote>
                                <div><i><br>
                                    <br>
                                  </i></div>
                                <blockquote style="margin:0px 0px 0px 40px;border:none;padding:0px">
                                  <div><i>[server:<a href="http://172.16.30.206:5063" target="_blank">172.16.30.206:5063</a>]</i></div>
                                  <div><i>method = TLSv1.0+</i></div>
                                  <div><i>require_certificate = no</i></div>
                                  <div><i>verify_certificate = no</i></div>
                                  <div><i>private_key =
                                      /var/kamailio/certificates/<a href="http://kamailio.domain2.com/server/key.pem" target="_blank">kamailio.domain2.com/server/key.pem</a></i></div>
                                  <div><i>certificate =
                                      /var/kamailio/certificates/<a href="http://kamailio.domain2.com/server/cert.pem" target="_blank">kamailio.domain2.com/server/cert.pem</a></i></div>
                                  <div><i>ca_list =
                                      /var/kamailio/certificates/<a href="http://kamailio.domain2.com/CA/cert.pem" target="_blank">kamailio.domain2.com/CA/cert.pem</a></i></div>
                                  <div><i>server_name = "<a href="http://kamailio.domain2.com" target="_blank">kamailio.domain2.com</a>"</i></div>
                                </blockquote>
                                <blockquote style="margin:0px 0px 0px 40px;border:none;padding:0px">
                                  <div><i>server_id = "</i><i>"<a href="http://kamailio.domain2.com" target="_blank">kamailio.domain2.com</a>"</i></div>
                                </blockquote>
                                <div><i><br>
                                  </i></div>
                                <blockquote style="margin:0px 0px 0px 40px;border:none;padding:0px">
                                  <div><i>[client:<a href="http://172.16.30.206:5063" target="_blank">172.16.30.206:5063</a>]</i></div>
                                  <div><i>method = TLSv1.0+</i></div>
                                  <div><i>require_certificate = no</i></div>
                                  <div><i>verify_certificate = no</i></div>
                                  <div><i>private_key =
                                      /var/kamailio/certificates/<a href="http://kamailio.domain2.com/server/key.pem" target="_blank">kamailio.domain2.com/server/key.pem</a></i></div>
                                  <div><i>certificate =
                                      /var/kamailio/certificates/<a href="http://kamailio.domain2.com/server/cert.pem" target="_blank">kamailio.domain2.com/server/cert.pem</a></i></div>
                                  <div><i>ca_list =
                                      /var/kamailio/certificates/<a href="http://kamailio.domain2.com/CA/cert.pem" target="_blank">kamailio.domain2.com/CA/cert.pem</a></i></div>
                                </blockquote>
                                <div><br>
                                </div>
                                <div>The dispatcher configuration table
                                  looks like this:</div>
                                <blockquote style="margin:0px 0px 0px 40px;border:none;padding:0px">
                                  <div><font face="monospace">+----+-------+----------------------------------------------+-------+----------+--------------------------------------------------------------------+-------------+</font></div>
                                  <div><font face="monospace">| id |
                                      setid | destination              
                                                         | flags |
                                      priority | attrs                 
                                                                       
                                                | description |</font></div>
                                  <div><font face="monospace">+----+-------+----------------------------------------------+-------+----------+--------------------------------------------------------------------+-------------+</font></div>
                                  <div><font face="monospace">|  1 |   
                                       1 | sip:<a href="http://sip.pstnhub.microsoft.com" target="_blank">sip.pstnhub.microsoft.com</a>;transport=tls
                                       |     0 |        3 |
                                      socket=tls:172.16.30.206:5062;ping_from=sip:<a href="http://kamailio.domain1.com" target="_blank">kamailio.domain1.com</a>   |
                                      MS Teams 1  |</font></div>
                                  <div><font face="monospace">|  2 |   
                                       2 | sip:<a href="http://sip.pstnhub.microsoft.com" target="_blank">sip.pstnhub.microsoft.com</a>;transport=tls
                                       |     0 |        3 |
