Re: [SR-Users] Kamailio like SBC with Teams

21 Apr 2020


      Sorry..
I received the invite with the dial number.. But i do not received de ACK..
Can I check any way if I received the ACK?
Thanks
El martes, 21 de abril de 2020, sip user sipuser404@gmail.com escribió:
...
Thanks Sergiu..
It works for me.
Now, when I make a call from Teams, in syslog I see:
Apr 21 10:39:39 vps793907 /usr/sbin/kamailio[20651]: DEBUG: <core>
[parser/msg_parser.c:623]: parse_msg(): SIP Request:
Apr 21 10:39:39 vps793907 /usr/sbin/kamailio[20651]: DEBUG: <core>
[parser/msg_parser.c:625]: parse_msg():  method:  <ACK>
Apr 21 10:39:39 vps793907 /usr/sbin/kamailio[20651]: DEBUG: <core>
[parser/msg_parser.c:627]: parse_msg():  uri:     sip:+34XXXXXXXXX@SBC-DNS
:5061;user=phone;transport=tls
Apr 21 10:39:39 vps793907 /usr/sbin/kamailio[20651]: DEBUG: <core>
[parser/msg_parser.c:629]: parse_msg():  version: <SIP/2.0>
But now How can I do to "transfer" the call to a kamailio user or to my
Asterisk?
Thanks for all
El mar., 21 abr. 2020 a las 6:18, Sergiu Pojoga (pojogas@gmail.com)
escribió:
...
Check out below thread, it explains it all.
https://lists.kamailio.org/pipermail/sr-users/2020-March/108684.html
On Mon, Apr 20, 2020 at 3:24 PM sip user sipuser404@gmail.com wrote:
...
Sorry.. Im a bit loose in this one...
So, ive use letsencrypy to generate the certificate, and the CA, how i
have to generate?
Thanks
El lun., 20 abr. 2020 19:06, Sergiu Pojoga pojogas@gmail.com escribió:
...
ca_list= /etc/letsencrypt/live/FQND/chain.pem
Is that pointing to your Root CA certificate? I highly doubt it.
That's probably the reason why you get "tls_read_f(): TLS
write:error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate
verify failed"
On Mon, Apr 20, 2020 at 11:53 AM sip user sipuser404@gmail.com wrote:
...
Hi..
Thank you all very much for answering me.
I have made many test:
First, I've installed ssl cert with letsencrypt, like
https://www.fredposner.com/1836/kamailio-tls-and-letsencrypt/, this
one i made it before.
I've configured tls.cfg like:
[server:default]
method = TLSv1.2
verify_certificate = yes
require_certificate = yes
private_key = /etc/letsencrypt/live/FQND/privkey.pem
certificate = /etc/letsencrypt/live/FQDN/fullchain.pem
ca_list= /etc/letsencrypt/live/FQND/chain.pem
[client:default]
method = TLSv1.2
verify_certificate = yes
require_certificate = yes
private_key = /etc/letsencrypt/live/FQND/privkey.pem
certificate = /etc/letsencrypt/live/FQDN/fullchain.pem
ca_list= /etc/letsencrypt/live/FQND/chain.pem
In syslog I received:
Apr 20 17:31:25 vps793907 /usr/sbin/kamailio[8481]: INFO: <script>:
Sent out tm request: OPTIONS sip:sip.pstnhub.microsoft.com;transport=tls
SIP/2.0#015#012Via: SIP/2.0/TLS SBC-IP:5061;branch=z9hG4bK66bb.
a6291812000000000000000000000000.0#015#012To: sip:
sip.pstnhub.microsoft.com;transport=tls#015#012From:
sip:dispatcher@localhost;tag=d012046760e0e80ea51cb82629f4d4bc-c14c#015#012CSeq:
10 OPTIONS#015#012Call-ID: 0d202fa1261f1449-8481@51.89.
23.96#015#012Max-Forwards
http://0d202fa1261f1449-8481@51.89.23.96#015%23012Max-Forwards:
70#015#012Content-Length: 0#015#012User-Agent: kamailio (4.2.0
(x86_64/linux))
Apr 20 17:31:25 vps793907 /usr/sbin/kamailio[8481]: INFO: <script>:
Sent out tm request: OPTIONS sip:sip2.pstnhub.microsoft.com;transport=tls
SIP/2.0#015#012Via: SIP/2.0/TLS SBC-IP:5061;branch=z9hG4bK59bb.
