[SR-Users] Kamailio like SBC with Teams
sip user
sipuser404 at gmail.com
Tue Apr 21 10:41:29 CEST 2020
Thanks Sergiu..
It works for me.
Now, when I make a call from Teams, in syslog I see:
Apr 21 10:39:39 vps793907 /usr/sbin/kamailio[20651]: DEBUG: <core>
[parser/msg_parser.c:623]: parse_msg(): SIP Request:
Apr 21 10:39:39 vps793907 /usr/sbin/kamailio[20651]: DEBUG: <core>
[parser/msg_parser.c:625]: parse_msg(): method: <ACK>
Apr 21 10:39:39 vps793907 /usr/sbin/kamailio[20651]: DEBUG: <core>
[parser/msg_parser.c:627]: parse_msg(): uri: <sip:+34XXXXXXXXX at SBC-DNS
:5061;user=phone;transport=tls>
Apr 21 10:39:39 vps793907 /usr/sbin/kamailio[20651]: DEBUG: <core>
[parser/msg_parser.c:629]: parse_msg(): version: <SIP/2.0>
But now How can I do to "transfer" the call to a kamailio user or to my
Asterisk?
Thanks for all
El mar., 21 abr. 2020 a las 6:18, Sergiu Pojoga (<pojogas at gmail.com>)
escribió:
> Check out below thread, it explains it all.
>
> https://lists.kamailio.org/pipermail/sr-users/2020-March/108684.html
>
> On Mon, Apr 20, 2020 at 3:24 PM sip user <sipuser404 at gmail.com> wrote:
>
>> Sorry.. Im a bit loose in this one...
>>
>> So, ive use letsencrypy to generate the certificate, and the CA, how i
>> have to generate?
>>
>> Thanks
>>
>> El lun., 20 abr. 2020 19:06, Sergiu Pojoga <pojogas at gmail.com> escribió:
>>
>>> ca_list= /etc/letsencrypt/live/FQND/chain.pem
>>>
>>> Is that pointing to your Root CA certificate? I highly doubt it.
>>> That's probably the reason why you get "tls_read_f(): TLS
>>> write:error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate
>>> verify failed"
>>>
>>> On Mon, Apr 20, 2020 at 11:53 AM sip user <sipuser404 at gmail.com> wrote:
>>>
>>>> Hi..
>>>>
>>>> Thank you all very much for answering me.
>>>>
>>>> I have made many test:
>>>>
>>>> First, I've installed ssl cert with letsencrypt, like
>>>> https://www.fredposner.com/1836/kamailio-tls-and-letsencrypt/, this
>>>> one i made it before.
>>>>
>>>> I've configured tls.cfg like:
>>>>
>>>> [server:default]
>>>> method = TLSv1.2
>>>> verify_certificate = yes
>>>> require_certificate = yes
>>>> private_key = /etc/letsencrypt/live/FQND/privkey.pem
>>>> certificate = /etc/letsencrypt/live/FQDN/fullchain.pem
>>>> ca_list= /etc/letsencrypt/live/FQND/chain.pem
>>>>
>>>> [client:default]
>>>> method = TLSv1.2
>>>> verify_certificate = yes
>>>> require_certificate = yes
>>>> private_key = /etc/letsencrypt/live/FQND/privkey.pem
>>>> certificate = /etc/letsencrypt/live/FQDN/fullchain.pem
>>>> ca_list= /etc/letsencrypt/live/FQND/chain.pem
>>>>
>>>> In syslog I received:
>>>>
>>>> Apr 20 17:31:25 vps793907 /usr/sbin/kamailio[8481]: INFO: <script>:
>>>> Sent out tm request: OPTIONS sip:sip.pstnhub.microsoft.com;transport=tls
>>>> SIP/2.0#015#012Via: SIP/2.0/TLS
>>>> SBC-IP:5061;branch=z9hG4bK66bb.a6291812000000000000000000000000.0#015#012To:
>>>> <sip:sip.pstnhub.microsoft.com;transport=tls>#015#012From:
>>>> <sip:dispatcher at localhost>;tag=d012046760e0e80ea51cb82629f4d4bc-c14c#015#012CSeq:
>>>> 10 OPTIONS#015#012Call-ID:
>>>> 0d202fa1261f1449-8481 at 51.89.23.96#015#012Max-Forwards
>>>> <http://0d202fa1261f1449-8481@51.89.23.96#015%23012Max-Forwards>:
>>>> 70#015#012Content-Length: 0#015#012User-Agent: kamailio (4.2.0
>>>> (x86_64/linux))
>>>> Apr 20 17:31:25 vps793907 /usr/sbin/kamailio[8481]: INFO: <script>:
>>>> Sent out tm request: OPTIONS sip:sip2.pstnhub.microsoft.com;transport=tls
>>>> SIP/2.0#015#012Via: SIP/2.0/TLS
>>>> SBC-IP:5061;branch=z9hG4bK59bb.f565cf11000000000000000000000000.0#015#012To:
>>>> <sip:sip2.pstnhub.microsoft.com;transport=tls>#015#012From:
>>>> <sip:dispatcher at localhost>;tag=d012046760e0e80ea51cb82629f4d4bc-3df0#015#012CSeq:
>>>> 10 OPTIONS#015#012Call-ID:
>>>> 0d202fa1261f144a-8481 at 51.89.23.96#015#012Max-Forwards
>>>> <http://0d202fa1261f144a-8481@51.89.23.96#015%23012Max-Forwards>:
>>>> 70#015#012Content-Length: 0#015#012User-Agent: kamailio (4.2.0
>>>> (x86_64/linux))
>>>> Apr 20 17:31:25 vps793907 /usr/sbin/kamailio[8485]: ERROR: tls
>>>> [tls_server.c:1193]: tls_read_f(): TLS write:error:14090086:SSL
>>>> routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
>>>> Apr 20 17:31:25 vps793907 /usr/sbin/kamailio[8485]: ERROR: <core>
>>>> [tcp_read.c:1279]: tcp_read_req(): ERROR: tcp_read_req: error reading
>>>> Apr 20 17:31:25 vps793907 /usr/sbin/kamailio[8481]: INFO: <script>:
>>>> Sent out tm request: OPTIONS sip:sip3.pstnhub.microsoft.com;transport=tls
>>>> SIP/2.0#015#012Via: SIP/2.0/TLS
>>>> SBC-IP:5061;branch=z9hG4bK69bb.212aa3c7000000000000000000000000.0#015#012To:
>>>> <sip:sip3.pstnhub.microsoft.com;transport=tls>#015#012From:
>>>> <sip:dispatcher at localhost>;tag=d012046760e0e80ea51cb82629f4d4bc-bee0#015#012CSeq:
>>>> 10 OPTIONS#015#012Call-ID:
>>>> 0d202fa1261f144b-8481 at 51.89.23.96#015#012Max-Forwards
>>>> <http://0d202fa1261f144b-8481@51.89.23.96#015%23012Max-Forwards>:
>>>> 70#015#012Content-Length: 0#015#012User-Agent: kamailio (4.2.0
>>>> (x86_64/linux))
>>>> Apr 20 17:31:25 vps793907 /usr/sbin/kamailio[8486]: ERROR: tls
>>>> [tls_server.c:1193]: tls_read_f(): TLS write:error:14090086:SSL
>>>> routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
>>>> Apr 20 17:31:25 vps793907 /usr/sbin/kamailio[8486]: ERROR: <core>
>>>> [tcp_read.c:1279]: tcp_read_req(): ERROR: tcp_read_req: error reading
>>>> Apr 20 17:31:25 vps793907 /usr/sbin/kamailio[8487]: ERROR: tls
>>>> [tls_server.c:1193]: tls_read_f(): TLS write:error:14090086:SSL
>>>> routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
>>>> Apr 20 17:31:25 vps793907 /usr/sbin/kamailio[8487]: ERROR: <core>
>>>> [tcp_read.c:1279]: tcp_read_req(): ERROR: tcp_read_req: error reading
>>>>
>>>> And If I make kamcmd tls.list, I have no response.
>>>>
>>>> Test two:
>>>>
>>>> If I coonfigure tls.cfg like:
>>>>
>>>> [server:default]
>>>> method = TLSv1.2
>>>> verify_certificate = no
>>>> require_certificate = no
>>>> private_key = /etc/letsencrypt/live/FQND/privkey.pem
>>>> certificate = /etc/letsencrypt/live/FQDN/fullchain.pem
>>>> ca_list= /etc/letsencrypt/live/FQND/chain.pem
>>>>
>>>> [client:default]
>>>> method = TLSv1.2
>>>> verify_certificate = no
>>>> require_certificate = no
>>>> private_key = /etc/letsencrypt/live/FQND/privkey.pem
>>>> certificate = /etc/letsencrypt/live/FQDN/fullchain.pem
>>>> ca_list= /etc/letsencrypt/live/FQND/chain.pem
>>>>
>>>> In syslog:
>>>>
>>>> Apr 20 17:27:52 vps793907 kernel: [270882.772276] device eth0 left
>>>> promiscuous mode
>>>> Apr 20 17:27:53 vps793907 /usr/sbin/kamailio[8257]: INFO: <script>:
>>>> Sent out tm request: OPTIONS sip:sip.pstnhub.microsoft.com;transport=tls
>>>> SIP/2.0#015#012Via: SIP/2.0/TLS
>>>> SBC-IP:5061;branch=z9hG4bKf62f.0c39c2d0000000000000000000000000.0#015#012To:
>>>> <sip:sip.pstnhub.microsoft.com;transport=tls>#015#012From:
>>>> <sip:dispatcher at localhost>;tag=d012046760e0e80ea51cb82629f4d4bc-24c6#015#012CSeq:
>>>> 10 OPTIONS#015#012Call-ID:
>>>> 02376c756e11dbd4-8257 at 51.89.23.96#015#012Max-Forwards
>>>> <http://02376c756e11dbd4-8257@51.89.23.96#015%23012Max-Forwards>:
>>>> 70#015#012Content-Length: 0#015#012User-Agent: kamailio (4.2.0
>>>> (x86_64/linux))
>>>> Apr 20 17:27:53 vps793907 /usr/sbin/kamailio[8257]: INFO: <script>:
>>>> Sent out tm request: OPTIONS sip:sip2.pstnhub.microsoft.com;transport=tls
>>>> SIP/2.0#015#012Via: SIP/2.0/TLS
>>>> SBC-IP:5061;branch=z9hG4bK072f.0e9be960000000000000000000000000.0#015#012To:
>>>> <sip:sip2.pstnhub.microsoft.com;transport=tls>#015#012From:
>>>> <sip:dispatcher at localhost>;tag=d012046760e0e80ea51cb82629f4d4bc-5a49#015#012CSeq:
>>>> 10 OPTIONS#015#012Call-ID:
>>>> 02376c756e11dbd5-8257 at 51.89.23.96#015#012Max-Forwards
>>>> <http://02376c756e11dbd5-8257@51.89.23.96#015%23012Max-Forwards>:
>>>> 70#015#012Content-Length: 0#015#012User-Agent: kamailio (4.2.0
>>>> (x86_64/linux))
>>>> Apr 20 17:27:53 vps793907 /usr/sbin/kamailio[8257]: INFO: <script>:
>>>> Sent out tm request: OPTIONS sip:sip3.pstnhub.microsoft.com;transport=tls
>>>> SIP/2.0#015#012Via: SIP/2.0/TLS
>>>> SBC-IP:5061;branch=z9hG4bKd62f.82d8b643000000000000000000000000.0#015#012To:
>>>> <sip:sip3.pstnhub.microsoft.com;transport=tls>#015#012From:
>>>> <sip:dispatcher at localhost>;tag=d012046760e0e80ea51cb82629f4d4bc-d959#015#012CSeq:
>>>> 10 OPTIONS#015#012Call-ID:
>>>> 02376c756e11dbd6-8257 at 51.89.23.96#015#012Max-Forwards
>>>> <http://02376c756e11dbd6-8257@51.89.23.96#015%23012Max-Forwards>:
>>>> 70#015#012Content-Length: 0#015#012User-Agent: kamailio (4.2.0
>>>> (x86_64/linux))
>>>>
>>>> And If I make kamcmd tls.list:
>>>>
>>>> {
>>>> id: 1
>>>> timeout: 3595
>>>> src_ip: 52.114.75.24
>>>> src_port: 5061
>>>> dst_ip: SBC-IP
>>>> dst_port: 37531
>>>> cipher: ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA
>>>> Enc=AESGCM(256) Mac=AEAD
>>>> ct_wq_size: 0
>>>> enc_rd_buf: 0
>>>> flags: 2
>>>> state: established
>>>> }
>>>> {
>>>> id: 2
>>>> timeout: 3596
>>>> src_ip: 52.114.132.46
>>>> src_port: 5061
>>>> dst_ip: SBC-IP
>>>> dst_port: 33370
>>>> cipher: ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA
>>>> Enc=AESGCM(256) Mac=AEAD
>>>> ct_wq_size: 0
>>>> enc_rd_buf: 0
>>>> flags: 2
>>>> state: established
>>>> }
>>>> {
>>>> id: 3
>>>> timeout: 3596
>>>> src_ip: 52.114.7.24
>>>> src_port: 5061
>>>> dst_ip: SBC-IP
>>>> dst_port: 48819
>>>> cipher: ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA
>>>> Enc=AESGCM(256) Mac=AEAD
>>>> ct_wq_size: 0
>>>> enc_rd_buf: 0
>>>> flags: 2
>>>> state: established
>>>> }
>>>>
>>>> And with kamcmd dispatcher.list | egrep "URI|FLAGS" I see:
>>>>
>>>> URI: sip:sip.pstnhub.microsoft.com;transport=tls FLAGS: AP
>>>> URI: sip:sip2.pstnhub.microsoft.com;transport=tls FLAGS: AX
>>>> URI: sip:sip3.pstnhub.microsoft.com;transport=tls FLAGS: AP
>>>>
>>>> But in Teams Direct Routing I always see my SBC with problems, never
>>>> active.
>>>>
>>>> In kamailio.cfg I've configure just before request_route:
>>>>
>>>> event_route[tm:local-request] {
>>>> if(is_method("OPTIONS") && $ru =~ "pstnhub.microsoft.com") {
>>>> append_hf("Contact:
>>>> <sip:SBC-DNS:5061;transport=tls>\r\n");
>>>> }
>>>> xlog("L_INFO", "Sent out tm request: $mb\n");
>>>> }
>>>>
>>>> I don't know where could be the problem..
>>>>
>>>> Any more else I can test?
>>>>
>>>> Thanks for all..!!
>>>>
>>>> El sáb., 18 abr. 2020 a las 12:39, Yuriy Nasida (<ynasida at gmail.com>)
>>>> escribió:
>>>>
>>>>> Probably. You can get full pcap files using tcpdump and check TLS
>>>>> handshakes usign wireshark.
>>>>> Also it is not really need to check cert on the side of kamailio. You
>>>>> can set (at least for tests)
>>>>> verify_certificate = no
>>>>> require_certificate = no
>>>>>
>>>>> On Fri, 17 Apr 2020 at 10:02, sip user <sipuser404 at gmail.com> wrote:
>>>>>
>>>>>> Hi Sergiu..
>>>>>>
>>>>>> I've made many test and many change...