                                      socket=tls:172.16.30.206:5063;ping_from=sip:<a href="http://kamailio.domain2.com" target="_blank">kamailio.domain2.com</a>   |
                                      MS Teams 2  |</font></div>
                                  <div><font face="monospace">+----+-------+----------------------------------------------+-------+----------+--------------------------------------------------------------------+-------------+</font></div>
                                </blockquote>
                                <div><br>
                                </div>
                                <div><br>
                                </div>
                                <div>When Kamailio is started only
                                  connection with the first trunk is
                                  established:</div>
                                <blockquote style="margin:0px 0px 0px 40px;border:none;padding:0px">
                                  <div><i># kamcmd tls.list</i></div>
                                  <div><i>{</i></div>
                                  <div><i>        id: 1</i></div>
                                  <div><i>        timeout: 0</i></div>
                                  <div><i>        src_ip: 52.114.75.24</i></div>
                                  <div><i>        src_port: 5061</i></div>
                                  <div><i>        dst_ip: 172.16.30.206</i></div>
                                  <div><i>        dst_port: 0</i></div>
                                  <div><i>        cipher:
                                      ECDHE-RSA-AES256-GCM-SHA384
                                      TLSv1.2 Kx=ECDH     Au=RSA
                                       Enc=AESGCM(256) Mac=AEAD</i></div>
                                  <div><i>        ct_wq_size: 0</i></div>
                                  <div><i>        enc_rd_buf: 0</i></div>
                                  <div><i>        flags: 2</i></div>
                                  <div><i>        state: established</i></div>
                                  <div><i>}</i></div>
                                  <div><i>{</i></div>
                                  <div><i>        id: 2</i></div>
                                  <div><i>        timeout: 0</i></div>
                                  <div><i>        src_ip: 52.114.75.24</i></div>
                                  <div><i>        src_port: 7810</i></div>
                                  <div><i>        dst_ip: 172.16.30.206</i></div>
                                  <div><i>        dst_port: 5062</i></div>
                                  <div><i>        cipher:
                                      AES256-GCM-SHA384       TLSv1.2
                                      Kx=RSA      Au=RSA
                                       Enc=AESGCM(256) Mac=AEAD</i></div>
                                  <div><i>        ct_wq_size: 0</i></div>
                                  <div><i>        enc_rd_buf: 0</i></div>
                                  <div><i>        flags: 2</i></div>
                                  <div><i>        state: established</i></div>
                                  <div><i>}</i></div>
                                  <div><i>{</i></div>
                                  <div><i>        id: 3</i></div>
                                  <div><i>        timeout: 596</i></div>
                                  <div><i>        src_ip: 52.114.75.24</i></div>
                                  <div><i>        src_port: 7811</i></div>
                                  <div><i>        dst_ip: 172.16.30.206</i></div>
                                  <div><i>        dst_port: 5062</i></div>
                                  <div><i>        cipher:
                                      AES256-GCM-SHA384       TLSv1.2
                                      Kx=RSA      Au=RSA
                                       Enc=AESGCM(256) Mac=AEAD</i></div>
                                  <div><i>        ct_wq_size: 0</i></div>
                                  <div><i>        enc_rd_buf: 0</i></div>
                                  <div><i>        flags: 2</i></div>
                                  <div><i>        state: established</i></div>
                                  <div><i>}</i></div>
                                </blockquote>
                                <div><br>
                                </div>
                                <div>Here is what I can see in Kamailio
                                  log file when it sends an OPTIONS
                                  request to the second trunk. Kamailio
                                  uses Default tls configuration and MS
                                  Teams don't accept it:</div>
                                <blockquote style="margin:0px 0px 0px 40px;border:none;padding:0px">
                                  <div><i>Jul 29 16:46:14 kamailio
                                      /usr/sbin/kamailio[11809]: ALERT:
                                      <script>: == TRACE.