f565cf11000000000000000000000000.0#015#012To: sip:
sip2.pstnhub.microsoft.com;transport=tls#015#012From:
sip:dispatcher@localhost;tag=d012046760e0e80ea51cb82629f4d4bc-3df0#015#012CSeq:
10 OPTIONS#015#012Call-ID: 0d202fa1261f144a-8481@51.89.
23.96#015#012Max-Forwards
http://0d202fa1261f144a-8481@51.89.23.96#015%23012Max-Forwards:
70#015#012Content-Length: 0#015#012User-Agent: kamailio (4.2.0
(x86_64/linux))
Apr 20 17:31:25 vps793907 /usr/sbin/kamailio[8485]: ERROR: tls
[tls_server.c:1193]: tls_read_f(): TLS write:error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Apr 20 17:31:25 vps793907 /usr/sbin/kamailio[8485]: ERROR: <core>
[tcp_read.c:1279]: tcp_read_req(): ERROR: tcp_read_req: error reading
Apr 20 17:31:25 vps793907 /usr/sbin/kamailio[8481]: INFO: <script>:
Sent out tm request: OPTIONS sip:sip3.pstnhub.microsoft.com;transport=tls
SIP/2.0#015#012Via: SIP/2.0/TLS SBC-IP:5061;branch=z9hG4bK69bb.
212aa3c7000000000000000000000000.0#015#012To: sip:
sip3.pstnhub.microsoft.com;transport=tls#015#012From:
sip:dispatcher@localhost;tag=d012046760e0e80ea51cb82629f4d4bc-bee0#015#012CSeq:
10 OPTIONS#015#012Call-ID: 0d202fa1261f144b-8481@51.89.
23.96#015#012Max-Forwards
http://0d202fa1261f144b-8481@51.89.23.96#015%23012Max-Forwards:
70#015#012Content-Length: 0#015#012User-Agent: kamailio (4.2.0
(x86_64/linux))
Apr 20 17:31:25 vps793907 /usr/sbin/kamailio[8486]: ERROR: tls
[tls_server.c:1193]: tls_read_f(): TLS write:error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Apr 20 17:31:25 vps793907 /usr/sbin/kamailio[8486]: ERROR: <core>
[tcp_read.c:1279]: tcp_read_req(): ERROR: tcp_read_req: error reading
Apr 20 17:31:25 vps793907 /usr/sbin/kamailio[8487]: ERROR: tls
[tls_server.c:1193]: tls_read_f(): TLS write:error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Apr 20 17:31:25 vps793907 /usr/sbin/kamailio[8487]: ERROR: <core>
[tcp_read.c:1279]: tcp_read_req(): ERROR: tcp_read_req: error reading
And If I make kamcmd tls.list, I have no response.
Test two:
If I coonfigure tls.cfg like:
[server:default]
method = TLSv1.2
verify_certificate = no
require_certificate = no
private_key = /etc/letsencrypt/live/FQND/privkey.pem
certificate = /etc/letsencrypt/live/FQDN/fullchain.pem
ca_list= /etc/letsencrypt/live/FQND/chain.pem
[client:default]
method = TLSv1.2
verify_certificate = no
require_certificate = no
private_key = /etc/letsencrypt/live/FQND/privkey.pem
certificate = /etc/letsencrypt/live/FQDN/fullchain.pem
ca_list= /etc/letsencrypt/live/FQND/chain.pem
In syslog:
Apr 20 17:27:52 vps793907 kernel: [270882.772276] device eth0 left
promiscuous mode
Apr 20 17:27:53 vps793907 /usr/sbin/kamailio[8257]: INFO: <script>:
Sent out tm request: OPTIONS sip:sip.pstnhub.microsoft.com;transport=tls
SIP/2.0#015#012Via: SIP/2.0/TLS SBC-IP:5061;branch=z9hG4bKf62f.
0c39c2d0000000000000000000000000.0#015#012To: sip:
sip.pstnhub.microsoft.com;transport=tls#015#012From:
sip:dispatcher@localhost;tag=d012046760e0e80ea51cb82629f4d4bc-24c6#015#012CSeq:
10 OPTIONS#015#012Call-ID: 02376c756e11dbd4-8257@51.89.
23.96#015#012Max-Forwards
http://02376c756e11dbd4-8257@51.89.23.96#015%23012Max-Forwards:
70#015#012Content-Length: 0#015#012User-Agent: kamailio (4.2.0
(x86_64/linux))
Apr 20 17:27:53 vps793907 /usr/sbin/kamailio[8257]: INFO: <script>:
Sent out tm request: OPTIONS sip:sip2.pstnhub.microsoft.com;transport=tls
SIP/2.0#015#012Via: SIP/2.0/TLS SBC-IP:5061;branch=z9hG4bK072f.
