Please advise if it has something to do with disabling TLS/MSRP?

Please see the log & related config file in line here:

 0(5724) INFO: <core> [ppcfg.c:82]: pp_subst_add(): ### added subst expression: !MY_WS_PORT!8000!g

#!KAMAILIO
#
# Simple/sample kamailio.cfg for running a proxy/registrar with TLS and
# WebSockets support.

#!substdef "!DBURL!mysql://kamailio:kamailiorw@localhost/kamailio!g"
#!substdef "!MY_IP_ADDR!192.168.1.16!g"
#!substdef "!MY_DOMAIN!callcntr.com.al!g"
#!substdef "!MY_WS_PORT!8000!g"
#!substdef "!MY_WSS_PORT!443!g"
#!substdef "!MY_MSRP_PORT!9000!g"
#!substdef "!MY_WS_ADDR!tcp:MY_IP_ADDR:MY_WS_PORT!g"
##!substdef "!MY_WSS_ADDR!tls:MY_IP_ADDR:MY_WSS_PORT!g"
##!substdef "!MY_MSRP_ADDR!tls:MY_IP_ADDR:MY_MSRP_PORT!g"
##!substdef "!MSRP_MIN_EXPIRES!1800!g"
##!substdef "!MSRP_MAX_EXPIRES!3600!g"

##!define LOCAL_TEST_RUN
##!define WITH_TLS
#!define WITH_WEBSOCKETS
##!define WITH_MSRP


####### Global Parameters #########

fork=yes
children=4

#!ifdef WITH_TLS
enable_tls=1
#!endif

listen=MY_IP_ADDR
#!ifdef WITH_WEBSOCKETS
listen=MY_IP_ADDR
#!ifdef WITH_TLS
#listen=MY_WSS_ADDR
#!endif
#!endif
#!ifdef WITH_MSRP
listen=MY_MSRP_ADDR
#!endif

tcp_connection_lifetime=3604
tcp_accept_no_cl=yes
tcp_rd_buf_size=16384

#!ifdef LOCAL_TEST_RUN
debug=2
mpath="modules"
#!else
debug=0
mpath="/usr/local/lib64/kamailio/modules/"
#!endif

loadmodule "db_mysql.so"
loadmodule "tm.so"
loadmodule "sl.so"
loadmodule "rr.so"
loadmodule "pv.so"
loadmodule "maxfwd.so"
loadmodule "usrloc.so"
loadmodule "registrar.so"
loadmodule "textops.so"
loadmodule "siputils.so"
loadmodule "xlog.so"
loadmodule "sanity.so"
loadmodule "ctl.so"
loadmodule "auth.so"
loadmodule "auth_db.so"
loadmodule "kex.so"
loadmodule "mi_rpc.so"
loadmodule "corex.so"
#!ifdef WITH_TLS
loadmodule "tls.so"
#!endif
#!ifdef WITH_MSRP
loadmodule "msrp.so"
loadmodule "htable.so"
loadmodule "cfgutils.so"
#!endif
#!ifdef WITH_WEBSOCKETS
loadmodule "xhttp.so"
loadmodule "websocket.so"
loadmodule "nathelper.so"
#!endif


#!ifdef WITH_WEBSOCKETS
# ----- nathelper params -----
modparam("nathelper|registrar", "received_avp", "$avp(RECEIVED)")
# Note: leaving NAT pings turned off here as nathelper is _only_ being used for
#       WebSocket connections.  NAT pings are not needed as WebSockets have
#       their own keep-alives.
#!endif


####### Routing Logic ########

# Main SIP request routing logic
# - processing of any incoming SIP request starts with this route
# - note: this is the same as route { ... }
request_route {
    if (($Rp == MY_WS_PORT)) {                           

        xlog("L_WARN", "SIP request received on $Rp\n");
        sl_send_reply("403", "Forbidden");
        exit;
    }

    # per request initial checks
    route(REQINIT);

#!ifdef WITH_WEBSOCKETS
    if (nat_uac_test(64)) {
        # Do NAT traversal stuff for requests from a WebSocket
        # connection - even if it is not behind a NAT!
        # This won't be needed in the future if Kamailio and the
        # WebSocket client support Outbound and Path.
        force_rport();
        if (is_method("REGISTER")) {
            fix_nated_register();
        } else {
            if (!add_contact_alias()) {
                xlog("L_ERR", "Error aliasing contact <$ct>\n");
                sl_send_reply("400", "Bad Request");
                exit;
            }
        }
    }
#!endif

