Hi SIP User/anonymous/one-time-visitor/,
Your TLS config isn't correct. The article clearly says
verify/require_certificate must be set to 'yes'
*kamcmd tls.list*
Does it show any 'established' connections with MS proxy?
Good luck,
--Sergiu
On Thu, Apr 16, 2020 at 11:41 AM Ovidiu Sas <osas(a)voipembedded.com>
wrote:
The tutorial is pretty clear:
You need to add the Contact header only for OPTIONS pings.
You need to use the proper Record-Route headers based on the direction
of the call.
There's no out of the box solution because each setup is different.
If you understand how loose routing works in SIP, then you know how to
adjust the config to use record_route_preset(), just as explained in
the tutorial. There is also an example of an INVITE that has the right
Record-Route headers in the tutorial.
You can choose to use the FQDN for the Record-Route header facing MS
and the IP for the Record-Route header facing the carrier or use the
FQDN for both Record-Route headers (just like in the tutorialexample).
Alternatively, one can try to advertise the FQDN in the listen
directive in the config and then the Record-Route headers should be
populated automatically.
Regards,
Ovidiu Sas
On Thu, Apr 16, 2020 at 10:50 AM sip user <sipuser404(a)gmail.com> wrote:
Hi Nasida.. Thanks for answerd to me...
I've activarted the debugger module, and I see the same:
Apr 15 11:11:41 vps793907 kamailio[23122]: 13(23167) DEBUG: <core>
[ip_addr.c:243]: print_ip(): tcpconn_new: new tcp connection: 52.114.7.24
Apr 15 11:11:41 vps793907 kamailio[23122]:
13(23167) DEBUG: <core>
[tcp_main.c:1073]: tcpconn_new(): tcpconn_new: on
port 4160, type 3
Apr 15 11:11:41 vps793907 kamailio[23122]:
13(23167) DEBUG: <core>
[tcp_main.c:1382]: tcpconn_add(): tcpconn_add:
hashes: 171:1857:1187, 30
Apr 15 11:11:41 vps793907 kamailio[23122]:
13(23167) DEBUG: <core>
[io_wait.h:388]: io_watch_add(): DBG:
io_watch_add(0xa1f240, 23, 2,
0x7f90f2438f80), fd_no=17
Apr 15 11:11:41 vps793907 kamailio[23122]:
13(23167) DEBUG: <core>
[io_wait.h:610]: io_watch_del(): DBG: io_watch_del
(0xa1f240, 23, -1, 0x0)
fd_no=18 called
Apr 15 11:11:41 vps793907 kamailio[23122]:
13(23167) DEBUG: <core>
[tcp_main.c:4219]: handle_tcpconn_ev(): tcp: DBG:
sending to child, events 1
Apr 15 11:11:41 vps793907 kamailio[23122]:
13(23167) DEBUG: <core>
[tcp_main.c:3902]: send2child(): selected tcp worker
1 10(23159) for
activity on [tls:SBC_IP:5061], 0x7f90f2438f80
Apr 15 11:11:41 vps793907 kamailio[23122]:
10(23159) DEBUG: <core>
[tcp_read.c:1507]: handle_io(): received n=8
con=0x7f90f2438f80, fd=9
Apr 15 11:11:41 vps793907 kamailio[23122]:
10(23159) DEBUG: tls
[tls_server.c:184]: tls_complete_init(): Using TLS domain
TLSs<default>
Apr 15 11:11:41 vps793907 kamailio[23122]:
10(23159) DEBUG: tls
[tls_domain.c:700]: sr_ssl_ctx_info_callback(): SSL handshake
started
Apr 15 11:11:41 vps793907 kamailio[23122]:
10(23159) DEBUG: <core>
[tcp_main.c:2516]: tcpconn_do_send(): tcp_send:
sending...