0e9be960000000000000000000000000.0#015#012To: sip:
sip2.pstnhub.microsoft.com;transport=tls#015#012From:
sip:dispatcher@localhost;tag=d012046760e0e80ea51cb82629f4d4bc-5a49#015#012CSeq:
10 OPTIONS#015#012Call-ID: 02376c756e11dbd5-8257@51.89.
23.96#015#012Max-Forwards
http://02376c756e11dbd5-8257@51.89.23.96#015%23012Max-Forwards:
70#015#012Content-Length: 0#015#012User-Agent: kamailio (4.2.0
(x86_64/linux))
Apr 20 17:27:53 vps793907 /usr/sbin/kamailio[8257]: INFO: <script>:
Sent out tm request: OPTIONS sip:sip3.pstnhub.microsoft.com;transport=tls
SIP/2.0#015#012Via: SIP/2.0/TLS SBC-IP:5061;branch=z9hG4bKd62f.
82d8b643000000000000000000000000.0#015#012To: sip:
sip3.pstnhub.microsoft.com;transport=tls#015#012From:
sip:dispatcher@localhost;tag=d012046760e0e80ea51cb82629f4d4bc-d959#015#012CSeq:
10 OPTIONS#015#012Call-ID: 02376c756e11dbd6-8257@51.89.
23.96#015#012Max-Forwards
http://02376c756e11dbd6-8257@51.89.23.96#015%23012Max-Forwards:
70#015#012Content-Length: 0#015#012User-Agent: kamailio (4.2.0
(x86_64/linux))
And If I make kamcmd tls.list:
{
        id: 1
        timeout: 3595
        src_ip: 52.114.75.24
        src_port: 5061
        dst_ip: SBC-IP
        dst_port: 37531
        cipher: ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=RSA
 Enc=AESGCM(256) Mac=AEAD
        ct_wq_size: 0
        enc_rd_buf: 0
        flags: 2
        state: established
}
{
        id: 2
        timeout: 3596
        src_ip: 52.114.132.46
        src_port: 5061
        dst_ip: SBC-IP
        dst_port: 33370
        cipher: ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=RSA
 Enc=AESGCM(256) Mac=AEAD
        ct_wq_size: 0
        enc_rd_buf: 0
        flags: 2
        state: established
}
{
        id: 3
        timeout: 3596
        src_ip: 52.114.7.24
        src_port: 5061
        dst_ip: SBC-IP
        dst_port: 48819
        cipher: ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=RSA
 Enc=AESGCM(256) Mac=AEAD
        ct_wq_size: 0
        enc_rd_buf: 0
        flags: 2
        state: established
}
And with kamcmd dispatcher.list | egrep "URI|FLAGS" I see:
URI: sip:sip.pstnhub.microsoft.com;transport=tls FLAGS: AP
 URI: sip:sip2.pstnhub.microsoft.com;transport=tls FLAGS: AX
 URI: sip:sip3.pstnhub.microsoft.com;transport=tls FLAGS: AP
But in Teams Direct Routing I always see my SBC with problems, never
active.
In kamailio.cfg I've configure just before request_route:
event_route[tm:local-request] {
        if(is_method("OPTIONS") && $ru =~ "pstnhub.microsoft.com") {
               append_hf("Contact: sip:SBC-DNS:5061;transport=
tls\r\n");
        }
        xlog("L_INFO", "Sent out tm request: $mb\n");
}
I don't know where could be the problem..
Any more else I can test?
Thanks for all..!!
El sáb., 18 abr. 2020 a las 12:39, Yuriy Nasida (ynasida@gmail.com)
escribió:
...
Probably. You can get full pcap files using tcpdump and check TLS
handshakes usign wireshark.
Also it is not really need to check cert on the side of kamailio. You
can set (at least for tests)
verify_certificate = no
require_certificate = no
On Fri, 17 Apr 2020 at 10:02, sip user sipuser404@gmail.com wrote:
> Hi Sergiu..
>
> I've made many test and many change...
