[SR-Users] Plz help: MSILO on TLS + cert based client auth enabled server

Daniel-Constantin Mierla miconda at gmail.com
Tue Jul 29 14:15:37 CEST 2014 

Hello,

the typical way a dumped message is routed:

- from msilo is sent back to same instance of kamailio via udp
- kamailio receives it and does lookup("location") to figure out where 
to sent it

Be sure that you allow looped requests without authentication. 
Eventaully you can run kamailio with debug=3 and watch the messages in 
the syslog for more details.

Cheers,
Daniel

On 24/06/14 14:03, Marc M. wrote:
> Hi,
>
> I have a SIP server with TLS + client certificate based authentication.
> The server is listening for SIP(UDP) on port 5060, and for SIPS(TLS) 
> on port 5061)
> The client certificate based authentication is enforced on port 5061.
> I would like to fire up MSILO and face now a strange problem:
>
> At each REGISTER, the stored messages get dumped.
> Dumped messages get sent to the clients from senders logged in over 
> port 5060(UDP) as SIP:xxxxxxxxx at xx.xx.xx.xx
>
> however
>
> Dumped messages are NOT sent to clients from senders logged in on port 
> 5061(TLS) as SIPS:xxxxxxxx at xx.xx.xx.xx
>
> It looks like the messages get dumped so M-dump() is working, but they 
> will never enter the route.
> I would assume TLS is stopping the dumped messages to entering the 
> route logic.
>
> I would either
> 1. somehow force m_dump() to pipe the messages over SIP(and not SIPS), or
> 2. disable client auth for messages recieved from local ip
>
>
> Can you help me how to proceed? What would be the correct approach?
> Can you help me with either 1 or 2.
>
>  You help is greatly appreciated!!!
>
> Marc
>
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users

-- 
Daniel-Constantin Mierla - http://www.asipto.com
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20140729/d52c7c9b/attachment.html>

More information about the sr-users mailing list