                                      tm:local-request. fs is tls:<a href="http://172.16.30.206:5063" target="_blank">172.16.30.206:5063</a></i></div>
                                  <div><i>Jul 29 16:46:14 kamailio
                                      /usr/sbin/kamailio[11809]: DEBUG:
                                      tm [uac.c:352]: t_run_local_req():
                                      apply new updates without Via to
                                      sip msg</i></div>
                                  <div><i>Jul 29 16:46:14 kamailio
                                      /usr/sbin/kamailio[11809]: DEBUG:
                                      <core>
                                      [core/msg_translator.c:1796]:
                                      check_boundaries(): no multi-part
                                      body</i></div>
                                  <div><i>Jul 29 16:46:14 kamailio
                                      /usr/sbin/kamailio[11809]: DEBUG:
                                      <core>
                                      [core/parser/msg_parser.c:610]:
                                      parse_msg(): SIP Request:</i></div>
                                  <div><i>Jul 29 16:46:14 kamailio
                                      /usr/sbin/kamailio[11809]: DEBUG:
                                      <core>
                                      [core/parser/msg_parser.c:612]:
                                      parse_msg():  method:
                                       <OPTIONS></i></div>
                                  <div><i>Jul 29 16:46:14 kamailio
                                      /usr/sbin/kamailio[11809]: DEBUG:
                                      <core>
                                      [core/parser/msg_parser.c:614]:
                                      parse_msg():  uri:     <sip:<a href="http://sip.pstnhub.microsoft.com" target="_blank">sip.pstnhub.microsoft.com</a>;transport=tls></i></div>
                                  <div><i>Jul 29 16:46:14 kamailio
                                      /usr/sbin/kamailio[11809]: DEBUG:
                                      <core>
                                      [core/parser/msg_parser.c:616]:
                                      parse_msg():  version:
                                      <SIP/2.0></i></div>
                                  <div><i>Jul 29 16:46:14 kamailio
                                      /usr/sbin/kamailio[11809]: DEBUG:
                                      <core>
                                      [core/parser/parse_via.c:1303]:
                                      parse_via_param(): Found param
                                      type 232, <branch> =
                                      <z9hG4bK169b.6411b4c3000000000000000000000000.0>;
                                      state=16</i></div>
                                  <div><i>Jul 29 16:46:14 kamailio
                                      /usr/sbin/kamailio[11809]: DEBUG:
                                      <core>
                                      [core/parser/parse_via.c:2639]:
                                      parse_via(): end of header
                                      reached, state=5</i></div>
                                  <div><i>Jul 29 16:46:14 kamailio
                                      /usr/sbin/kamailio[11809]: DEBUG:
                                      <core>
                                      [core/parser/msg_parser.c:498]:
                                      parse_headers(): Via found,
                                      flags=2</i></div>
                                  <div><i>Jul 29 16:46:14 kamailio
                                      /usr/sbin/kamailio[11809]: DEBUG:
                                      <core>
                                      [core/parser/msg_parser.c:500]:
                                      parse_headers(): this is the first
                                      via</i></div>
                                  <div><i>Jul 29 16:46:14 kamailio
                                      /usr/sbin/kamailio[11809]: DEBUG:
                                      <core>
                                      [core/parser/parse_addr_spec.c:864]:
                                      parse_addr_spec(): end of header
                                      reached, state=10</i></div>
                                  <div><i>Jul 29 16:46:14 kamailio
                                      /usr/sbin/kamailio[11809]: DEBUG:
                                      <core>
                                      [core/parser/msg_parser.c:171]:
                                      get_hdr_field(): <To> [47];
                                      uri=[sip:<a href="http://sip.pstnhub.microsoft.com" target="_blank">sip.pstnhub.microsoft.com</a>;transport=tls]</i></div>
                                  <div><i>Jul 29 16:46:14 kamailio
                                      /usr/sbin/kamailio[11809]: DEBUG:
                                      <core>
                                      [core/parser/msg_parser.c:174]:
                                      get_hdr_field(): to body
                                      (47)[<sip:<a href="http://sip.pstnhub.microsoft.com" target="_blank">sip.pstnhub.microsoft.com</a>;transport=tls>^M</i></div>
                                  <div><i>], to tag (0)[]</i></div>
                                  <div><i>Jul 29 16:46:14 kamailio
                                      /usr/sbin/kamailio[11809]: DEBUG:
                                      <core>
                                      [core/parser/msg_parser.c:152]:
                                      get_hdr_field(): cseq
                                      <CSeq>: <10>
                                      <OPTIONS></i></div>
                                  <div><i>Jul 29 16:46:14 kamailio
                                      /usr/sbin/kamailio[11809]: DEBUG:
                                      <core>
                                      [core/parser/msg_parser.c:185]:
                                      get_hdr_field(): content_length=0</i></div>
                                  <div><i>Jul 29 16:46:14 kamailio
                                      /usr/sbin/kamailio[11809]: DEBUG:
                                      <core>
                                      [core/parser/msg_parser.c:89]:
                                      get_hdr_field(): found end of
                                      header</i></div>
                                  <div><i>Jul 29 16:46:14 kamailio
                                      /usr/sbin/kamailio[11809]: DEBUG:
                                      <core>
                                      [core/parser/msg_parser.c:610]:
                                      parse_msg(): SIP Request:</i></div>
                                  <div><i>Jul 29 16:46:14 kamailio
                                      /usr/sbin/kamailio[11809]: DEBUG:
                                      <core>
                                      [core/parser/msg_parser.c:612]:
                                      parse_msg():  method:
                                       <OPTIONS></i></div>
                                  <div><i>Jul 29 16:46:14 kamailio
                                      /usr/sbin/kamailio[11809]: DEBUG:
                                      <core>
                                      [core/parser/msg_parser.c:614]:
                                      parse_msg():  uri:     <sip:<a href="http://sip.pstnhub.microsoft.com" target="_blank">sip.pstnhub.microsoft.com</a>;transport=tls></i></div>
                                  <div><i>Jul 29 16:46:14 kamailio
                                      /usr/sbin/kamailio[11809]: DEBUG:
                                      <core>
                                      [core/parser/msg_parser.c:616]:
                                      parse_msg():  version:
                                      <SIP/2.0></i></div>
                                  <div><i>Jul 29 16:46:14 kamailio
                                      /usr/sbin/kamailio[11809]: DEBUG:
                                      <core>
                                      [core/parser/parse_via.c:1303]:
                                      parse_via_param(): Found param
                                      type 232, <branch> =
                                      <z9hG4bK169b.6411b4c3000000000000000000000000.0>;
                                      state=16</i></div>
                                  <div><i>Jul 29 16:46:14 kamailio
                                      /usr/sbin/kamailio[11809]: DEBUG:
                                      <core>
                                      [core/parser/parse_via.c:2639]:
                                      parse_via(): end of header
                                      reached, state=5</i></div>
                                  <div><i>Jul 29 16:46:14 kamailio
                                      /usr/sbin/kamailio[11809]: DEBUG:
                                      <core>
                                      [core/parser/msg_parser.c:498]:
                                      parse_headers(): Via found,
                                      flags=2</i></div>
                                  <div><i>Jul 29 16:46:14 kamailio
                                      /usr/sbin/kamailio[11809]: DEBUG:
                                      <core>
                                      [core/parser/msg_parser.c:500]:
                                      parse_headers(): this is the first
                                      via</i></div>
                                  <div><i>Jul 29 16:46:14 kamailio
                                      /usr/sbin/kamailio[11809]: DEBUG:
                                      <core>
                                      [core/parser/parse_addr_spec.c:864]:
                                      parse_addr_spec(): end of header