>
> In tls.cfg I have this:
>
> [server:default]
> method = TLSv1.2
> verify_certificate = yes
> require_certificate = yes
> private_key = /etc/letsencrypt/ssl/cert.key
> certificate = /etc/letsencrypt/ssl/cert.crt
> ca_list = /etc/letsencrypt/ssl/ca.crt
>
> [client:default]
> method = TLSv1.2
> verify_certificate = yes
> require_certificate = yes
> private_key = /etc/letsencrypt/ssl/cert.key
> certificate = /etc/letsencrypt/ssl/cert.crt
> ca_list = /etc/letsencrypt/ssl/ca.crt
>
> But when I make Kamcmd tls.list I have not response.. Not show me
> anything.
>
> Problem with certificated??
>
> Thanks
>
> El jue., 16 abr. 2020 a las 20:31, Sergiu Pojoga (pojogas@gmail.com)
> escribió:
>
>> Hi SIP User/anonymous/one-time-visitor/,
>>
>> Your TLS config isn't correct. The article clearly says
>> verify/require_certificate must be set to 'yes'
>>
>> *kamcmd tls.list*
>> Does it show any 'established' connections with MS proxy?
>>
>> Good luck,
>>
>> --Sergiu
>>
>> On Thu, Apr 16, 2020 at 11:41 AM Ovidiu Sas osas@voipembedded.com
>> wrote:
>>
>>> The tutorial is pretty clear:
>>> You need to add the Contact header only for OPTIONS pings.
>>> You need to use the proper Record-Route headers based on the
>>> direction
>>> of the call.
>>> There's no out of the box solution because each setup is different.
>>>
>>> If you understand how loose routing works in SIP, then you know
>>> how to
>>> adjust the config to use record_route_preset(), just as explained
>>> in
>>> the tutorial. There is also an example of an INVITE that has the
>>> right
>>> Record-Route headers in the tutorial.
>>>
>>> You can choose to use the FQDN for the Record-Route header facing
>>> MS
>>> and the IP for the Record-Route header facing the carrier or use
>>> the
>>> FQDN for both Record-Route headers (just like in the
>>> tutorialexample).
>>> Alternatively, one can try to advertise the FQDN in the listen
>>> directive in the config and then the Record-Route headers should be
>>> populated automatically.
>>>
>>> Regards,
>>> Ovidiu Sas
>>>
>>> On Thu, Apr 16, 2020 at 10:50 AM sip user sipuser404@gmail.com
>>> wrote:
>>> >
>>> > Hi Nasida.. Thanks for answerd to me...
>>> >
>>> > I've activarted the debugger module, and I see the same:
>>> >
>>> > Apr 15 11:11:41 vps793907 kamailio[23122]: 13(23167) DEBUG:
>>> <core> [ip_addr.c:243]: print_ip(): tcpconn_new: new tcp connection:
>>> 52.114.7.24
>>> > Apr 15 11:11:41 vps793907 kamailio[23122]: 13(23167) DEBUG:
>>> <core> [tcp_main.c:1073]: tcpconn_new(): tcpconn_new: on port 4160, type 3
>>> > Apr 15 11:11:41 vps793907 kamailio[23122]: 13(23167) DEBUG:
>>> <core> [tcp_main.c:1382]: tcpconn_add(): tcpconn_add: hashes:
>>> 171:1857:1187, 30
>>> > Apr 15 11:11:41 vps793907 kamailio[23122]: 13(23167) DEBUG:
>>> <core> [io_wait.h:388]: io_watch_add(): DBG: io_watch_add(0xa1f240, 23, 2,
>>> 0x7f90f2438f80), fd_no=17
>>> > Apr 15 11:11:41 vps793907 kamailio[23122]: 13(23167) DEBUG:
>>> <core> [io_wait.h:610]: io_watch_del(): DBG: io_watch_del (0xa1f240, 23,
>>> -1, 0x0) fd_no=18 called
>>> > Apr 15 11:11:41 vps793907 kamailio[23122]: 13(23167) DEBUG:
>>> <core> [tcp_main.c:4219]: handle_tcpconn_ev(): tcp: DBG: sending to child,
>>> events 1
>>> > Apr 15 11:11:41 vps793907 kamailio[23122]: 13(23167) DEBUG:
>>> <core> [tcp_main.c:3902]: send2child(): selected tcp worker 1 10(23159) for
>>> activity on [tls:SBC_IP:5061], 0x7f90f2438f80
>>> > Apr 15 11:11:41 vps793907 kamailio[23122]: 10(23159) DEBUG:
>>> <core> [tcp_read.c:1507]: handle_io(): received n=8 con=0x7f90f2438f80, fd=9
>>> > Apr 15 11:11:41 vps793907 kamailio[23122]: 10(23159) DEBUG: tls
>>> [tls_server.c:184]: tls_complete_init(): Using TLS domain TLSs<default>
>>> > Apr 15 11:11:41 vps793907 kamailio[23122]: 10(23159) DEBUG: tls
>>> [tls_domain.c:700]: sr_ssl_ctx_info_callback(): SSL handshake started
>>> > Apr 15 11:11:41 vps793907 kamailio[23122]: 10(23159) DEBUG:
>>> <core> [tcp_main.c:2516]: tcpconn_do_send(): tcp_send: sending...
