
<div dir="ltr"><div>Thank You, Daniel. <br><br></div>Everything works.<br></div><div class="gmail_extra"><br clear="all"><div><div class="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><span><font color="#888888">-- <br><div><div dir="ltr"><div>З повагою,</div><div>Микола Заїка<br></div><div>Компанія VoIPTime,</div><div>Тел: <span style="color:rgb(0,0,255)"><a href="tel:%2B380%2032%202328022" value="+380322328022" target="_blank">+380 32 2328022</a></span></div><div><span style="color:rgb(0,0,255)"><a href="mailto:mzaika@voiptime.net" target="_blank">mzaika@voiptime.net</a></span></div><div><span style="color:rgb(0,0,255)"><a href="http://www.voiptime.net" target="_blank">www.voiptime.net</a></span></div></div></div></font></span></div></div></div></div></div></div></div></div></div>

<br><div class="gmail_quote">2015-04-10 11:27 GMT+03:00 Daniel Grotti <span dir="ltr"><<a href="mailto:dgrotti@sipwise.com" target="_blank">dgrotti@sipwise.com</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Reason it the TLS, you don't see encrypted message if you make a sip trace.<br>

Please check the kamailio-lb.log to see the message relayed to the<br>

provider in tls.<br>

<span class=""><br>

<br>

<br>

<br>

Daniel Grotti<br>

VoIP Engineer<br>

<br>

<br>

Sipwise GmbH<br>

Europaring F15 | 2345 Brunn am Gebirge, Austria | <a href="http://www.sipwise.com" target="_blank">www.sipwise.com</a><br>

<br>

</span><span class="">On 04/10/2015 10:22 AM, Mykola Zaika wrote:<br>

> Hello,<br>

> In peer settings, I have selected protocol TLS and port 5061. All my<br>

> outgoing packets go inside SipWise (<a href="http://127.0.0.1:5080" target="_blank">127.0.0.1:5080</a><br>

</span>> <<a href="http://127.0.0.1:5080" target="_blank">http://127.0.0.1:5080</a>> -> <a href="http://127.0.0.1:5060" target="_blank">127.0.0.1:5060</a> <<a href="http://127.0.0.1:5060" target="_blank">http://127.0.0.1:5060</a>>). I<br>

<span class="">> can`t see any SIp packet from SipWise to provider. What can be the<br>

> reason of it ?<br>

> When I use protocol UDP, I see outgoing packets to provider.<br>

><br>

</span>> U 2015/04/10 11:10:52.712509 <a href="http://127.0.0.1:5080" target="_blank">127.0.0.1:5080</a> <<a href="http://127.0.0.1:5080" target="_blank">http://127.0.0.1:5080</a>> -><br>

> <a href="http://127.0.0.1:5060" target="_blank">127.0.0.1:5060</a> <<a href="http://127.0.0.1:5060" target="_blank">http://127.0.0.1:5060</a>><br>

> INVITE <a href="mailto:sip%3A0662823314@212.58.166.54">sip:0662823314@212.58.166.54</a><br>

> <mailto:<a href="mailto:sip%253A0662823314@212.58.166.54">sip%3A0662823314@212.58.166.54</a>> SIP/2.0'<br>

<span class="">> Via: SIP/2.0/UDP 127.0.0.1:5080;branch=z9hG4bKh2LzzaJ0;rport'<br>

> From: <<a href="mailto:sip%3A0931700226@212.58.166.54">sip:0931700226@212.58.166.54</a><br>

</span>> <mailto:<a href="mailto:sip%253A0931700226@212.58.166.54">sip%3A0931700226@212.58.166.54</a>>>;tag=28CC80E6-5527858C000ADDA5-3C2C2700'<br>

> To: <<a href="mailto:sip%3A0662823314@212.58.166.54">sip:0662823314@212.58.166.54</a> <mailto:<a href="mailto:sip%253A0662823314@212.58.166.54">sip%3A0662823314@212.58.166.54</a>>>'<br>