                                      reached, state=10</i></div>
                                  <div><i>Jul 29 16:46:14 kamailio
                                      /usr/sbin/kamailio[11809]: DEBUG:
                                      <core>
                                      [core/parser/msg_parser.c:171]:
                                      get_hdr_field(): <To> [47];
                                      uri=[sip:<a href="http://sip.pstnhub.microsoft.com" target="_blank">sip.pstnhub.microsoft.com</a>;transport=tls]</i></div>
                                  <div><i>Jul 29 16:46:14 kamailio
                                      /usr/sbin/kamailio[11809]: DEBUG:
                                      <core>
                                      [core/parser/msg_parser.c:174]:
                                      get_hdr_field(): to body
                                      (47)[<sip:<a href="http://sip.pstnhub.microsoft.com" target="_blank">sip.pstnhub.microsoft.com</a>;transport=tls>^M</i></div>
                                  <div><i>], to tag (0)[]</i></div>
                                  <div><i>Jul 29 16:46:14 kamailio
                                      /usr/sbin/kamailio[11809]: DEBUG:
                                      <core>
                                      [core/parser/msg_parser.c:152]:
                                      get_hdr_field(): cseq
                                      <CSeq>: <10>
                                      <OPTIONS></i></div>
                                  <div><i>Jul 29 16:46:14 kamailio
                                      /usr/sbin/kamailio[11809]: DEBUG:
                                      tm [uac.c:189]:
                                      uac_refresh_hdr_shortcuts(): cseq:
                                      [CSeq: 10]</i></div>
                                  <div><i>Jul 29 16:46:14 kamailio
                                      /usr/sbin/kamailio[11809]: DEBUG:
                                      <core>
                                      [core/tcp_main.c:1993]:
                                      tcp_send(): no open tcp connection
                                      found, opening new one</i></div>
                                  <div><i>Jul 29 16:46:14 kamailio
                                      /usr/sbin/kamailio[11809]: DEBUG:
                                      <core> [core/ip_addr.c:229]:
                                      print_ip(): tcpconn_new: new tcp
                                      connection: 52.114.75.24</i></div>
                                  <div><i>Jul 29 16:46:14 kamailio
                                      /usr/sbin/kamailio[11809]: DEBUG:
                                      <core>
                                      [core/tcp_main.c:1175]:
                                      tcpconn_new(): on port 5061, type
                                      3, socket -1</i></div>
                                  <div><i>Jul 29 16:46:14 kamailio
                                      /usr/sbin/kamailio[11809]: DEBUG:
                                      <core>
                                      [core/tcp_main.c:1498]:
                                      tcpconn_add(): hashes: 2831:67:0,
                                      1</i></div>
                                  <div><i>Jul 29 16:46:14 kamailio
                                      /usr/sbin/kamailio[11809]: DEBUG:
                                      tls [tls_server.c:199]:
                                      tls_complete_init(): completing
                                      tls connection initialization</i></div>
                                  <div><i>Jul 29 16:46:14 kamailio
                                      /usr/sbin/kamailio[11809]: DEBUG:
                                      tls [tls_server.c:162]:
                                      tls_get_connect_server_name(): <b>xavp
                                        with outbound server name not
                                        found</b></i></div>
                                  <div><i>Jul 29 16:46:14 kamailio
                                      /usr/sbin/kamailio[11809]: DEBUG:
                                      tls [tls_server.c:142]:
                                      tls_get_connect_server_id(): <b>xavp
                                        with outbound server id not
                                        found</b></i></div>
                                  <div><i>Jul 29 16:46:14 kamailio
                                      /usr/sbin/kamailio[11809]: DEBUG:
                                      tls [tls_server.c:228]:
                                      tls_complete_init(): <b>Using
                                        initial TLS domain
                                        TLSc<default></b> (dom
                                      0x7f35509da688 ctx 0x7f3550b7a568
                                      sn [])</i></div>
                                  <div><i>Jul 29 16:46:14 kamailio