Apr 15 11:11:41 vps793907 kamailio[23122]:
10(23159) DEBUG: <core>
[tcp_main.c:2550]: tcpconn_do_send(): tcp_send: after
real write: c=
0x7f90f2438f80 n=1468 fd=9
Apr 15 11:11:41 vps793907 kamailio[23122]:
10(23159) DEBUG: <core>
[tcp_main.c:2551]: tcpconn_do_send(): tcp_send: buf=
> Apr 15 11:11:41 vps793907 kamailio[23122]: #026#003#003
Apr 15 11:11:41 vps793907 kamailio[23122]:
10(23159) DEBUG: <core>
[io_wait.h:388]: io_watch_add(): DBG:
io_watch_add(0x9c1700, 9, 2,
0x7f90f2438f80), fd_no=1
Apr 15 11:11:42 vps793907 kamailio[23122]:
10(23159) DEBUG: <core>
[tcp_read.c:296]: tcp_read_data(): EOF on
0x7f90f2438f80, FD 9
Apr 15 11:11:42 vps793907 kamailio[23122]:
10(23159) DEBUG: <core>
[tcp_read.c:1291]: tcp_read_req(): tcp_read_req: EOF
Apr 15 11:11:42 vps793907 kamailio[23122]:
10(23159) DEBUG: <core>
[io_wait.h:610]: io_watch_del(): DBG: io_watch_del
(0x9c1700, 9, -1, 0x10)
fd_no=2 called
Apr 15 11:11:42 vps793907 kamailio[23122]:
10(23159) DEBUG: <core>
[tcp_read.c:1434]: release_tcpconn(): releasing con
0x7f90f2438f80, state
-1, fd=9, id=30
Apr 15 11:11:42 vps793907 kamailio[23122]:
10(23159) DEBUG: <core>
[tcp_read.c:1435]: release_tcpconn(): extra_data
0x7f90f2432b40
Apr 15 11:11:42 vps793907 kamailio[23122]:
13(23167) DEBUG: <core>
[tcp_main.c:3331]: handle_tcp_child():
handle_tcp_child: reader response=
7f90f2438f80, -1 from 1
Apr 15 11:11:42 vps793907 kamailio[23122]:
13(23167) DEBUG: tls
[tls_server.c:604]: tls_h_close(): Closing SSL connection
0x7f90f2432b40
I don't see any different.
I know that the module is loaded because I see:
exec: *** cfgtrace:request_route=[DEFAULT_ROUTE]
c=[/etc/kamailio/kamailio.cfg]
l=486 a=5 n=route
When I restart kamailio, but when I "launch" a call from Teams to my
Kamailio I only see that.
To configure it, I follow
https://skalatan.de/en/blog/kamailio-sbc-teams.. But I
cannot make it
works..
Any more thing that i can test or do??
Thanks
El jue., 16 abr. 2020 a las 14:20, Nasida Yuriy (<nasida(a)live.ru>)
escribió:
>
> Wow, so many people want to configure kamailio with MS. First of all
i think
you need to get sip debug between kamailio and MS. Kamilio has
module to save sip traces. This way you will get sip debug decrypted.
>
>
> ________________________________
> От: sr-users <sr-users-bounces(a)lists.kamailio.org> от имени sip user
<sipuser404(a)gmail.com>
> Отправлено: 16 апреля 2020 г. 10:19
> Кому: sr-users(a)lists.kamailio.org <sr-users(a)lists.kamailio.org>
> Тема: [SR-Users] Kamailio like SBC with Teams
>
> Hello good morning ... I am new to this list and I was starting to
mess with
Kamailio, mainly to set it up as SBC against Teams, in this case.
>
> But I can't get it to work for me. If I launch a call from the Teams,
in
the Kamailio I see:
>
> 1.- In syslog:
>
> Apr 15 11:11:41 vps793907 kamailio[23122]: 13(23167) DEBUG: <core>
[ip_addr.c:243]: print_ip(): tcpconn_new: new tcp connection: 52.114.7.24
> Apr 15 11:11:41 vps793907 kamailio[23122]:
13(23167) DEBUG: <core>
[tcp_main.c:1073]: tcpconn_new(): tcpconn_new: on
port 4160, type 3
> Apr 15 11:11:41 vps793907 kamailio[23122]:
13(23167) DEBUG: <core>
[tcp_main.c:1382]: tcpconn_add(): tcpconn_add:
hashes: 171:1857:1187, 30
> Apr 15 11:11:41 vps793907 kamailio[23122]:
13(23167) DEBUG: <core>
[io_wait.h:388]: io_watch_add(): DBG:
io_watch_add(0xa1f240, 23, 2,
0x7f90f2438f80), fd_no=17
> Apr 15 11:11:41 vps793907 kamailio[23122]:
13(23167) DEBUG: <core>
[io_wait.h:610]: io_watch_del(): DBG: io_watch_del
(0xa1f240, 23, -1, 0x0)
fd_no=18 called
> Apr 15 11:11:41 vps793907 kamailio[23122]:
13(23167) DEBUG: <core>
[tcp_main.c:4219]: handle_tcpconn_ev(): tcp: DBG:
sending to child, events 1
> Apr 15 11:11:41 vps793907 kamailio[23122]:
13(23167) DEBUG: <core>
[tcp_main.c:3902]: send2child(): selected tcp worker
1 10(23159) for
activity on [tls:SBC_IP:5061], 0x7f90f2438f80
> Apr 15 11:11:41 vps793907 kamailio[23122]:
10(23159) DEBUG: <core>
[tcp_read.c:1507]: handle_io(): received n=8
con=0x7f90f2438f80, fd=9
> Apr 15 11:11:41 vps793907 kamailio[23122]:
10(23159) DEBUG: tls
[tls_server.c:184]: tls_complete_init(): Using TLS domain
TLSs<default>
> Apr 15 11:11:41 vps793907 kamailio[23122]:
10(23159) DEBUG: tls
[tls_domain.c:700]: sr_ssl_ctx_info_callback(): SSL handshake
started
> Apr 15 11:11:41 vps793907 kamailio[23122]:
10(23159) DEBUG: <core>
[tcp_main.c:2516]: tcpconn_do_send(): tcp_send:
sending...