>>> > Apr 15 11:11:41 vps793907 kamailio[23122]: 10(23159) DEBUG:
>>> <core> [tcp_main.c:2550]: tcpconn_do_send(): tcp_send: after real write: c=
>>> 0x7f90f2438f80 n=1468 fd=9
>>> > Apr 15 11:11:41 vps793907 kamailio[23122]: 10(23159) DEBUG:
>>> <core> [tcp_main.c:2551]: tcpconn_do_send(): tcp_send: buf=
>>> > Apr 15 11:11:41 vps793907 kamailio[23122]: #026#003#003
>>> > Apr 15 11:11:41 vps793907 kamailio[23122]: 10(23159) DEBUG:
>>> <core> [io_wait.h:388]: io_watch_add(): DBG: io_watch_add(0x9c1700, 9, 2,
>>> 0x7f90f2438f80), fd_no=1
>>> > Apr 15 11:11:42 vps793907 kamailio[23122]: 10(23159) DEBUG:
>>> <core> [tcp_read.c:296]: tcp_read_data(): EOF on 0x7f90f2438f80, FD 9
>>> > Apr 15 11:11:42 vps793907 kamailio[23122]: 10(23159) DEBUG:
>>> <core> [tcp_read.c:1291]: tcp_read_req(): tcp_read_req: EOF
>>> > Apr 15 11:11:42 vps793907 kamailio[23122]: 10(23159) DEBUG:
>>> <core> [io_wait.h:610]: io_watch_del(): DBG: io_watch_del (0x9c1700, 9, -1,
>>> 0x10) fd_no=2 called
>>> > Apr 15 11:11:42 vps793907 kamailio[23122]: 10(23159) DEBUG:
>>> <core> [tcp_read.c:1434]: release_tcpconn(): releasing con 0x7f90f2438f80,
>>> state -1, fd=9, id=30
>>> > Apr 15 11:11:42 vps793907 kamailio[23122]: 10(23159) DEBUG:
>>> <core> [tcp_read.c:1435]: release_tcpconn():  extra_data 0x7f90f2432b40
>>> > Apr 15 11:11:42 vps793907 kamailio[23122]: 13(23167) DEBUG:
>>> <core> [tcp_main.c:3331]: handle_tcp_child(): handle_tcp_child: reader
>>> response= 7f90f2438f80, -1 from 1
>>> > Apr 15 11:11:42 vps793907 kamailio[23122]: 13(23167) DEBUG: tls
>>> [tls_server.c:604]: tls_h_close(): Closing SSL connection 0x7f90f2432b40
>>> >
>>> > I don't see any different.
>>> >
>>> > I know that the module is loaded because I see:
>>> >
>>> > exec: *** cfgtrace:request_route=[DEFAULT_ROUTE]
>>> c=[/etc/kamailio/kamailio.cfg] l=486 a=5 n=route
>>> >
>>> > When I restart kamailio, but when I "launch" a call from Teams
>>> to my Kamailio I only see that.
>>> >
>>> > To configure it, I follow https://skalatan.de/en/blog/
>>> kamailio-sbc-teams.. But I cannot make it works..
>>> >
>>> > Any more thing that i can test or do??
>>> >
>>> > Thanks
>>> >
>>> > El jue., 16 abr. 2020 a las 14:20, Nasida Yuriy (nasida@live.ru)
>>> escribió:
>>> >>
>>> >> Wow, so many people want to configure kamailio with MS. First
>>> of all i think you need to get sip debug  between kamailio and MS. Kamilio
>>> has module to save sip traces. This way you will get sip debug decrypted.