                                      /usr/sbin/kamailio[11809]: DEBUG:
                                      tls [tls_domain.c:1177]:
                                      tls_lookup_private_key(): Private
                                      key lookup for
                                      SSL_CTX-0x7f3550b7a568: (nil)</i></div>
                                  <div><i>Jul 29 16:46:14 kamailio
                                      /usr/sbin/kamailio[11809]: DEBUG:
                                      tls [tls_domain.c:747]:
                                      sr_ssl_ctx_info_callback(): SSL
                                      handshake started</i></div>
                                  <div><i>...</i></div>
                                </blockquote>
                                <div><br>
                                </div>
                                <div>If I change the Default
                                  configuration to use <a href="http://kamailio.domain2.com" target="_blank">
                                    kamailio.domain2.com</a>
                                  certificate, the second trunk will
                                  connect but the first one will fail.</div>
                                <div>I tried to set
                                  "$xavp(tls=>server_name)" and
                                  "$xavp(tls[0]=>server_id)"
                                  variables to
                                  the event_route[tm:local-request]
                                  section but log still stated that
                                  server Name and ID were not found.</div>
                                <div><br>
                                </div>
                                <div>Can someone please point me in the
                                  right direction, how can I make
                                  Kamailio use the correct certificates
                                  when establishing multiple TLS
                                  connections?</div>
                                <div><br>
                                </div>
                                <div>Thanks a lot!</div>
                                <div><br>
                                </div>
                                <div>Regards, Volodymyr Ivanets</div>
                              </div>
                            </div>
                          </div>
__________________________________________________________<br>
                          Kamailio - Users Mailing List - Non Commercial
                          Discussions<br>
                            * <a href="mailto:sr-users@lists.kamailio.org" target="_blank">sr-users@lists.kamailio.org</a><br>
                          Important: keep the mailing list in the
                          recipients, do not reply only to the sender!<br>
                          Edit mailing list options or unsubscribe:<br>
                            * <a href="https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users" rel="noreferrer" target="_blank">https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users</a><br>
                        </blockquote>
                      </div>
                      <br>
                      <fieldset></fieldset>
                      <pre>__________________________________________________________
Kamailio - Users Mailing List - Non Commercial Discussions
  * <a href="mailto:sr-users@lists.kamailio.org" target="_blank">sr-users@lists.kamailio.org</a>
Important: keep the mailing list in the recipients, do not reply only to the sender!
Edit mailing list options or unsubscribe:
  * <a href="https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users" target="_blank">https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users</a>
</pre>
                    </blockquote>
                    <pre cols="72">-- 
Daniel-Constantin Mierla -- <a href="http://www.asipto.com" target="_blank">www.asipto.com</a>
<a href="http://www.twitter.com/miconda" target="_blank">www.twitter.com/miconda</a> -- <a href="http://www.linkedin.com/in/miconda" target="_blank">www.linkedin.com/in/miconda</a></pre>
                  </div>
                </blockquote>
              </div>
            </blockquote>
            <pre cols="72">-- 
Daniel-Constantin Mierla -- <a href="http://www.asipto.com" target="_blank">www.asipto.com</a>
<a href="http://www.twitter.com/miconda" target="_blank">www.twitter.com/miconda</a> -- <a href="http://www.linkedin.com/in/miconda" target="_blank">www.linkedin.com/in/miconda</a></pre>
          </div>
        </blockquote>
      </div>
    </blockquote>
    <pre cols="72">-- 
Daniel-Constantin Mierla -- <a href="http://www.asipto.com" target="_blank">www.asipto.com</a>
<a href="http://www.twitter.com/miconda" target="_blank">www.twitter.com/miconda</a> -- <a href="http://www.linkedin.com/in/miconda" target="_blank">www.linkedin.com/in/miconda</a></pre>
  </div>

</blockquote></div>
</blockquote></div>
</blockquote></div>