[Kamailio-Users] Problem with secure TLS call

Klaus Darilion klaus.mailinglists at pernau.at
Mon Mar 22 10:24:54 CET 2010


I guess the problem is sending the SIP requests to the client. Usually 
if a client uses TCP or TLS, the address information in the Contact 
header is wrong. The proxy should be configured to use the established 
TCP/TLS connection (established by the client during registration) for 
sending of all requests and responses to the client.

Therefore you should:
1. use force_rport for all requests
2. use the functions add_contact_alias() and  handle_ruri_alias() to fix 
the signalling

regards
klaus

Am 21.03.2010 21:02, schrieb Detlef Pilzecker:
> Hi,
> I am using
> kamailio 3.0.1 (x86_64/linux) 0822a9
> flags: STATS: Off, USE_IPV6, USE_TCP, USE_TLS, TLS_HOOKS, DISABLE_NAGLE,
> USE_MCAST, DNS_IP_HACK, SHM_MEM, SHM_MMAP, PKG_MALLOC, F_MALLOC,
> USE_FUTEX, FAST_LOCK-ADAPTIVE_WAIT, USE_DNS_CACHE, USE_DNS_FAILOVER,
> USE_NAPTR, USE_DST_BLACKLIST, HAVE_RESOLV_RES
> ADAPTIVE_WAIT_LOOPS=1024, MAX_RECV_BUFFER_SIZE 262144, MAX_LISTEN 16,
> MAX_URI_SIZE 1024, BUF_SIZE 65535
> poll method support: poll, epoll_lt, epoll_et, sigio_rt, select.
> and I am using the client "PhonerLite" (http://www.phonerlite.de).
> The phone is registered on my server with TLS.
> If I call someone or myself I get an error message. What is wrong with
> my server? (TLS calls with PhonerLite with the provider antisip.com are
> possible without problems!)
> With UDP calling myself I get "486:Busy Here" on the phone, this is OK
> and normal.
> With TLS I get "477:Unfortunately error on sending to next hop
> occurred(477/SL)" on the phone and some ERROR messages like the
> following on the kamailio.log (you can see the rest of the log in the
> attached zip):
> Mar 21 20:24:00 vs208140 /usr/local/sbin/kamailio[20013]: DEBUG: <core>
> [msg_translator.c:200]: check_via_address(95.90.205.74, 95.90.205.74, 0)
> Mar 21 20:24:00 vs208140 /usr/local/sbin/kamailio[20013]: DEBUG: <core>
> [tcp_main.c:1786]: tcp_send: no open tcp connection found, opening new one
> Mar 21 20:24:10 vs208140 /usr/local/sbin/kamailio[20013]: ERROR: <core>
> [tcp_main.c:618]: connect 95.90.205.74:5061 failed (timeout)
> Mar 21 20:24:10 vs208140 /usr/local/sbin/kamailio[20013]: ERROR: <core>
> [tcp_main.c:621]: ERROR: tcp_blocking_connect 95.90.205.74:5061: timeout
> 10 s elapsed from 10 s
> Mar 21 20:24:10 vs208140 /usr/local/sbin/kamailio[20013]: ERROR: <core>
> [tcp_main.c:1168]: ERROR: tcp_do_connect: tcp_blocking_connect
> 95.90.205.74:5061 failed
> Mar 21 20:24:10 vs208140 /usr/local/sbin/kamailio[20013]: ERROR: <core>
> [tcp_main.c:1237]: ERROR: tcp_do_connect 95.90.205.74:5061: failed (115)
> Operation now in progress
> Mar 21 20:24:10 vs208140 /usr/local/sbin/kamailio[20013]: ERROR: <core>
> [tcp_main.c:1955]: ERROR: tcp_send 95.90.205.74:5061: connect failed
> Mar 21 20:24:10 vs208140 /usr/local/sbin/kamailio[20013]: ERROR: tm
> [../../forward.h:191]: msg_send: ERROR: tcp_send failed
> The kamailio.cfg file is also in the zip attached.
> The PC is connected with the router (I opened the TCP ports 5060-5062)
> that is connected to the Internet. The problem also happens if I disable
> the firewall of the server and of the PC.
> Can someone give me help?
> Thanks in advance!
> Regards
> Detlef Pilzecker
>
>
>
> _______________________________________________
> Kamailio (OpenSER) - Users mailing list
> Users at lists.kamailio.org
> http://lists.kamailio.org/cgi-bin/mailman/listinfo/users
> http://lists.openser-project.org/cgi-bin/mailman/listinfo/users




More information about the sr-users mailing list