Hello,
I'm using Kamailio ver. 5.8.4. I configured the ims_ipsec_pcscf with
modparam("ims_ipsec_pcscf", "ipsec_max_connections", 1)
and call ipsec_forward with flag = IPSEC_FORWARD_FLAGS
where :
# - IPSEC_SEND_FORCE_SOCKET 1 # - IPSEC_FORWARD_USEVIA 256 #!define IPSEC_FORWARD_FLAGS 257
For the UE REGISTRATION I have the following flow
UE PCSCF_GM_IMS REGISTER (32133) ------------------> (5060) 100 Trying (32133) <------------------ (5060) 401 Unauthorized (32133) <------------------ (5060) REGISTER (TCP) (PORT_UC) ------------------> (PORT_PS) 100 Trying (TCP) (PORT_UC) <------------------ (PORT_PS) 200 OK (TCP) (PORT_UC) <------------------ (PORT_PS) ------------------------------------------------------------------ SUBSCRIBE (UDP) (PORT_UC) ------------------> (PORT_PS) 200 Subscription (UDP) (PORT_US) <------------------ (PORT_PC) NOTIFY (UDP) (PORT_US) <------------------ (PORT_PC) 200 OK (UDP) (PORT_UC) ------------------> (PORT_PC) NOTIFY (UDP) (PORT_US) <------------------ (PORT_PC) 200 OK (UDP) (PORT_UC) ------------------> (PORT_PC) NOTIFY (UDP) (PORT_US) <------------------ (PORT_PC) 200 OK (UDP) (PORT_UC) ------------------> (PORT_PC)
The SUBSCRIBE behavior is correct : PCSCF receives message on PORT_PS and sends on PORT_PC The NOTIFY behavior is wrong: PCSCF send from PORT_PC (correct), but UE respond towards PORT_PC, defined in the Via of the NOTIFY.
I know I can use the set_advertised_port() function, and in this case can work, but the function is taking a constant as a parameter, not a variable. This is causing a problem when ipsec_max_connections > 1. In that case it won't be easy to pass the correct port. I was wondering if the ipsec module should properly set the VIA port to the correct PORT_PS, rather than leaving the setting of the correct port by the kamailio.cfg.
Do you have any hints on that?
Thanks