[OpenSIPS-Users] SIP TLS Stateless Proxy not working
Sharad Pratap
sh4r4d at gmail.com
Tue Apr 30 08:29:56 CEST 2013
Hi All,
I need to setup a SIP TLS Stateless Proxy Server using opensips
In test setup I have two machines SL, SS and two soft phones PH1, PH2
SL: machine 172.16.8.79 is working as Stateless Proxy using opensips
SS: machine 172.16.8.24 is working main Sip Proxy server, which is
also working as Registrar using opensips
Both phones are minisip_gtkgui soft phones
both are running on SIP server machine 172.16.8.24
and each have two users profiles,
for udp udpproxytest1 , for tls tlsproxytest1 on Phone PH1
for udp udpproxytest2 , for tls tlsproxytest2 on Phone PH2
Phone PH1:
Profile udpproxytest1
SIP url is sip:udpproxytest1 at 172.16.8.24
username: udpproxytest1
password: udpproxytest1
Outbound proxy
SIPProxy: 172.16.8.79
Network Port: 5060
Transport Method: UDP
Profile tlsproxytest1
SIP url is sips:tlsproxytest1 at 172.16.8.24
username: tlsproxytest1
password: tlsproxytest1
Outbound proxy
SIPProxy: 172.16.8.79
Network Port: 5061
Transport Method: TLS
Phone PH2:
Profile udpproxytest2
SIP url is sip:udpproxytest2 at 172.16.8.24
username: udpproxytest2
password: udpproxytest2
Outbound proxy
SIPProxy: 172.16.8.79
Network Port: 5060
Transport Method: UDP
Profile tlsproxytest2
SIP url is sips:tlsproxytest2 at 172.16.8.24
username: tlsproxytest2
password: tlsproxytest2
Outbound proxy
SIPProxy: 172.16.8.79
Network Port: 5061
Transport Method: TLS
When I test with users who uses UDP transport
I am able to successfully Register and Invite and make call.
But in case of TLS only Registration get succeed, but Call
failed with "Remote side Rejected call".
NOTE:
,----
| Please note here is some problem with minisip phones that in case of
| TLS transport they register with Contact that have transport=tcp that I
| have to change manually using
|
| opensipsctl ul add
| opensipsctl ul rm
|
| command keeping same ports that was registered earlier.
`----
I also noticed in case TLS call the port designated in Contact uri in
time of registration are not open (that may be the reason for failed call)
Anybody could please let me know when Stateless Proxy could
successfully work in UDP than what problem causing failure of call in
TLS.
I have included link to the logs for both UDP and TLS session.
In all logs my comments are also there starting with DateTime and Sharad:
like
26Apr2013-11:33:51 Sharad: Starting test on udp
in comment I have informed when I am going to do a operation like
register or call.
For generating certificate I have followed
http://www.opensips.org/html/docs/tutorials/tls-1.4.x.html#AEN118
I have generated main server certificate with
/usr/local/sbin/opensipsctl tls rootCA
/usr/local/sbin/opensipsctl tls userCERT mainserver
in sslmainserver-tls.tar dir
I have generated stateless proxy server certificate with
/usr/local/sbin/opensipsctl tls rootCA
/usr/local/sbin/opensipsctl tls userCERT slproxy
in sslslproxy-tls.tar dir
Both generated certificate I have installed in both phones.
Logs and Config Files are at
https://drive.google.com/folderview?id=0B4zwpbVQ5V3gMHl2SlVBUjR6NEU&usp=sharing
sipSLproxy-udp.log: UDP Stateless Proxy Log
sipserver-udp.log: UDP Main SIP Proxy Log
phone1-udp.log: UDP Phone1 Log
phone2-udp.log: UDP Phone2 Log
sipSLproxy-tls.log: TLS Stateless Proxy Log
sipserver-tls.log: TLS Main SIP Proxy Log
phone1-tls.log: TLS Phone1 Log
phone2-tls.log: TLS Phone2 Log
SIPSERVER-opensips.cfg: SIP Server opensips.cfg
SIP-STATELESS-Proxy-opensips.cfg: SIP Stateless proxy opensips.cfg
sslslproxy-tls.tar: etc/opensips/tls dir for Stateless Proxy
also have used certificate
sslmainserver-tls.tar: etc/opensips/tls dir for Main SIP Server
also have used certificate
--
Regards,
-sharad
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20130430/1821d337/attachment.htm>
More information about the Users
mailing list