Hello Mailinglist,
i try to figure out, how to solve RE-INVITES and SRTP:
i have an kamailio route names route[MEDIAPROXY] that i used to controll rtpengine in an private and public ip setup. This works fine for me now.
It use the permission module and the adress table to figure out $var(mediagroup) = allow_address_group($Ri, 0); received from internal or external ip. The idea is from SBC-OS chamless stolen, so thanks for that.
So fare so good. I adapted SRTP also to this. But on RE-INVITES it stops handling SRTP correctly to the encryption upstream. And i am sure, its my fault. But i have no clue how to detect that correctly.
Any hints where i can read more about an correct handling on this?
Here my main-config file / kamailio 5.3.x and rtpengine. https://gist.github.com/khorsmann/02bd98a628a190caee68fc3d876a3448
Can you give an example of SIP trace where it's not working as expected?
Cause reading through config will not help much without setting up a lab. On Nov 7 2019, at 11:27 am, Karsten Horsmann khorsmann@gmail.com wrote:
Hello Mailinglist,
i try to figure out, how to solve RE-INVITES and SRTP:
i have an kamailio route names route[MEDIAPROXY] that i used to controll rtpengine in an private and public ip setup. This works fine for me now.
It use the permission module and the adress table to figure out $var(mediagroup) = allow_address_group($Ri, 0); received from internal or external ip.
The idea is from SBC-OS chamless stolen, so thanks for that.
So fare so good. I adapted SRTP also to this. But on RE-INVITES it stops handling SRTP correctly to the encryption upstream. And i am sure, its my fault. But i have no clue how to detect that correctly.
Any hints where i can read more about an correct handling on this?
Here my main-config file / kamailio 5.3.x and rtpengine. https://gist.github.com/khorsmann/02bd98a628a190caee68fc3d876a3448
-- Mit freundlichen Grüßen *Karsten Horsmann*
Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Hi Igor, hi kamailions,
i create an kamailio logfile with sipflow via $mb. Its corresponding to the kamailio.cfg in this thread. Callflow is B2BUA 172.20.170.1 --> 172.20.120.59 --> 172.20.120.101/212.XX.XX.XXX --> MS-Teams.
172.20.170.1 B2BUA, unencrypted media 172.20.120.59 INTERNAL SIP-ROUTER (no problems, no media)
SBC/Kamailio 172.20.120.101 (internal) 212.XX.XX.XXX (external)
After successful connection i press the "on hold" button in MS-Teams chat to force an RE-INVITE. Here you see the 200 OK without SRTP to MS-TEAMS
https://gist.github.com/khorsmann/9951b02f03970d45bafb0b59d26d6a02#file-kama... 200 OK without SRTP
https://gist.github.com/khorsmann/9951b02f03970d45bafb0b59d26d6a02#file-kama... REASON: Q.850;cause=79;text="InternalDiagCode: SrtpEncryptionRequired, InternalErrorPhrase: Remote did not offer required SRTP"
Cheers Karsten
Am Do., 7. Nov. 2019 um 12:01 Uhr schrieb Igor Olhovskiy < igorolhovskiy@gmail.com>:
Can you give an example of SIP trace where it's not working as expected?
Cause reading through config will not help much without setting up a lab.
On Nov 7 2019, at 11:27 am, Karsten Horsmann khorsmann@gmail.com wrote:
Hello Mailinglist,
i try to figure out, how to solve RE-INVITES and SRTP:
i have an kamailio route names route[MEDIAPROXY] that i used to controll rtpengine in an private and public ip setup. This works fine for me now.
It use the permission module and the adress table to figure out $var(mediagroup) = allow_address_group($Ri, 0); received from internal or external ip. The idea is from SBC-OS chamless stolen, so thanks for that.
So fare so good. I adapted SRTP also to this. But on RE-INVITES it stops handling SRTP correctly to the encryption upstream. And i am sure, its my fault. But i have no clue how to detect that correctly.
Any hints where i can read more about an correct handling on this?
Here my main-config file / kamailio 5.3.x and rtpengine. https://gist.github.com/khorsmann/02bd98a628a190caee68fc3d876a3448
-- Mit freundlichen Grüßen *Karsten Horsmann* _______________________________________________ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
-
Igor Olhovskiy -
Karsten Horsmann