>>>>>>
>>>>>> In tls.cfg I have this:
>>>>>>
>>>>>> [server:default]
>>>>>> method = TLSv1.2
>>>>>> verify_certificate = yes
>>>>>> require_certificate = yes
>>>>>> private_key = /etc/letsencrypt/ssl/cert.key
>>>>>> certificate = /etc/letsencrypt/ssl/cert.crt
>>>>>> ca_list = /etc/letsencrypt/ssl/ca.crt
>>>>>>
>>>>>> [client:default]
>>>>>> method = TLSv1.2
>>>>>> verify_certificate = yes
>>>>>> require_certificate = yes
>>>>>> private_key = /etc/letsencrypt/ssl/cert.key
>>>>>> certificate = /etc/letsencrypt/ssl/cert.crt
>>>>>> ca_list = /etc/letsencrypt/ssl/ca.crt
>>>>>>
>>>>>> But when I make Kamcmd tls.list I have not response.. Not show me
>>>>>> anything.
>>>>>>
>>>>>> Problem with certificated??
>>>>>>
>>>>>> Thanks
>>>>>>
>>>>>> El jue., 16 abr. 2020 a las 20:31, Sergiu Pojoga (<pojogas at gmail.com>)
>>>>>> escribió:
>>>>>>
>>>>>>> Hi SIP User/anonymous/one-time-visitor/,
>>>>>>>
>>>>>>> Your TLS config isn't correct. The article clearly says
>>>>>>> verify/require_certificate must be set to 'yes'
>>>>>>>
>>>>>>> *kamcmd tls.list*
>>>>>>> Does it show any 'established' connections with MS proxy?
>>>>>>>
>>>>>>> Good luck,
>>>>>>>
>>>>>>> --Sergiu
>>>>>>>
>>>>>>> On Thu, Apr 16, 2020 at 11:41 AM Ovidiu Sas <osas at voipembedded.com>
>>>>>>> wrote:
>>>>>>>
>>>>>>>> The tutorial is pretty clear:
>>>>>>>> You need to add the Contact header only for OPTIONS pings.
>>>>>>>> You need to use the proper Record-Route headers based on the
>>>>>>>> direction
>>>>>>>> of the call.
>>>>>>>> There's no out of the box solution because each setup is different.
>>>>>>>>
>>>>>>>> If you understand how loose routing works in SIP, then you know how
>>>>>>>> to
>>>>>>>> adjust the config to use record_route_preset(), just as explained in
>>>>>>>> the tutorial. There is also an example of an INVITE that has the
>>>>>>>> right
>>>>>>>> Record-Route headers in the tutorial.
>>>>>>>>
>>>>>>>> You can choose to use the FQDN for the Record-Route header facing MS
>>>>>>>> and the IP for the Record-Route header facing the carrier or use the
>>>>>>>> FQDN for both Record-Route headers (just like in the
>>>>>>>> tutorialexample).
>>>>>>>> Alternatively, one can try to advertise the FQDN in the listen
>>>>>>>> directive in the config and then the Record-Route headers should be
>>>>>>>> populated automatically.
>>>>>>>>
>>>>>>>> Regards,
>>>>>>>> Ovidiu Sas
>>>>>>>>
>>>>>>>> On Thu, Apr 16, 2020 at 10:50 AM sip user <sipuser404 at gmail.com>
>>>>>>>> wrote:
>>>>>>>> >
>>>>>>>> > Hi Nasida.. Thanks for answerd to me...
>>>>>>>> >
>>>>>>>> > I've activarted the debugger module, and I see the same:
>>>>>>>> >
>>>>>>>> > Apr 15 11:11:41 vps793907 kamailio[23122]: 13(23167) DEBUG:
>>>>>>>> <core> [ip_addr.c:243]: print_ip(): tcpconn_new: new tcp connection:
>>>>>>>> 52.114.7.24
>>>>>>>> > Apr 15 11:11:41 vps793907 kamailio[23122]: 13(23167) DEBUG:
>>>>>>>> <core> [tcp_main.c:1073]: tcpconn_new(): tcpconn_new: on port 4160, type 3
>>>>>>>> > Apr 15 11:11:41 vps793907 kamailio[23122]: 13(23167) DEBUG:
>>>>>>>> <core> [tcp_main.c:1382]: tcpconn_add(): tcpconn_add: hashes:
>>>>>>>> 171:1857:1187, 30
>>>>>>>> > Apr 15 11:11:41 vps793907 kamailio[23122]: 13(23167) DEBUG:
>>>>>>>> <core> [io_wait.h:388]: io_watch_add(): DBG: io_watch_add(0xa1f240, 23, 2,
>>>>>>>> 0x7f90f2438f80), fd_no=17
>>>>>>>> > Apr 15 11:11:41 vps793907 kamailio[23122]: 13(23167) DEBUG:
>>>>>>>> <core> [io_wait.h:610]: io_watch_del(): DBG: io_watch_del (0xa1f240, 23,
>>>>>>>> -1, 0x0) fd_no=18 called
>>>>>>>> > Apr 15 11:11:41 vps793907 kamailio[23122]: 13(23167) DEBUG:
>>>>>>>> <core> [tcp_main.c:4219]: handle_tcpconn_ev(): tcp: DBG: sending to child,
>>>>>>>> events 1
>>>>>>>> > Apr 15 11:11:41 vps793907 kamailio[23122]: 13(23167) DEBUG:
>>>>>>>> <core> [tcp_main.c:3902]: send2child(): selected tcp worker 1 10(23159) for
>>>>>>>> activity on [tls:SBC_IP:5061], 0x7f90f2438f80
>>>>>>>> > Apr 15 11:11:41 vps793907 kamailio[23122]: 10(23159) DEBUG:
>>>>>>>> <core> [tcp_read.c:1507]: handle_io(): received n=8 con=0x7f90f2438f80, fd=9
>>>>>>>> > Apr 15 11:11:41 vps793907 kamailio[23122]: 10(23159) DEBUG: tls
>>>>>>>> [tls_server.c:184]: tls_complete_init(): Using TLS domain TLSs<default>
>>>>>>>> > Apr 15 11:11:41 vps793907 kamailio[23122]: 10(23159) DEBUG: tls
>>>>>>>> [tls_domain.c:700]: sr_ssl_ctx_info_callback(): SSL handshake started
>>>>>>>> > Apr 15 11:11:41 vps793907 kamailio[23122]: 10(23159) DEBUG:
>>>>>>>> <core> [tcp_main.c:2516]: tcpconn_do_send(): tcp_send: sending...
