[Spce-user] peer using TLS
Mykola Zaika
mzaika at voiptime.net
Fri Apr 10 06:04:23 EDT 2015
Thank You, Daniel.
Everything works.
--
З повагою,
Микола Заїка
Компанія VoIPTime,
Тел: +380 32 2328022
mzaika at voiptime.net
www.voiptime.net
2015-04-10 11:27 GMT+03:00 Daniel Grotti <dgrotti at sipwise.com>:
> Reason it the TLS, you don't see encrypted message if you make a sip trace.
> Please check the kamailio-lb.log to see the message relayed to the
> provider in tls.
>
>
>
>
> Daniel Grotti
> VoIP Engineer
>
>
> Sipwise GmbH
> Europaring F15 | 2345 Brunn am Gebirge, Austria | www.sipwise.com
>
> On 04/10/2015 10:22 AM, Mykola Zaika wrote:
> > Hello,
> > In peer settings, I have selected protocol TLS and port 5061. All my
> > outgoing packets go inside SipWise (127.0.0.1:5080
> > <http://127.0.0.1:5080> -> 127.0.0.1:5060 <http://127.0.0.1:5060>). I
> > can`t see any SIp packet from SipWise to provider. What can be the
> > reason of it ?
> > When I use protocol UDP, I see outgoing packets to provider.
> >
> > U 2015/04/10 11:10:52.712509 127.0.0.1:5080 <http://127.0.0.1:5080> ->
> > 127.0.0.1:5060 <http://127.0.0.1:5060>
> > INVITE sip:0662823314 at 212.58.166.54
> > <mailto:sip%3A0662823314 at 212.58.166.54> SIP/2.0'
> > Via: SIP/2.0/UDP 127.0.0.1:5080;branch=z9hG4bKh2LzzaJ0;rport'
> > From: <sip:0931700226 at 212.58.166.54
> > <mailto:sip%3A0931700226 at 212.58.166.54
> >>;tag=28CC80E6-5527858C000ADDA5-3C2C2700'
> > To: <sip:0662823314 at 212.58.166.54 <mailto:sip%3A0662823314 at 212.58.166.54
> >>'
> > CSeq: 10 INVITE'
> > Call-ID: 62ad049116741ff406d5988162f6267d at 10.200.10.15_b2b-1'
> > Route:
> > <sip:127.0.0.1:5060;received='sip:212.58.166.54
> :5061;lr;transport=tls';lr>'
> > Max-Forwards: 70'
> > Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, SUBSCRIBE, NOTIFY, PUBLISH'
> > Supported: replaces'
> > P-D-Uri:
> > sip:127.0.0.1:5060;received='sip:212.58.166.54:5061;lr;transport=tls''
> > Content-Type: application/sdp'
> > Contact: <sip:127.0.0.1:5080;transport=udp>'
> > Content-Length: 304'
> > '
> > v=0'
> > o=root 1014308804 1014308805 IN IP4 93.178.252.43'
> > s=A'
> > c=IN IP4 93.178.252.43'
> > t=0 0'
> > m=audio 34318 RTP/AVP 0 8 101'
> > a=rtpmap:0 PCMU/8000'
> > a=rtpmap:8 PCMA/8000'
> > a=rtpmap:101 telephone-event/8000'
> > a=fmtp:101 0-16'
> > a=sendrecv'
> > a=silenceSupp:off - - - -'
> > a=ptime:20'
> > a=rtcp:34319'
> > a=direction:active'
> >
> >
> > --
> > З повагою,
> > Микола Заїка
> > Компанія VoIPTime,
> > Тел: +380 32 2328022 <tel:%2B380%2032%202328022>
> > mzaika at voiptime.net <mailto:mzaika at voiptime.net>
> > www.voiptime.net <http://www.voiptime.net>
> >
> > 2015-04-07 17:31 GMT+03:00 Mykola Zaika <mzaika at voiptime.net
> > <mailto:mzaika at voiptime.net>>:
> >
> > I have done it.
> >
> > how about
> > tlscafile=/etc/asterisk/certificate/ca.pem
> > tlscertfile=/etc/asterisk/certificate/asterisk.pem
> >
> > I found this in /etc/kamailio/tls.cfg Am I right ?
> >
> > --
> > З повагою,
> > Микола Заїка
> > Компанія VoIPTime,
> > Тел: +380 32 2328022 <tel:%2B380%2032%202328022>
> > mzaika at voiptime.net <mailto:mzaika at voiptime.net>
> > www.voiptime.net <http://www.voiptime.net>
> >
> > 2015-04-07 17:25 GMT+03:00 Daniel Grotti <dgrotti at sipwise.com
> > <mailto:dgrotti at sipwise.com>>:
> >
> > Hi,
> > in the peering server configuration, you can select the protocol
> you
> > want to use for the interconnection.
> >
> >
> > Regards,
> >
> >
> > Daniel Grotti
> > VoIP Engineer
> >
> >
> > Sipwise GmbH
> > Europaring F15 | 2345 Brunn am Gebirge, Austria |
> > www.sipwise.com <http://www.sipwise.com>
> >
> > On 04/07/2015 04:20 PM, Mykola Zaika wrote:
> > > Hello,
> > >
> > > How can I setup peer with protocol TLS ? Can someone share
> his experience ?
> > >
> > >
> > > Config from Asterisk works:
> > >
> > > [general]
> > >
> > > tlsenable=yes
> > >
> > > tlsbindaddr=client.wan.ip.addr
> > >
> > > tlscafile=/etc/asterisk/certificate/ca.pem
> > >
> > > tlscertfile=/etc/asterisk/certificate/asterisk.pem
> > >
> > > tlscipher=DES-CBC3-SHA
> > >
> > > tlsclientmethod=tlsv1
> > >
> > > tlsdontverifyserver=no
> > >
> > >
> > > register=> tls://044232XXXX:verysecretpass@212.58.166.54:5061
> > <http://044232XXXX:verysecretpass@212.58.166.54:5061>
> > > <http://212.58.166.54:5061>/044232XXXX
> > >
> > >
> > > [044232XXXX]
> > >
> > > type=friend
> > >
> > > username=044232XXXX
> > >
> > > secret=verysecretpass
> > >
> > > host=212.58.166.54 <tel:212.58.166.54>
> > >
> > > port=5061
> > >
> > > fromuser=044232XXXX ;
> > >
> > > transport=tls
> > >
> > > encryption=yes
> > >
> > > context=incoming
> > >
> > > disallow=all
> > >
> > > allow=ulaw
> > >
> > > allow=alaw
> > >
> > >
> > >
> > >
> > >
> > > _______________________________________________
> > > Spce-user mailing list
> > > Spce-user at lists.sipwise.com <mailto:
> Spce-user at lists.sipwise.com>
> > > https://lists.sipwise.com/listinfo/spce-user
> > >
> > _______________________________________________
> > Spce-user mailing list
> > Spce-user at lists.sipwise.com <mailto:Spce-user at lists.sipwise.com>
> > https://lists.sipwise.com/listinfo/spce-user
> >
> >
> >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sipwise.com/pipermail/spce-user_lists.sipwise.com/attachments/20150410/bc7de956/attachment-0001.html>
More information about the Spce-user
mailing list