Hello,
I'm using Kamailio ver. 5.8.4.
I configured the ims_ipsec_pcscf with
modparam("ims_ipsec_pcscf", "ipsec_max_connections", 1)
and call ipsec_forward with flag = IPSEC_FORWARD_FLAGS
where :
# - IPSEC_SEND_FORCE_SOCKET 1
# - IPSEC_FORWARD_USEVIA 256
#!define IPSEC_FORWARD_FLAGS 257
For the UE REGISTRATION I have the following flow
UE PCSCF_GM_IMS
REGISTER
(32133) ------------------> (5060)
100 Trying
(32133) <------------------ (5060)
401 Unauthorized
(32133) <------------------ (5060)
REGISTER (TCP)
(PORT_UC) ------------------> (PORT_PS)
100 Trying (TCP)
(PORT_UC) <------------------ (PORT_PS)
200 OK (TCP)
(PORT_UC) <------------------ (PORT_PS)
------------------------------------------------------------------
SUBSCRIBE (UDP)
(PORT_UC) ------------------> (PORT_PS)
200 Subscription (UDP)
(PORT_US) <------------------ (PORT_PC)
NOTIFY (UDP)
(PORT_US) <------------------ (PORT_PC)
200 OK (UDP)
(PORT_UC) ------------------> (PORT_PC)
NOTIFY (UDP)
(PORT_US) <------------------ (PORT_PC)
200 OK (UDP)
(PORT_UC) ------------------> (PORT_PC)
NOTIFY (UDP)
(PORT_US) <------------------ (PORT_PC)
200 OK (UDP)
(PORT_UC) ------------------> (PORT_PC)
The SUBSCRIBE behavior is correct : PCSCF receives message on PORT_PS and sends on PORT_PC
The NOTIFY behavior is wrong: PCSCF send from PORT_PC (correct), but UE respond towards PORT_PC, defined in the Via of the NOTIFY.
I know I can use the set_advertised_port() function, and in this case can work, but the function is taking a constant as a parameter, not a variable. This is causing a problem
when ipsec_max_connections > 1. In that case it won't be easy to pass the correct port.
I was wondering if the ipsec module should properly set the VIA port to the correct PORT_PS, rather than leaving the setting of the correct port by the kamailio.cfg.
Do you have any hints on that?
Thanks