>>> >>
>>> >>
>>> >> ________________________________
>>> >> От: sr-users sr-users-bounces@lists.kamailio.org от имени
>>> sip user sipuser404@gmail.com
>>> >> Отправлено: 16 апреля 2020 г. 10:19
>>> >> Кому: sr-users@lists.kamailio.org sr-users@lists.kamailio.org
>>> >> Тема: [SR-Users] Kamailio like SBC with Teams
>>> >>
>>> >> Hello good morning ... I am new to this list and I was starting
>>> to mess with Kamailio, mainly to set it up as SBC against Teams, in this
>>> case.
>>> >>
>>> >> But I can't get it to work for me. If I launch a call from the
>>> Teams, in the Kamailio I see:
>>> >>
>>> >> 1.- In syslog:
>>> >>
>>> >> Apr 15 11:11:41 vps793907 kamailio[23122]: 13(23167) DEBUG:
>>> <core> [ip_addr.c:243]: print_ip(): tcpconn_new: new tcp connection:
>>> 52.114.7.24
>>> >> Apr 15 11:11:41 vps793907 kamailio[23122]: 13(23167) DEBUG:
>>> <core> [tcp_main.c:1073]: tcpconn_new(): tcpconn_new: on port 4160, type 3
>>> >> Apr 15 11:11:41 vps793907 kamailio[23122]: 13(23167) DEBUG:
>>> <core> [tcp_main.c:1382]: tcpconn_add(): tcpconn_add: hashes:
>>> 171:1857:1187, 30
>>> >> Apr 15 11:11:41 vps793907 kamailio[23122]: 13(23167) DEBUG:
>>> <core> [io_wait.h:388]: io_watch_add(): DBG: io_watch_add(0xa1f240, 23, 2,
>>> 0x7f90f2438f80), fd_no=17
>>> >> Apr 15 11:11:41 vps793907 kamailio[23122]: 13(23167) DEBUG:
>>> <core> [io_wait.h:610]: io_watch_del(): DBG: io_watch_del (0xa1f240, 23,
>>> -1, 0x0) fd_no=18 called
>>> >> Apr 15 11:11:41 vps793907 kamailio[23122]: 13(23167) DEBUG:
>>> <core> [tcp_main.c:4219]: handle_tcpconn_ev(): tcp: DBG: sending to child,
>>> events 1
>>> >> Apr 15 11:11:41 vps793907 kamailio[23122]: 13(23167) DEBUG:
>>> <core> [tcp_main.c:3902]: send2child(): selected tcp worker 1 10(23159) for
>>> activity on [tls:SBC_IP:5061], 0x7f90f2438f80
>>> >> Apr 15 11:11:41 vps793907 kamailio[23122]: 10(23159) DEBUG:
>>> <core> [tcp_read.c:1507]: handle_io(): received n=8 con=0x7f90f2438f80, fd=9
>>> >> Apr 15 11:11:41 vps793907 kamailio[23122]: 10(23159) DEBUG: tls
>>> [tls_server.c:184]: tls_complete_init(): Using TLS domain TLSs<default>
>>> >> Apr 15 11:11:41 vps793907 kamailio[23122]: 10(23159) DEBUG: tls
>>> [tls_domain.c:700]: sr_ssl_ctx_info_callback(): SSL handshake started
>>> >> Apr 15 11:11:41 vps793907 kamailio[23122]: 10(23159) DEBUG:
>>> <core> [tcp_main.c:2516]: tcpconn_do_send(): tcp_send: sending...