>>>>>>>> > Apr 15 11:11:41 vps793907 kamailio[23122]: 10(23159) DEBUG:
>>>>>>>> <core> [tcp_main.c:2550]: tcpconn_do_send(): tcp_send: after real write: c=
>>>>>>>> 0x7f90f2438f80 n=1468 fd=9
>>>>>>>> > Apr 15 11:11:41 vps793907 kamailio[23122]: 10(23159) DEBUG:
>>>>>>>> <core> [tcp_main.c:2551]: tcpconn_do_send(): tcp_send: buf=
>>>>>>>> > Apr 15 11:11:41 vps793907 kamailio[23122]: #026#003#003
>>>>>>>> > Apr 15 11:11:41 vps793907 kamailio[23122]: 10(23159) DEBUG:
>>>>>>>> <core> [io_wait.h:388]: io_watch_add(): DBG: io_watch_add(0x9c1700, 9, 2,
>>>>>>>> 0x7f90f2438f80), fd_no=1
>>>>>>>> > Apr 15 11:11:42 vps793907 kamailio[23122]: 10(23159) DEBUG:
>>>>>>>> <core> [tcp_read.c:296]: tcp_read_data(): EOF on 0x7f90f2438f80, FD 9
>>>>>>>> > Apr 15 11:11:42 vps793907 kamailio[23122]: 10(23159) DEBUG:
>>>>>>>> <core> [tcp_read.c:1291]: tcp_read_req(): tcp_read_req: EOF
>>>>>>>> > Apr 15 11:11:42 vps793907 kamailio[23122]: 10(23159) DEBUG:
>>>>>>>> <core> [io_wait.h:610]: io_watch_del(): DBG: io_watch_del (0x9c1700, 9, -1,
>>>>>>>> 0x10) fd_no=2 called
>>>>>>>> > Apr 15 11:11:42 vps793907 kamailio[23122]: 10(23159) DEBUG:
>>>>>>>> <core> [tcp_read.c:1434]: release_tcpconn(): releasing con 0x7f90f2438f80,
>>>>>>>> state -1, fd=9, id=30
>>>>>>>> > Apr 15 11:11:42 vps793907 kamailio[23122]: 10(23159) DEBUG:
>>>>>>>> <core> [tcp_read.c:1435]: release_tcpconn(): extra_data 0x7f90f2432b40
>>>>>>>> > Apr 15 11:11:42 vps793907 kamailio[23122]: 13(23167) DEBUG:
>>>>>>>> <core> [tcp_main.c:3331]: handle_tcp_child(): handle_tcp_child: reader
>>>>>>>> response= 7f90f2438f80, -1 from 1
>>>>>>>> > Apr 15 11:11:42 vps793907 kamailio[23122]: 13(23167) DEBUG: tls
>>>>>>>> [tls_server.c:604]: tls_h_close(): Closing SSL connection 0x7f90f2432b40
>>>>>>>> >
>>>>>>>> > I don't see any different.
>>>>>>>> >
>>>>>>>> > I know that the module is loaded because I see:
>>>>>>>> >
>>>>>>>> > exec: *** cfgtrace:request_route=[DEFAULT_ROUTE]
>>>>>>>> c=[/etc/kamailio/kamailio.cfg] l=486 a=5 n=route
>>>>>>>> >
>>>>>>>> > When I restart kamailio, but when I "launch" a call from Teams to
>>>>>>>> my Kamailio I only see that.
>>>>>>>> >
>>>>>>>> > To configure it, I follow
>>>>>>>> https://skalatan.de/en/blog/kamailio-sbc-teams.. But I cannot make
>>>>>>>> it works..
>>>>>>>> >
>>>>>>>> > Any more thing that i can test or do??
>>>>>>>> >
>>>>>>>> > Thanks
>>>>>>>> >
>>>>>>>> > El jue., 16 abr. 2020 a las 14:20, Nasida Yuriy (<nasida at live.ru>)
>>>>>>>> escribió:
>>>>>>>> >>
>>>>>>>> >> Wow, so many people want to configure kamailio with MS. First of
>>>>>>>> all i think you need to get sip debug between kamailio and MS. Kamilio has
>>>>>>>> module to save sip traces. This way you will get sip debug decrypted.