> Apr 15 11:11:41 vps793907 kamailio[23122]:
10(23159) DEBUG: <core>
[tcp_main.c:2550]: tcpconn_do_send(): tcp_send: after
real write: c=
0x7f90f2438f80 n=1468 fd=9
> Apr 15 11:11:41 vps793907 kamailio[23122]:
10(23159) DEBUG: <core>
[tcp_main.c:2551]: tcpconn_do_send(): tcp_send: buf=
>> Apr 15 11:11:41 vps793907 kamailio[23122]: #026#003#003
> Apr 15 11:11:41 vps793907 kamailio[23122]:
10(23159) DEBUG: <core>
[io_wait.h:388]: io_watch_add(): DBG:
io_watch_add(0x9c1700, 9, 2,
0x7f90f2438f80), fd_no=1
> Apr 15 11:11:42 vps793907 kamailio[23122]:
10(23159) DEBUG: <core>
[tcp_read.c:296]: tcp_read_data(): EOF on
0x7f90f2438f80, FD 9
> Apr 15 11:11:42 vps793907 kamailio[23122]:
10(23159) DEBUG: <core>
[tcp_read.c:1291]: tcp_read_req(): tcp_read_req: EOF
> Apr 15 11:11:42 vps793907 kamailio[23122]:
10(23159) DEBUG: <core>
[io_wait.h:610]: io_watch_del(): DBG: io_watch_del
(0x9c1700, 9, -1, 0x10)
fd_no=2 called
> Apr 15 11:11:42 vps793907 kamailio[23122]:
10(23159) DEBUG: <core>
[tcp_read.c:1434]: release_tcpconn(): releasing con
0x7f90f2438f80, state
-1, fd=9, id=30
> Apr 15 11:11:42 vps793907 kamailio[23122]:
10(23159) DEBUG: <core>
[tcp_read.c:1435]: release_tcpconn(): extra_data
0x7f90f2432b40
> Apr 15 11:11:42 vps793907 kamailio[23122]:
13(23167) DEBUG: <core>
[tcp_main.c:3331]: handle_tcp_child():
handle_tcp_child: reader response=
7f90f2438f80, -1 from 1
> Apr 15 11:11:42 vps793907 kamailio[23122]:
13(23167) DEBUG: tls
[tls_server.c:604]: tls_h_close(): Closing SSL connection
0x7f90f2432b40
>
> 2.- With TCPDUMP:
>
> 11:13:09.311797 IP SBC_IP .1024 > SBC_IP .eu.sip-tls: Flags [S], seq
261244614, win 64240, options [mss 1440,nop,wscale 8,nop,nop,sackOK],
length 0
> 11:13:09.311898 IP SBC_IP .eu.sip-tls >
52.114.76.76.1024: Flags
[S.], seq 812357247, ack 261244615, win 29200, options
[mss
1460,nop,nop,sackOK,nop,wscale 7], length 0
> 11:13:09.340358 IP 52.114.76.76.1024 >
SBC_IP .eu.sip-tls: Flags
[.], ack 1, win 2053, length 0
> 11:13:09.340560 IP 52.114.76.76.1024 >
SBC_IP .eu.sip-tls: Flags
[P.], seq 1:187, ack 1, win 2053, length 186
> 11:13:09.340578 IP SBC_IP .eu.sip-tls >
52.114.76.76.1024: Flags [.],
ack 187, win 237, length 0
> 11:13:09.341361 IP SBC_IP .eu.sip-tls >
52.114.76.76.1024: Flags
[P.], seq 1:1469, ack 187, win 237, length 1468
> 11:13:09.369606 IP 52.114.76.76.1024 >
SBC_IP .eu.sip-tls: Flags [.],
ack 1469, win 2053, length 0
> 11:13:12.451498 IP 52.114.7.24.1216 >
SBC_IP .eu.sip-tls: Flags [S],
seq 309084204, win 64240, options [mss
1440,nop,wscale 8,nop,nop,sackOK],
length 0
> 11:13:12.451587 IP SBC_IP .eu.sip-tls >
52.114.7.24.1216: Flags [S.],
seq 3275066862, ack 309084205, win 29200, options
[mss
1460,nop,nop,sackOK,nop,wscale 7], length 0
> 11:13:12.707119 IP 52.114.7.24.1216 >
SBC_IP .eu.sip-tls: Flags [.],
ack 1, win 2053, length 0
> 11:13:12.707311 IP 52.114.7.24.1216 >
SBC_IP .eu.sip-tls: Flags [P.],
seq 1:187, ack 1, win 2053, length 186
