[OpenSIPS-Users] TLS traffic is being relayed as UDP but on the TLS Port?

Bogdan-Andrei Iancu bogdan at opensips.org
Fri Mar 15 03:06:18 EDT 2019


Hi John,

Probably the 5061 port (specific to TLS) is not re-written during the 
routing process - for example see the 5061 in the REGISTER RURI. How do 
you route the REGISTER from OpenSIPS to Asterisk ? Dispatcher ? or ?

Regards,

Bogdan-Andrei Iancu

OpenSIPS Founder and Developer
   https://www.opensips-solutions.com
OpenSIPS Summit 2019
   https://www.opensips.org/events/Summit-2019Amsterdam/

On 03/15/2019 01:03 AM, John Kiniston wrote:
> I have a proxy that works fine with UDP handling mid-registrar and 
> mediaproxy duties in front of my Asterisk Servers.
>
> I'd like to enable TLS on my proxy and switch my phones to registering 
> via TLS.
>
> I've got my TLS keys working now and I see my phone sending requests 
> to OpenSIPS where they are being processed.
>
> However when OpenSIPS is sending the traffic to my Asterisk boxes it's 
> sending SIP traffic to port 5061 instead of sending TLS.
>
> U 2019/03/14 15:54:33.985636 <Proxy>:5060 -> <Asterisk>:5061 #32
> REGISTER sip:<pbx>:5061 SIP/2.0.
> Via: SIP/2.0/UDP Proxy:5060;branch=z9hG4bKffdc.94c66575.0;i=a64b8973.
> Via: SIP/2.0/TLS 
> 172.16.52.69:12332;received=64.119.40.170;branch=z9hG4bK3157565843;rport=12332.
> From: "Test" <sip:7004@<pbx>:5061>;tag=1087298031.
> To: "Test" <sip:7004@<pbx>:5061>.
> Call-ID: 0_425741679 at 172.16.52.69 <mailto:0_425741679 at 172.16.52.69>.
> CSeq: 1 REGISTER.
> Contact: <sip:7004 at Proxy:5060>.
> Allow: INVITE, INFO, PRACK, ACK, BYE, CANCEL, OPTIONS, NOTIFY, 
> REGISTER, SUBSCRIBE, REFER, PUBLISH, UPDATE, MESSAGE.
> Max-Forwards: 69.
> User-Agent: Yealink SIP-T42G 29.83.0.50
> Expires: 3600.
> Allow-Events: talk,hold,conference,refer,check-sync.
> Mac: 00:15:65:72:e5:f3.
> Line: 1.
> Content-Length: 0.
>
> I believe this is because the initial request opensips is recieving 
> from the phone has 'sip' in the register?
>
>    REGISTER sip:<pbx>:5061 SIP/2.0
>     Via: SIP/2.0/TLS 172.16.52.69:12122;branch=z9hG4bK2625059359;rport
>     From: "Test" <sip:7004 at pbx:5061>;tag=1299551992
>     To: "Test" <sip:7004 at pbx:5061>
>     Call-ID: 0_292898054 at 172.16.52.69 <mailto:0_292898054 at 172.16.52.69>
>     CSeq: 1 REGISTER
>     Contact: <sip:7004 at 172.16.52.69:12122;transport=TLS>
>     Allow: INVITE, INFO, PRACK, ACK, BYE, CANCEL, OPTIONS, NOTIFY, 
> REGISTER, SUBSCRIBE, REFER, PUBLISH, UPDATE, MESSAGE
>     Max-Forwards: 70
>     User-Agent: Yealink SIP-T42G 29.83.0.50
>     Expires: 3600
>     Allow-Events: talk,hold,conference,refer,check-sync
>     Mac: 00:15:65:72:e5:f3
>     Line: 1
>     Content-Length: 0
>
>
> What can I do here? I've tried playing with rewriting $du and $fs but 
> that doesn't seem to be working.
> -- 
> A human being should be able to change a diaper, plan an invasion, 
> butcher a hog, conn a ship, design a building, write a sonnet, balance 
> accounts, build a wall, set a bone, comfort the dying, take orders, 
> give orders, cooperate, act alone, solve equations, analyze a new 
> problem, pitch manure, program a computer, cook a tasty meal, fight 
> efficiently, die gallantly. Specialization is for insects.
> ---Heinlein
>
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20190315/ca0f49d9/attachment.html>


More information about the Users mailing list