    # handle requests within SIP dialogs
    route(WITHINDLG);

    ### only initial requests (no To tag)

    # CANCEL processing
    if (is_method("CANCEL")) {
        if (t_check_trans()) {
            t_relay();
        }
        exit;
    }

    t_check_trans();

    # authentication
    route(AUTH);

    # record routing for dialog forming requests (in case they are routed)
    # - remove preloaded route headers
    remove_hf("Route");
    if (is_method("INVITE")) {
        record_route();
    }

    # handle registrations
    route(REGISTRAR);

    if ($rU==$null) {
        # request with no Username in RURI
        sl_send_reply("484", "Address Incomplete");
        exit;
    }

    # user location service
    route(LOCATION);

    route(RELAY);
}

route[RELAY] {
    if (!t_relay()) {
        sl_reply_error();
    }
    exit;
}

# Per SIP request initial checks
route[REQINIT] {
    if (!mf_process_maxfwd_header("10")) {
        sl_send_reply("483", "Too Many Hops");
        exit;
    }

    if (!sanity_check("1511", "7")) {
        xlog("Malformed SIP message from $si:$sp\n");
        exit;
    }

    if (uri == myself && is_method("OPTIONS") && !(uri=~"sip:.*[@]+.*")) {
        options_reply();
        exit;
    }
}

# Handle requests within SIP dialogs
route[WITHINDLG] {
    if (has_totag()) {
        # sequential request withing a dialog should
        # take the path determined by record-routing
        if (loose_route()) {
#!ifdef WITH_WEBSOCKETS
            if ($du == "") {
                if (!handle_ruri_alias()) {
                    xlog("L_ERR", "Bad alias <$ru>\n");
                    sl_send_reply("400", "Bad Request");
                    exit;
                }
            }
#!endif
            route(RELAY);
        } else {
            if ( is_method("ACK") ) {
                if ( t_check_trans() ) {
                    # no loose-route, but stateful ACK;
                    # must be an ACK after a 487
                    # or e.g. 404 from upstream server
                    t_relay();
                    exit;
                } else {
                    # ACK without matching transaction...
                    # ignore and discard
                    exit;
                }
            }
            sl_send_reply("404", "Not Found");
        }
        exit;
    }
}

# Handle SIP registrations
route[REGISTRAR] {
    if (is_method("REGISTER")) {
        if (!save("location")) {
            sl_reply_error();
        }
        exit;
    }
}

# USER location service
route[LOCATION] {
    if (!is_subscriber("$ru", "subscriber", "1")) {
        t_newtran();
        send_reply("404", "Not Found");
        exit;
    }

    if (!lookup("location")) {
        $var(rc) = $rc;
        t_newtran();
        switch ($var(rc)) {
        case -1:
            send_reply("480", "Temporarily Unavailable");
            exit;
        case -2:
            send_reply("405", "Method Not Allowed");
            exit;
        case -3:
            send_reply("500", "Server Internal Error");
            exit;
        }
    }
}

# Authentication route
route[AUTH] {
    if (is_method("REGISTER") || from_uri==myself) {
        # authenticate requests
        if (!auth_check("$fd", "subscriber", "1")) {
            auth_challenge("$fd", "0");
            exit;
        }
        # user authenticated - remove auth header
        if(!is_method("REGISTER")) {
            consume_credentials();
        }
    }
    # if caller is not local subscriber, then check if it calls
    # a local destination, otherwise deny, not an open relay here
    if (from_uri!=myself && uri!=myself) {
        sl_send_reply("403", "Forbidden");
        exit;
    }
}

#!ifdef WITH_WEBSOCKETS
onreply_route {
    if ((($Rp == MY_WS_PORT)
        && !(proto == WS)) || $Rp == MY_MSRP_PORT) {
        xlog("L_WARN", "SIP response received on $Rp\n");
        drop;
    }

    if (nat_uac_test(64)) {
        # Do NAT traversal stuff for replies to a WebSocket connection
        # - even if it is not behind a NAT!
        # This won't be needed in the future if Kamailio and the
        # WebSocket client support Outbound and Path.
        add_contact_alias();
    }
}

event_route[xhttp:request] {
    set_reply_close();
    set_reply_no_connect();
   
    if ($Rp != MY_WS_PORT
#!ifdef WITH_TLS
        && $Rp != MY_WSS_PORT
#!endif
    ) {
        xlog("L_WARN", "HTTP request received on $Rp\n");
        xhttp_reply("403", "Forbidden", "", "");
        exit;
    }

    xlog("L_DBG", "HTTP Request Received\n");

    if ($hdr(Upgrade)=~"websocket"
            && $hdr(Connection)=~"Upgrade"
            && $rm=~"GET") {