>>>>>>>> >>
>>>>>>>> >>
>>>>>>>> >> ________________________________
>>>>>>>> >> От: sr-users <sr-users-bounces at lists.kamailio.org> от имени sip
>>>>>>>> user <sipuser404 at gmail.com>
>>>>>>>> >> Отправлено: 16 апреля 2020 г. 10:19
>>>>>>>> >> Кому: sr-users at lists.kamailio.org <sr-users at lists.kamailio.org>
>>>>>>>> >> Тема: [SR-Users] Kamailio like SBC with Teams
>>>>>>>> >>
>>>>>>>> >> Hello good morning ... I am new to this list and I was starting
>>>>>>>> to mess with Kamailio, mainly to set it up as SBC against Teams, in this
>>>>>>>> case.
>>>>>>>> >>
>>>>>>>> >> But I can't get it to work for me. If I launch a call from the
>>>>>>>> Teams, in the Kamailio I see:
>>>>>>>> >>
>>>>>>>> >> 1.- In syslog:
>>>>>>>> >>
>>>>>>>> >> Apr 15 11:11:41 vps793907 kamailio[23122]: 13(23167) DEBUG:
>>>>>>>> <core> [ip_addr.c:243]: print_ip(): tcpconn_new: new tcp connection:
>>>>>>>> 52.114.7.24
>>>>>>>> >> Apr 15 11:11:41 vps793907 kamailio[23122]: 13(23167) DEBUG:
>>>>>>>> <core> [tcp_main.c:1073]: tcpconn_new(): tcpconn_new: on port 4160, type 3
>>>>>>>> >> Apr 15 11:11:41 vps793907 kamailio[23122]: 13(23167) DEBUG:
>>>>>>>> <core> [tcp_main.c:1382]: tcpconn_add(): tcpconn_add: hashes:
>>>>>>>> 171:1857:1187, 30
>>>>>>>> >> Apr 15 11:11:41 vps793907 kamailio[23122]: 13(23167) DEBUG:
>>>>>>>> <core> [io_wait.h:388]: io_watch_add(): DBG: io_watch_add(0xa1f240, 23, 2,
>>>>>>>> 0x7f90f2438f80), fd_no=17
>>>>>>>> >> Apr 15 11:11:41 vps793907 kamailio[23122]: 13(23167) DEBUG:
>>>>>>>> <core> [io_wait.h:610]: io_watch_del(): DBG: io_watch_del (0xa1f240, 23,
>>>>>>>> -1, 0x0) fd_no=18 called
>>>>>>>> >> Apr 15 11:11:41 vps793907 kamailio[23122]: 13(23167) DEBUG:
>>>>>>>> <core> [tcp_main.c:4219]: handle_tcpconn_ev(): tcp: DBG: sending to child,
>>>>>>>> events 1
>>>>>>>> >> Apr 15 11:11:41 vps793907 kamailio[23122]: 13(23167) DEBUG:
>>>>>>>> <core> [tcp_main.c:3902]: send2child(): selected tcp worker 1 10(23159) for
>>>>>>>> activity on [tls:SBC_IP:5061], 0x7f90f2438f80
>>>>>>>> >> Apr 15 11:11:41 vps793907 kamailio[23122]: 10(23159) DEBUG:
>>>>>>>> <core> [tcp_read.c:1507]: handle_io(): received n=8 con=0x7f90f2438f80, fd=9
>>>>>>>> >> Apr 15 11:11:41 vps793907 kamailio[23122]: 10(23159) DEBUG: tls
>>>>>>>> [tls_server.c:184]: tls_complete_init(): Using TLS domain TLSs<default>
>>>>>>>> >> Apr 15 11:11:41 vps793907 kamailio[23122]: 10(23159) DEBUG: tls
>>>>>>>> [tls_domain.c:700]: sr_ssl_ctx_info_callback(): SSL handshake started
>>>>>>>> >> Apr 15 11:11:41 vps793907 kamailio[23122]: 10(23159) DEBUG:
>>>>>>>> <core> [tcp_main.c:2516]: tcpconn_do_send(): tcp_send: sending...
