[SR-Users] SRTP/TLS BYE Problem with One of the Legs of the Call
conradcordeiro at gmail.com
conradcordeiro at gmail.com
Sun Sep 20 17:53:15 CEST 2020
Thank you very much Arsen.
Knowing that this was supposed to work was what I needed to know. I was
only missing the NAT rule back to my phone system on the TLS port, which
is where the BYE packet was being sent to.
All works perfectly now.
On 9/19/20 4:05 AM, Arsen Semenov wrote:
> Hello Conrad,
>
> Bit hard to say exactly without looking into logs/dumps but it seems
> like your call is long enough so router (if you have one) could
> timeout on nat tcp connection, thus the “bye” request can not reach
> uac. Just guessing.
>
> Please check whether you have tcp keepalive enabled, example:
> tcp_keepalive=yes
> tcp_crlf_ping=yes
> tcp_keepcnt=3
> tcp_keepidle=30
> tcp_keepintvl=30
>
> Hope it helps.
>
>
> On Sat, 19 Sep 2020 at 8:59 AM, conradcordeiro at gmail.com
> <mailto:conradcordeiro at gmail.com> <conradcordeiro at gmail.com
> <mailto:conradcordeiro at gmail.com>> wrote:
>
> Hello,
>
>
>
> Thank you for your reading this and for your help.
>
>
>
> I'm a Kamailio newbie and managed to set up an edge proxy, which
> works
>
> perfectly on UDP traffic. I'm now attempting to deploy TLS/SRTP and
>
> everything almost works perfectly. The single issue I'm having is
> that
>
> when either of the parties to an SRTP/TLS call disconnect, the other
>
> party's call remains active. With UDP, when one of the parties
>
> disconnects the call, the other leg of the call receives the BYE
> command
>
> and the call automatically disconnects.
>
>
>
> This is how I have our infrastructure set up:
>
>
>
> 1. Twilio SIP Trunk with Secure Media enabled.
>
>
>
> 2. Kamailio 5.4.1 set up with TLS module, set to listen on TLS port
>
> 5061, SSL certificates from Let's Encrypt, route set to our phone
> system.
>
>
>
> 3. Phone system is Asterisk.
>
>
>
> As per above, everything works almost perfectly with TLS/SRTP. The
> only
>
> issue is that calls will not disconnect when one of the sides hang
> up.
>
> If I disable TLS/SRTP and use UDP only, everything works.
>
>
>
> Audio is just fine with TLS/SRTP.
>
>
>
> Does anyone know why calls with SRTP/TLS will not disconnect
>
> automatically when one of the parties ends the call?
>
>
>
> Thank you,
>
>
>
> Conrad
>
>
>
>
>
> _______________________________________________
>
> Kamailio (SER) - Users Mailing List
>
> sr-users at lists.kamailio.org <mailto:sr-users at lists.kamailio.org>
>
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
> <https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users>
>
>
>
> --
> Sent from Gmail Mobile
>
> _______________________________________________
> Kamailio (SER) - Users Mailing List
> sr-users at lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20200920/628c26ad/attachment.htm>
More information about the sr-users
mailing list