        # Validate Host - make sure the client is using the correct
        # alias for WebSockets
        if ($hdr(Host) == $null || !is_myself("sip:" + $hdr(Host))) {
            xlog("L_WARN", "Bad host $hdr(Host)\n");
            xhttp_reply("403", "Forbidden", "", "");
            exit;
        }

        # Optional... validate Origin - make sure the client is from an
        # authorised website.  For example,
        #
        # if ($hdr(Origin) != "http://communicator.MY_DOMAIN"
        #     && $hdr(Origin) != "https://communicator.MY_DOMAIN") {
        #    xlog("L_WARN", "Unauthorised client $hdr(Origin)\n");
        #    xhttp_reply("403", "Forbidden", "", "");
        #    exit;
        # }

        # Optional... perform HTTP authentication

        # ws_handle_handshake() exits (no further configuration file
        # processing of the request) when complete.
        if (ws_handle_handshake())
        {
            # Optional... cache some information about the
            # successful connection
            exit;
        }
    }

    xhttp_reply("404", "Not Found", "", "");
}

event_route[websocket:closed] {
    xlog("L_INFO", "WebSocket connection from $si:$sp has closed\n");
}
#!endif

#!ifdef WITH_MSRP
event_route[msrp:frame-in] {
    msrp_reply_flags("1");

    if ((($Rp == MY_WS_PORT || $Rp == MY_WSS_PORT)
        && !(proto == WS || proto == WSS)) && $Rp != MY_MSRP_PORT) {
        xlog("L_WARN", "MSRP request received on $Rp\n");
        msrp_reply("403", "Action-not-allowed");
        exit;
    }

    if (msrp_is_reply()) {
        msrp_relay();
    } else if($msrp(method)=="AUTH") {
        if($msrp(nexthops)>0) {
            msrp_relay();
            exit;
        }

        if (!www_authenticate("MY_DOMAIN", "subscriber",
                    "$msrp(method)")) {
            if (auth_get_www_authenticate("MY_DOMAIN", "1",
                            "$var(wauth)")) {
                msrp_reply("401", "Unauthorized",
                            "$var(wauth)");
            } else {
                msrp_reply("500", "Server Error");
            }
            exit;
        }

        if ($hdr(Expires) != $null) {
            $var(expires) = (int) $hdr(Expires);
            if ($var(expires) < MSRP_MIN_EXPIRES) {
                msrp_reply("423", "Interval Out-of-Bounds",
                    "Min-Expires: MSRP_MIN_EXPIRES\r\n");
                exit;
            } else if ($var(expires) > MSRP_MAX_EXPIRES) {
                msrp_reply("423", "Interval Out-of-Bounds",
                    "Max-Expires: MSRP_MAX_EXPIRES\r\n");
                exit;
            }
        } else {
            $var(expires) = MSRP_MAX_EXPIRES;
        }

        $var(cnt) = $var(cnt) + 1;
        pv_printf("$var(sessid)", "s.$(pp).$(var(cnt)).$(RANDOM)");
        $sht(msrp=>$var(sessid)::srcaddr) = $msrp(srcaddr);
        $sht(msrp=>$var(sessid)::srcsock) = $msrp(srcsock);
        $shtex(msrp=>$var(sessid)) = $var(expires) + 5;
        # - Use-Path: the MSRP address for server + session id
        $var(hdrs) = "Use-Path: msrps://MY_IP_ADDR:MY_MSRP_PORT/"
                    + $var(sessid) + ";tcp\r\n"
                    + "Expires: " + $var(expires) + "\r\n";
        msrp_reply("200", "OK", "$var(hdrs)");
    } else if ($msrp(method)=="SEND" || $msrp(method)=="REPORT") {
        if ($msrp(nexthops)>1) {
            if ($msrp(method)!="REPORT") {
                msrp_reply("200", "OK");
            }
            msrp_relay();
            exit;
        }
        $var(sessid) = $msrp(sessid);
        if ($sht(msrp=>$var(sessid)::srcaddr) == $null) {
            # one more hop, but we don't have address in htable
            msrp_reply("481", "Session-does-not-exist");
            exit;
        } else if ($msrp(method)!="REPORT") {
            msrp_reply("200", "OK");
        }
        msrp_relay_flags("1");
        msrp_set_dst("$sht(msrp=>$var(sessid)::srcaddr)",
                "$sht(msrp=>$var(sessid)::srcsock)");
        msrp_relay();
    } else {
        msrp_reply("501", "Request-method-not-understood");
    }
}
#!endif

Thanks a million!

Zaka