[SR-Users] Enforced TLS, still some packets are through UDP

Daniel-Constantin Mierla miconda at gmail.com
Fri Nov 30 09:16:49 CET 2012 

Hello,

On 11/29/12 1:32 PM, Freddy C wrote:
>
> Hi,
>
> TLS work on TCP 5061
> To view the header you can use $ hdr (HEADER_NAME).
>
> Not much English, sorry.
>
>
>
> 2012/11/29 Kamal Palei <palei.kamal at gmail.com 
> <mailto:palei.kamal at gmail.com>>
>
>     Dear All
>     I ma trying to have all SIP signalling through TLS. Using Kamailio
>     3.1.5.
>
>     In a typical setup, endpoints initiates call, messages reach
>     Kamailio proxy, Kamailio proxy forwards these packets to main proxy.
>
>     In Kamailio.cfg, I have added below code.
>
>
>     route {
>
>             # per request initial checks
>             route(REQINIT);
>             setflag(FLT_NATS);
>
>             if(is_method("REGISTER"))
>             {
>                     t_relay_to("tls:115.114.48.19:443
>     <http://115.114.48.19:443>");
>                     exit();
>             }
>             else
>             {
>                     xlog("incoming request\n");
>
>                     route(WITHINDLG);
>                     route(RTPPROXY);
>                     t_on_reply("REPLY_ONE");
>                     t_on_failure("FAIL_ONE");
>                     t_relay_to("tls:115.114.48.19:443
>     <http://115.114.48.19:443>");
>                     exit();
>             }
>
>     ..............
>
>     I am finding most of the messages are getting transmitted in TLS.
>     But few ACK and REFER / REFER response packets are still being
>     transported in UDP.
>
>     Can somebody tell me whats the wrong I am doing here.
>
>     By any chance
>                     route(WITHINDLG);
>                     route(RTPPROXY);
>
>     before t_relay_to("tls:115.114.48.19:443 <http://115.114.48.19:443>");
>
>     can cause this ????
>

If you are using route[WITHINDLG] from default config file, then the 
request are route via it if they have To tag and record route. The 
transport protocol is chosen based on next hop address.

Cheers,
Daniel

>
>
>     And one more doubt.., 115.114.48.19 I get in route header. How can
>     I extract the value of route header, so that I do not have to
>     hard-code
>
>     Many thanks in advance.
>
>     -kamal
>
>
>     _______________________________________________
>     SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing
>     list
>     sr-users at lists.sip-router.org <mailto:sr-users at lists.sip-router.org>
>     http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
>
>
>
>
> -- 
>
> /Freddy Condori Chura
> Ingeniero Civil en Computación e Informática
> Magister en Ingeniería de Software/
>
>
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users

-- 
Daniel-Constantin Mierla - http://www.asipto.com
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20121130/868e566e/attachment.htm>

More information about the sr-users mailing list