>>> >> Apr 15 11:11:41 vps793907 kamailio[23122]: 10(23159) DEBUG:
>>> <core> [tcp_main.c:2550]: tcpconn_do_send(): tcp_send: after real write: c=
>>> 0x7f90f2438f80 n=1468 fd=9
>>> >> Apr 15 11:11:41 vps793907 kamailio[23122]: 10(23159) DEBUG:
>>> <core> [tcp_main.c:2551]: tcpconn_do_send(): tcp_send: buf=
>>> >> Apr 15 11:11:41 vps793907 kamailio[23122]: #026#003#003
>>> >> Apr 15 11:11:41 vps793907 kamailio[23122]: 10(23159) DEBUG:
>>> <core> [io_wait.h:388]: io_watch_add(): DBG: io_watch_add(0x9c1700, 9, 2,
>>> 0x7f90f2438f80), fd_no=1
>>> >> Apr 15 11:11:42 vps793907 kamailio[23122]: 10(23159) DEBUG:
>>> <core> [tcp_read.c:296]: tcp_read_data(): EOF on 0x7f90f2438f80, FD 9
>>> >> Apr 15 11:11:42 vps793907 kamailio[23122]: 10(23159) DEBUG:
>>> <core> [tcp_read.c:1291]: tcp_read_req(): tcp_read_req: EOF
>>> >> Apr 15 11:11:42 vps793907 kamailio[23122]: 10(23159) DEBUG:
>>> <core> [io_wait.h:610]: io_watch_del(): DBG: io_watch_del (0x9c1700, 9, -1,
>>> 0x10) fd_no=2 called
>>> >> Apr 15 11:11:42 vps793907 kamailio[23122]: 10(23159) DEBUG:
>>> <core> [tcp_read.c:1434]: release_tcpconn(): releasing con 0x7f90f2438f80,
>>> state -1, fd=9, id=30
>>> >> Apr 15 11:11:42 vps793907 kamailio[23122]: 10(23159) DEBUG:
>>> <core> [tcp_read.c:1435]: release_tcpconn():  extra_data 0x7f90f2432b40
>>> >> Apr 15 11:11:42 vps793907 kamailio[23122]: 13(23167) DEBUG:
>>> <core> [tcp_main.c:3331]: handle_tcp_child(): handle_tcp_child: reader
>>> response= 7f90f2438f80, -1 from 1
>>> >> Apr 15 11:11:42 vps793907 kamailio[23122]: 13(23167) DEBUG: tls
>>> [tls_server.c:604]: tls_h_close(): Closing SSL connection 0x7f90f2432b40
>>> >>
>>> >> 2.- With TCPDUMP:
>>> >>
>>> >> 11:13:09.311797 IP SBC_IP .1024 > SBC_IP .eu.sip-tls: Flags
>>> [S], seq 261244614, win 64240, options [mss 1440,nop,wscale
>>> 8,nop,nop,sackOK], length 0
>>> >> 11:13:09.311898 IP  SBC_IP .eu.sip-tls > 52.114.76.76.1024:
>>> Flags [S.], seq 812357247, ack 261244615, win 29200, options [mss
>>> 1460,nop,nop,sackOK,nop,wscale 7], length 0
>>> >> 11:13:09.340358 IP 52.114.76.76.1024 >  SBC_IP .eu.sip-tls:
>>> Flags [.], ack 1, win 2053, length 0
>>> >> 11:13:09.340560 IP 52.114.76.76.1024 > SBC_IP .eu.sip-tls:
>>> Flags [P.], seq 1:187, ack 1, win 2053, length 186
>>> >> 11:13:09.340578 IP SBC_IP .eu.sip-tls > 52.114.76.76.1024:
>>> Flags [.], ack 187, win 237, length 0
>>> >> 11:13:09.341361 IP SBC_IP .eu.sip-tls > 52.114.76.76.1024:
>>> Flags [P.], seq 1:1469, ack 187, win 237, length 1468
>>> >> 11:13:09.369606 IP 52.114.76.76.1024 > SBC_IP .eu.sip-tls:
>>> Flags [.], ack 1469, win 2053, length 0
>>> >> 11:13:12.451498 IP 52.114.7.24.1216 > SBC_IP .eu.sip-tls: Flags
>>> [S], seq 309084204, win 64240, options [mss 1440,nop,wscale
>>> 8,nop,nop,sackOK], length 0
>>> >> 11:13:12.451587 IP SBC_IP .eu.sip-tls > 52.114.7.24.1216: Flags
>>> [S.], seq 3275066862, ack 309084205, win 29200, options [mss
>>> 1460,nop,nop,sackOK,nop,wscale 7], length 0
>>> >> 11:13:12.707119 IP 52.114.7.24.1216 > SBC_IP .eu.sip-tls: Flags
>>> [.], ack 1, win 2053, length 0
>>> >> 11:13:12.707311 IP 52.114.7.24.1216 > SBC_IP .eu.sip-tls: Flags
>>> [P.], seq 1:187, ack 1, win 2053, length 186
>>> >> 11:13:12.707345 IP SBC_IP .eu.sip-tls > 52.114.7.24.1216: Flags
>>> [.], ack 187, win 237, length 0
>>> >> 11:13:12.708273 IP SBC_IP .eu.sip-tls > 52.114.7.24.1216: Flags
>>> [P.], seq 1:1469, ack 187, win 237, length 1468
>>> >> 11:13:12.965101 IP 52.114.7.24.1216 > SBC_IP .eu.sip-tls: Flags
>>> [.], ack 1469, win 2053, length 0
>>> >> 11:13:12.965156 IP 52.114.7.24.1216 > SBC_IP .eu.sip-tls: Flags
>>> [F.], seq 187, ack 1469, win 2053, length 0
>>> >> 11:13:12.965688 IP SBC_IP .eu.sip-tls > 52.114.7.24.1216: Flags
>>> [F.], seq 1469, ack 188, win 237, length 0
>>> >> 11:13:13.220871 IP 52.114.7.24.1216 > SBC_IP .eu.sip-tls: Flags
>>> [.], ack 1470, win 2053, length 0
>>> >>
>>> >> I can't "receive" anything.