>>>>>>>> >> Apr 15 11:11:41 vps793907 kamailio[23122]: 10(23159) DEBUG:
>>>>>>>> <core> [tcp_main.c:2550]: tcpconn_do_send(): tcp_send: after real write: c=
>>>>>>>> 0x7f90f2438f80 n=1468 fd=9
>>>>>>>> >> Apr 15 11:11:41 vps793907 kamailio[23122]: 10(23159) DEBUG:
>>>>>>>> <core> [tcp_main.c:2551]: tcpconn_do_send(): tcp_send: buf=
>>>>>>>> >> Apr 15 11:11:41 vps793907 kamailio[23122]: #026#003#003
>>>>>>>> >> Apr 15 11:11:41 vps793907 kamailio[23122]: 10(23159) DEBUG:
>>>>>>>> <core> [io_wait.h:388]: io_watch_add(): DBG: io_watch_add(0x9c1700, 9, 2,
>>>>>>>> 0x7f90f2438f80), fd_no=1
>>>>>>>> >> Apr 15 11:11:42 vps793907 kamailio[23122]: 10(23159) DEBUG:
>>>>>>>> <core> [tcp_read.c:296]: tcp_read_data(): EOF on 0x7f90f2438f80, FD 9
>>>>>>>> >> Apr 15 11:11:42 vps793907 kamailio[23122]: 10(23159) DEBUG:
>>>>>>>> <core> [tcp_read.c:1291]: tcp_read_req(): tcp_read_req: EOF
>>>>>>>> >> Apr 15 11:11:42 vps793907 kamailio[23122]: 10(23159) DEBUG:
>>>>>>>> <core> [io_wait.h:610]: io_watch_del(): DBG: io_watch_del (0x9c1700, 9, -1,
>>>>>>>> 0x10) fd_no=2 called
>>>>>>>> >> Apr 15 11:11:42 vps793907 kamailio[23122]: 10(23159) DEBUG:
>>>>>>>> <core> [tcp_read.c:1434]: release_tcpconn(): releasing con 0x7f90f2438f80,
>>>>>>>> state -1, fd=9, id=30
>>>>>>>> >> Apr 15 11:11:42 vps793907 kamailio[23122]: 10(23159) DEBUG:
>>>>>>>> <core> [tcp_read.c:1435]: release_tcpconn(): extra_data 0x7f90f2432b40
>>>>>>>> >> Apr 15 11:11:42 vps793907 kamailio[23122]: 13(23167) DEBUG:
>>>>>>>> <core> [tcp_main.c:3331]: handle_tcp_child(): handle_tcp_child: reader
>>>>>>>> response= 7f90f2438f80, -1 from 1
>>>>>>>> >> Apr 15 11:11:42 vps793907 kamailio[23122]: 13(23167) DEBUG: tls
>>>>>>>> [tls_server.c:604]: tls_h_close(): Closing SSL connection 0x7f90f2432b40
>>>>>>>> >>
>>>>>>>> >> 2.- With TCPDUMP:
>>>>>>>> >>
>>>>>>>> >> 11:13:09.311797 IP SBC_IP .1024 > SBC_IP .eu.sip-tls: Flags [S],
>>>>>>>> seq 261244614, win 64240, options [mss 1440,nop,wscale 8,nop,nop,sackOK],
>>>>>>>> length 0
>>>>>>>> >> 11:13:09.311898 IP SBC_IP .eu.sip-tls > 52.114.76.76.1024:
>>>>>>>> Flags [S.], seq 812357247, ack 261244615, win 29200, options [mss
>>>>>>>> 1460,nop,nop,sackOK,nop,wscale 7], length 0
>>>>>>>> >> 11:13:09.340358 IP 52.114.76.76.1024 > SBC_IP .eu.sip-tls:
>>>>>>>> Flags [.], ack 1, win 2053, length 0
>>>>>>>> >> 11:13:09.340560 IP 52.114.76.76.1024 > SBC_IP .eu.sip-tls: Flags
>>>>>>>> [P.], seq 1:187, ack 1, win 2053, length 186
>>>>>>>> >> 11:13:09.340578 IP SBC_IP .eu.sip-tls > 52.114.76.76.1024: Flags
>>>>>>>> [.], ack 187, win 237, length 0
>>>>>>>> >> 11:13:09.341361 IP SBC_IP .eu.sip-tls > 52.114.76.76.1024: Flags
>>>>>>>> [P.], seq 1:1469, ack 187, win 237, length 1468
>>>>>>>> >> 11:13:09.369606 IP 52.114.76.76.1024 > SBC_IP .eu.sip-tls: Flags
>>>>>>>> [.], ack 1469, win 2053, length 0
>>>>>>>> >> 11:13:12.451498 IP 52.114.7.24.1216 > SBC_IP .eu.sip-tls: Flags
>>>>>>>> [S], seq 309084204, win 64240, options [mss 1440,nop,wscale
>>>>>>>> 8,nop,nop,sackOK], length 0
>>>>>>>> >> 11:13:12.451587 IP SBC_IP .eu.sip-tls > 52.114.7.24.1216: Flags
>>>>>>>> [S.], seq 3275066862, ack 309084205, win 29200, options [mss
>>>>>>>> 1460,nop,nop,sackOK,nop,wscale 7], length 0
>>>>>>>> >> 11:13:12.707119 IP 52.114.7.24.1216 > SBC_IP .eu.sip-tls: Flags
>>>>>>>> [.], ack 1, win 2053, length 0
>>>>>>>> >> 11:13:12.707311 IP 52.114.7.24.1216 > SBC_IP .eu.sip-tls: Flags
>>>>>>>> [P.], seq 1:187, ack 1, win 2053, length 186
>>>>>>>> >> 11:13:12.707345 IP SBC_IP .eu.sip-tls > 52.114.7.24.1216: Flags
>>>>>>>> [.], ack 187, win 237, length 0
>>>>>>>> >> 11:13:12.708273 IP SBC_IP .eu.sip-tls > 52.114.7.24.1216: Flags
>>>>>>>> [P.], seq 1:1469, ack 187, win 237, length 1468
>>>>>>>> >> 11:13:12.965101 IP 52.114.7.24.1216 > SBC_IP .eu.sip-tls: Flags
>>>>>>>> [.], ack 1469, win 2053, length 0
>>>>>>>> >> 11:13:12.965156 IP 52.114.7.24.1216 > SBC_IP .eu.sip-tls: Flags
>>>>>>>> [F.], seq 187, ack 1469, win 2053, length 0
>>>>>>>> >> 11:13:12.965688 IP SBC_IP .eu.sip-tls > 52.114.7.24.1216: Flags
>>>>>>>> [F.], seq 1469, ack 188, win 237, length 0
>>>>>>>> >> 11:13:13.220871 IP 52.114.7.24.1216 > SBC_IP .eu.sip-tls: Flags
>>>>>>>> [.], ack 1470, win 2053, length 0
>>>>>>>> >>
>>>>>>>> >> I can't "receive" anything.