> 11:13:12.707345 IP SBC_IP .eu.sip-tls >
52.114.7.24.1216: Flags [.],
ack 187, win 237, length 0
> 11:13:12.708273 IP SBC_IP .eu.sip-tls >
52.114.7.24.1216: Flags [P.],
seq 1:1469, ack 187, win 237, length 1468
> 11:13:12.965101 IP 52.114.7.24.1216 >
SBC_IP .eu.sip-tls: Flags [.],
ack 1469, win 2053, length 0
> 11:13:12.965156 IP 52.114.7.24.1216 >
SBC_IP .eu.sip-tls: Flags [F.],
seq 187, ack 1469, win 2053, length 0
> 11:13:12.965688 IP SBC_IP .eu.sip-tls >
52.114.7.24.1216: Flags [F.],
seq 1469, ack 188, win 237, length 0
> 11:13:13.220871 IP 52.114.7.24.1216 >
SBC_IP .eu.sip-tls: Flags [.],
ack 1470, win 2053, length 0
>
> I can't "receive" anything.
>
> I have generated the certificates and configured in the tls.cfg of
the
Kamailio:
>
> [server:default]
> method = TLSv1.2
> verify_certificate = no
> require_certificate = no
> private_key = /etc/letsencrypt/ssl/cert.key
> certificate = /etc/letsencrypt/ssl/cert.crt
> ca_list = /etc/letsencrypt/ssl/ca.crt
>
> Within Kamailio itself I have it configured to return a 200 KeepAlive
to Teams
when it receives an OPTIONS:
>
> event_route[tm:local-request] {
>
> if(is_method("OPTIONS") && $ru =~
"pstnhub.microsoft.com") {
> append_hf("Contact: <sip: SBC_DNS
:5061;transport=tls>\r\n");
> }
> xlog("L_INFO", "Sent out tm request: $mb\n");
> }
>
> And I have measured the record_route for this new one:
>
> record_route_preset(" SBC_DNS :5061;transport=tls", " SBC_IP
:5061");
>
> I have created a dispatcher.list:
>
> # setid(integer) destination(sip uri) flags (integer, optional),
priority(int,opt), attrs (str,optional)
>
1:1:sip:sip.pstnhub.microsoft.com;transport=tls 0 3 socket=tls:
SBC_IP
:5061;ping_from= sip:SBC_DNS
>
2:1:sip:sip2.pstnhub.microsoft.com;transport=tls 0 2 socket=tls:
SBC_IP
:5061;ping_from=sip: SBC_DNS
>
3:1:sip:sip3.pstnhub.microsoft.com;transport=tls 0 1 socket=tls:
SBC_IP
:5061;ping_from=sip: SBC_DNS
>
4:1:sip:sip-all.pstnhub.microsoft.com;transport=tls 0 1 socket=tls:
SBC_IP
:5061;ping_from=sip: SBC_DNS
>
> I think that one of the problems is that I do not send the OPTIONS to
the
Teams well, since it is on their panel, it indicates that the SBC is
INACTIVE.
>
> I don't know if you could help me straighten this out a bit ...
>
> Thank you so much for everything..
>
> a greeting
> _______________________________________________
> Kamailio (SER) - Users Mailing List
> sr-users(a)lists.kamailio.org
>
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
_______________________________________________
Kamailio (SER) - Users Mailing List
sr-users(a)lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
--
VoIP Embedded, Inc.
http://www.voipembedded.com
_______________________________________________
Kamailio (SER) - Users Mailing List
sr-users(a)lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
_______________________________________________
Kamailio (SER) - Users Mailing List
sr-users(a)lists.kamailio.org