<div><div class="h5">> CSeq: 10 INVITE'<br>

> Call-ID: 62ad049116741ff406d5988162f6267d@10.200.10.15_b2b-1'<br>

> Route:<br>

> <sip:127.0.0.1:5060;received='sip:<a href="tel:212.58.166.54" value="+12125816654">212.58.166.54</a>:5061;lr;transport=tls';lr>'<br>

> Max-Forwards: 70'<br>

> Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, SUBSCRIBE, NOTIFY, PUBLISH'<br>

> Supported: replaces'<br>

> P-D-Uri:<br>

> sip:127.0.0.1:5060;received='sip:<a href="tel:212.58.166.54" value="+12125816654">212.58.166.54</a>:5061;lr;transport=tls''<br>

> Content-Type: application/sdp'<br>

> Contact: <sip:127.0.0.1:5080;transport=udp>'<br>

> Content-Length: 304'<br>

> '<br>

> v=0'<br>

> o=root 1014308804 1014308805 IN IP4 <a href="tel:93.178.252.43" value="+19317825243">93.178.252.43</a>'<br>

> s=A'<br>

> c=IN IP4 93.178.252.43'<br>

> t=0 0'<br>

> m=audio 34318 RTP/AVP 0 8 101'<br>

> a=rtpmap:0 PCMU/8000'<br>

> a=rtpmap:8 PCMA/8000'<br>

> a=rtpmap:101 telephone-event/8000'<br>

> a=fmtp:101 0-16'<br>

> a=sendrecv'<br>

> a=silenceSupp:off - - - -'<br>

> a=ptime:20'<br>

> a=rtcp:34319'<br>

> a=direction:active'<br>

><br>

><br>

> --<br>

> З повагою,<br>

> Микола Заїка<br>

> Компанія VoIPTime,<br>

</div></div>> Тел: <a href="tel:%2B380%2032%202328022" value="+380322328022">+380 32 2328022</a> <tel:%2B380%2032%202328022><br>

> <a href="mailto:mzaika@voiptime.net">mzaika@voiptime.net</a> <mailto:<a href="mailto:mzaika@voiptime.net">mzaika@voiptime.net</a>><br>

> <a href="http://www.voiptime.net" target="_blank">www.voiptime.net</a> <<a href="http://www.voiptime.net" target="_blank">http://www.voiptime.net</a>><br>

<span class="">><br>

> 2015-04-07 17:31 GMT+03:00 Mykola Zaika <<a href="mailto:mzaika@voiptime.net">mzaika@voiptime.net</a><br>

</span>> <mailto:<a href="mailto:mzaika@voiptime.net">mzaika@voiptime.net</a>>>:<br>

<span class="">><br>

>     I have done it.<br>

><br>

>     how about<br>

>     tlscafile=/etc/asterisk/certificate/ca.pem<br>

>     tlscertfile=/etc/asterisk/certificate/asterisk.pem<br>

><br>

>     I found this in /etc/kamailio/tls.cfg    Am I right ?<br>

><br>

>     --<br>

>     З повагою,<br>

>     Микола Заїка<br>

>     Компанія VoIPTime,<br>

</span>>     Тел: <a href="tel:%2B380%2032%202328022" value="+380322328022">+380 32 2328022</a> <tel:%2B380%2032%202328022><br>

>     <a href="mailto:mzaika@voiptime.net">mzaika@voiptime.net</a> <mailto:<a href="mailto:mzaika@voiptime.net">mzaika@voiptime.net</a>><br>

>     <a href="http://www.voiptime.net" target="_blank">www.voiptime.net</a> <<a href="http://www.voiptime.net" target="_blank">http://www.voiptime.net</a>><br>

<span class="">><br>

>     2015-04-07 17:25 GMT+03:00 Daniel Grotti <<a href="mailto:dgrotti@sipwise.com">dgrotti@sipwise.com</a><br>

</span>>     <mailto:<a href="mailto:dgrotti@sipwise.com">dgrotti@sipwise.com</a>>>:<br>

<span class="">><br>

>         Hi,<br>

>         in the peering server configuration, you can select the protocol you<br>