>>>>>>>> >>
>>>>>>>> >> I have generated the certificates and configured in the tls.cfg
>>>>>>>> of the Kamailio:
>>>>>>>> >>
>>>>>>>> >> [server:default]
>>>>>>>> >> method = TLSv1.2
>>>>>>>> >> verify_certificate = no
>>>>>>>> >> require_certificate = no
>>>>>>>> >> private_key = /etc/letsencrypt/ssl/cert.key
>>>>>>>> >> certificate = /etc/letsencrypt/ssl/cert.crt
>>>>>>>> >> ca_list = /etc/letsencrypt/ssl/ca.crt
>>>>>>>> >>
>>>>>>>> >> Within Kamailio itself I have it configured to return a 200
>>>>>>>> KeepAlive to Teams when it receives an OPTIONS:
>>>>>>>> >>
>>>>>>>> >> event_route[tm:local-request] {
>>>>>>>> >>
>>>>>>>> >> if(is_method("OPTIONS") && $ru =~ "pstnhub.microsoft.com")
>>>>>>>> {
>>>>>>>> >> append_hf("Contact: <sip: SBC_DNS
>>>>>>>> :5061;transport=tls>\r\n");
>>>>>>>> >> }
>>>>>>>> >> xlog("L_INFO", "Sent out tm request: $mb\n");
>>>>>>>> >> }
>>>>>>>> >>
>>>>>>>> >> And I have measured the record_route for this new one:
>>>>>>>> >>
>>>>>>>> >> record_route_preset(" SBC_DNS :5061;transport=tls", " SBC_IP
>>>>>>>> :5061");
>>>>>>>> >>
>>>>>>>> >> I have created a dispatcher.list:
>>>>>>>> >>
>>>>>>>> >> # setid(integer) destination(sip uri) flags (integer, optional),
>>>>>>>> priority(int,opt), attrs (str,optional)
>>>>>>>> >> 1:1:sip:sip.pstnhub.microsoft.com;transport=tls 0 3 socket=tls:
>>>>>>>> SBC_IP :5061;ping_from= sip:SBC_DNS
>>>>>>>> >> 2:1:sip:sip2.pstnhub.microsoft.com;transport=tls 0 2
>>>>>>>> socket=tls: SBC_IP :5061;ping_from=sip: SBC_DNS
>>>>>>>> >> 3:1:sip:sip3.pstnhub.microsoft.com;transport=tls 0 1
>>>>>>>> socket=tls: SBC_IP :5061;ping_from=sip: SBC_DNS
>>>>>>>> >> 4:1:sip:sip-all.pstnhub.microsoft.com;transport=tls 0 1
>>>>>>>> socket=tls: SBC_IP :5061;ping_from=sip: SBC_DNS
>>>>>>>> >>
>>>>>>>> >> I think that one of the problems is that I do not send the
>>>>>>>> OPTIONS to the Teams well, since it is on their panel, it indicates that
>>>>>>>> the SBC is INACTIVE.
>>>>>>>> >>
>>>>>>>> >> I don't know if you could help me straighten this out a bit ...
>>>>>>>> >>
>>>>>>>> >> Thank you so much for everything..
>>>>>>>> >>
>>>>>>>> >> a greeting
>>>>>>>> >> _______________________________________________
>>>>>>>> >> Kamailio (SER) - Users Mailing List
>>>>>>>> >> sr-users at lists.kamailio.org
>>>>>>>> >> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>>>>>>> >
>>>>>>>> > _______________________________________________
>>>>>>>> > Kamailio (SER) - Users Mailing List
>>>>>>>> > sr-users at lists.kamailio.org
>>>>>>>> > https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>>> VoIP Embedded, Inc.
>>>>>>>> http://www.voipembedded.com
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> Kamailio (SER) - Users Mailing List
>>>>>>>> sr-users at lists.kamailio.org
>>>>>>>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> Kamailio (SER) - Users Mailing List
>>>>>>> sr-users at lists.kamailio.org
>>>>>>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>>>>>>
>>>>>> _______________________________________________
>>>>>> Kamailio (SER) - Users Mailing List
>>>>>> sr-users at lists.kamailio.org
>>>>>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>>>>>
>>>>> _______________________________________________
>>>>> Kamailio (SER) - Users Mailing List
>>>>> sr-users at lists.kamailio.org
>>>>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>>>>
>>>> _______________________________________________
>>>> Kamailio (SER) - Users Mailing List
>>>> sr-users at lists.kamailio.org
>>>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>>>
>>> _______________________________________________
>>> Kamailio (SER) - Users Mailing List
>>> sr-users at lists.kamailio.org
>>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>>
>> _______________________________________________
>> Kamailio (SER) - Users Mailing List
>> sr-users at lists.kamailio.org
>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>
> _______________________________________________
> Kamailio (SER) - Users Mailing List
> sr-users at lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20200421/ff5afdca/attachment.html>
More information about the sr-users
mailing list