[SR-Users] Problem with TLS
Daniel-Constantin Mierla
miconda at gmail.com
Mon Jun 11 12:32:21 CEST 2018
Hello,
can you paste here the 200OK for INVITE sent out by kamailio and the ACK
received by kamailio?
Cheers,
Daniel
On 11.06.18 09:51, Arik Halperin wrote:
> Daniel, Thank you!
>
> You are right about this.
>
> I configured PJSIP not to check whether the contact contains SIPS.
>
> This solved the problem on one of my setups where I have one NIC that
> has a public IP.
>
> However on the original setup, the kamailio has one public IP and one
> private IP. In that setup, the ACK to the 200 OK is not forwarded over
> the private IP to the freeswitch. This only happens in TLS, when I
> work with TCP it works well. I believe it is somehow connected to the
> record route, and I’m looking into PJSIP to try to find the answer,
> but is there anything I could do in the kamailio?
>
> I have the same problems with other SIP clients(Bria for example)
>
>
> Thanks,
> Arik Halperin
>
>> On 11 Jun 2018, at 9:43, Daniel-Constantin Mierla <miconda at gmail.com
>> <mailto:miconda at gmail.com>> wrote:
>>
>> Hello,
>>
>> Kamailio is not involved in the issue reported here. Practically,
>> pjsip expects sips: scheme in the contact URI, which was set by
>> FreeSwitch in 200ok. Maybe there is an option that you have to turn
>> on for FreeSwitch to use sips: scheme.
>>
>> Otherwise, you can try to replace sip with sips in kamailio config
>> and do the reverse the other way.
>>
>> Cheers,
>> Daniel
>>
>>
>> On 05.06.18 06:56, Arik Halperin wrote:
>>> Hello,
>>>
>>> I’m using TLS
>>>
>>> After receiving 200OK from kamailio:
>>>
>>> r2voip.clear2voipdialer I/(NativeSdk_2_0) 1528174138320 PJSIP:
>>> (NativeSdk_2_0) 1528174138320 PJSIP:2018-05 07:48:58.319
>>> pjsua_core.c RX 2203 bytes Response msg 200/INVITE/cseq=8107
>>> (rdata0x7a2c56fb38) from TLS 70.36.25.65:443:
>>>
>>> SIP/2.0 200 OK
>>>
>>> Via: SIP/2.0/TLS
>>> 10.134.232.109:44097;received=109.253.173.146;rport=31373;branch=z9hG4bKPj4MV5llP9SW5ufk-OcFB-Qh78PmIQFrRk;alias
>>>
>>> Record-Route:
>>> <sips:10.168.10.227:5099;r2=on;lr=on;ftag=mgMLDFMLmCZGzcpASoODG8XgeFJVtcRO;nat=yes>
>>>
>>> Record-Route:
>>> <sips:70.36.25.65:443;transport=tls;r2=on;lr=on;ftag=mgMLDFMLmCZGzcpASoODG8XgeFJVtcRO;nat=yes>
>>>
>>> From: "number"
>>> <sips:972523391991 at XXXXXXX.com
>>> <mailto:972523391991 at kamprod.telemessage.com>>;tag=mgMLDFMLmCZGzcpASoODG8XgeFJVtcRO
>>>
>>> To:
>>> <sips:1111111 at XXXXXX.com
>>> <mailto:1111111 at kamprod.telemessage.com>>;tag=64H63g861ajHj
>>>
>>> Call-ID:
>>> Sq4jR85o3Caz2XTXo-71FKAdbJ1x9vz2
>>>
>>> CSeq: 8107 INVITE
>>>
>>> Contact:
>>> <sip:1111111 at 10.168.10.200:5080;transport=tls>
>>>
>>> User-Agent:
>>> FreeSWITCH-mod_sofia/1.6.20+git~20180123T214909Z~987c9b9a2a~64bit
>>>
>>> Accept: application/sdp
>>>
>>> Allow: INVITE, ACK, BYE,
>>> CANCEL, OPTIONS, MESSAGE, INFO, UPDATE, REGISTER, REFER, NOTIFY
>>>
>>> Require: timer
>>>
>>> Supported: ti
>>>
>>>
>>> *PJSIP responds with:*
>>> *
>>> *
>>> *Secure dialog requires SIPS scheme in Contact and Record-Route
>>> headers, ending the session*
>>> *
>>> *
>>> What is the reason for this? How can I fix this issue?
>>>
>>> Thanks,
>>> Arik Halperin
>>>
>>>
>>> _______________________________________________
>>> Kamailio (SER) - Users Mailing List
>>> sr-users at lists.kamailio.org
>>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>
>> --
>> Daniel-Constantin Mierla -- www.asipto.com
>> www.twitter.com/miconda -- www.linkedin.com/in/miconda
>> Kamailio World Conference -- www.kamailioworld.com
>
--
Daniel-Constantin Mierla -- www.asipto.com
www.twitter.com/miconda -- www.linkedin.com/in/miconda
Kamailio World Conference -- www.kamailioworld.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20180611/999037b7/attachment.html>
More information about the sr-users
mailing list