>         want to use for the interconnection.<br>

><br>

><br>

>         Regards,<br>

><br>

><br>

>         Daniel Grotti<br>

>         VoIP Engineer<br>

><br>

><br>

>         Sipwise GmbH<br>

>         Europaring F15 | 2345 Brunn am Gebirge, Austria |<br>

</span>>         <a href="http://www.sipwise.com" target="_blank">www.sipwise.com</a> <<a href="http://www.sipwise.com" target="_blank">http://www.sipwise.com</a>><br>

<span class="">><br>

>         On 04/07/2015 04:20 PM, Mykola Zaika wrote:<br>

>         > Hello,<br>

>         ><br>

>         > How can I setup peer with protocol TLS ?  Can someone share his experience ?<br>

>         ><br>

>         ><br>

>         > Config from Asterisk works:<br>

>         ><br>

>         > [general]<br>

>         ><br>

>         > tlsenable=yes<br>

>         ><br>

>         > tlsbindaddr=client.wan.ip.addr<br>

>         ><br>

>         > tlscafile=/etc/asterisk/certificate/ca.pem<br>

>         ><br>

>         > tlscertfile=/etc/asterisk/certificate/asterisk.pem<br>

>         ><br>

>         > tlscipher=DES-CBC3-SHA<br>

>         ><br>

>         > tlsclientmethod=tlsv1<br>

>         ><br>

>         > tlsdontverifyserver=no<br>

>         ><br>

>         ><br>

>         > register=> tls://<a href="http://044232XXXX:verysecretpass@212.58.166.54:5061" target="_blank">044232XXXX:verysecretpass@212.58.166.54:5061</a><br>

</span>>         <<a href="http://044232XXXX:verysecretpass@212.58.166.54:5061" target="_blank">http://044232XXXX:verysecretpass@212.58.166.54:5061</a>><br>

<span class="">>         > <<a href="http://212.58.166.54:5061" target="_blank">http://212.58.166.54:5061</a>>/044232XXXX<br>

>         ><br>

>         ><br>

>         > [044232XXXX]<br>

>         ><br>

>         > type=friend<br>

>         ><br>

>         > username=044232XXXX<br>

>         ><br>

>         > secret=verysecretpass<br>

>         ><br>

</span>>         > host=<a href="tel:212.58.166.54" value="+12125816654">212.58.166.54</a> <tel:<a href="tel:212.58.166.54" value="+12125816654">212.58.166.54</a>><br>

<span class="">>         ><br>

>         > port=5061<br>

>         ><br>

>         > fromuser=044232XXXX ;<br>

>         ><br>

>         > transport=tls<br>

>         ><br>

>         > encryption=yes<br>

>         ><br>

>         > context=incoming<br>

>         ><br>

>         > disallow=all<br>

>         ><br>

>         > allow=ulaw<br>

>         ><br>

>         > allow=alaw<br>

>         ><br>

>         ><br>

>         ><br>

>         ><br>

>         ><br>

>         > _______________________________________________<br>

>         > Spce-user mailing list<br>

</span>>         > <a href="mailto:Spce-user@lists.sipwise.com">Spce-user@lists.sipwise.com</a> <mailto:<a href="mailto:Spce-user@lists.sipwise.com">Spce-user@lists.sipwise.com</a>><br>

<span class="">>         > <a href="https://lists.sipwise.com/listinfo/spce-user" target="_blank">https://lists.sipwise.com/listinfo/spce-user</a><br>

>         ><br>

>         _______________________________________________<br>

>         Spce-user mailing list<br>

</span>>         <a href="mailto:Spce-user@lists.sipwise.com">Spce-user@lists.sipwise.com</a> <mailto:<a href="mailto:Spce-user@lists.sipwise.com">Spce-user@lists.sipwise.com</a>><br>

>         <a href="https://lists.sipwise.com/listinfo/spce-user" target="_blank">https://lists.sipwise.com/listinfo/spce-user</a><br>

><br>

><br>

><br>

</blockquote></div><br></div>