Hi,
I'm working on a custom IMS deployment using the pcscf module in Kamailio. For our setup, we do not want Kamailio to handle IPsec or generate Security-Server headers in 401/407 responses.
Is there a clean way to disable IPsec functionality entirely in the pcscf module?
Specifically, I would like to:
Prevent the module from requiring IPsec setup during UE registration
Avoid any modification of SIP messages related to IPsec (e.g., removing Security-Verify, Security-Client, or Security-Server headers)
Use only TLS or UDP without IPsec involvement
Has anyone achieved this via configuration or by disabling specific features?
Any guidance or examples would be greatly appreciated.
*Regards,Navjyoty*
Hello,
I am not aware of any possibility, but I don’t use that particular module that often.
Did you had already a look to the code? If there is a way, it certainly should be documented in the module README. If there are some additional switches that can be added to the code, a pull-request is of course also welcome.
Cheers,
Henning
From: Navjyoty Singh via sr-users sr-users@lists.kamailio.org Sent: Montag, 2. Juni 2025 05:19 To: sr-users@lists.kamailio.org Cc: Navjyoty Singh navjyotysingh@gmail.com Subject: [SR-Users] Disable IPSec in Kamailio PCSCF
Hi,
I'm working on a custom IMS deployment using the pcscf module in Kamailio. For our setup, we do not want Kamailio to handle IPsec or generate Security-Server headers in 401/407 responses.
Is there a clean way to disable IPsec functionality entirely in the pcscf module?
Specifically, I would like to:
Prevent the module from requiring IPsec setup during UE registration
Avoid any modification of SIP messages related to IPsec (e.g., removing Security-Verify, Security-Client, or Security-Server headers)
Use only TLS or UDP without IPsec involvement
Has anyone achieved this via configuration or by disabling specific features?
Any guidance or examples would be greatly appreciated.
Regards, Navjyoty
-
Henning Westerholt -
Navjyoty Singh