>>> >>
>>> >> I have generated the certificates and configured in the tls.cfg
>>> of the Kamailio:
>>> >>
>>> >> [server:default]
>>> >> method = TLSv1.2
>>> >> verify_certificate = no
>>> >> require_certificate = no
>>> >> private_key = /etc/letsencrypt/ssl/cert.key
>>> >> certificate = /etc/letsencrypt/ssl/cert.crt
>>> >> ca_list = /etc/letsencrypt/ssl/ca.crt
>>> >>
>>> >> Within Kamailio itself I have it configured to return a 200
>>> KeepAlive to Teams when it receives an OPTIONS:
>>> >>
>>> >> event_route[tm:local-request] {
>>> >>
>>> >>         if(is_method("OPTIONS") && $ru =~ "
>>> pstnhub.microsoft.com") {
>>> >>                append_hf("Contact: <sip: SBC_DNS
>>> :5061;transport=tls>\r\n");
>>> >>         }
>>> >>         xlog("L_INFO", "Sent out tm request: $mb\n");
>>> >> }
>>> >>
>>> >> And I have measured the record_route for this new one:
>>> >>
>>> >> record_route_preset(" SBC_DNS :5061;transport=tls", " SBC_IP
>>> :5061");
>>> >>
>>> >> I have created a dispatcher.list:
>>> >>
>>> >> # setid(integer) destination(sip uri) flags (integer,
>>> optional), priority(int,opt), attrs (str,optional)
>>> >> 1:1:sip:sip.pstnhub.microsoft.com;transport=tls 0 3
>>> socket=tls: SBC_IP :5061;ping_from= sip:SBC_DNS
>>> >> 2:1:sip:sip2.pstnhub.microsoft.com;transport=tls 0 2
>>> socket=tls: SBC_IP :5061;ping_from=sip: SBC_DNS
>>> >> 3:1:sip:sip3.pstnhub.microsoft.com;transport=tls 0 1
>>> socket=tls: SBC_IP :5061;ping_from=sip: SBC_DNS
>>> >> 4:1:sip:sip-all.pstnhub.microsoft.com;transport=tls 0 1
>>> socket=tls: SBC_IP :5061;ping_from=sip: SBC_DNS
>>> >>
>>> >> I think that one of the problems is that I do not send the
>>> OPTIONS to the Teams well, since it is on their panel, it indicates that
>>> the SBC is INACTIVE.
>>> >>
>>> >> I don't know if you could help me straighten this out a bit ...
>>> >>
>>> >> Thank you so much for everything..
>>> >>
>>> >> a greeting
>>> >> _______________________________________________
>>> >> Kamailio (SER) - Users Mailing List
>>> >> sr-users@lists.kamailio.org
>>> >> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>> >
>>> > _______________________________________________
>>> > Kamailio (SER) - Users Mailing List
>>> > sr-users@lists.kamailio.org
>>> > https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>>
>>>
>>>
>>> --
>>> VoIP Embedded, Inc.
>>> http://www.voipembedded.com
>>>
>>> _______________________________________________
>>> Kamailio (SER) - Users Mailing List
>>> sr-users@lists.kamailio.org
>>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>>
>> _______________________________________________
>> Kamailio (SER) - Users Mailing List
>> sr-users@lists.kamailio.org
>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>
> _______________________________________________
> Kamailio (SER) - Users Mailing List
> sr-users@lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
_______________________________________________
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

Re: [SR-Users] Kamailio like SBC with Teams