[OpenSIPS-Users] TLS calls through Sip ALG router

Bogdan-Andrei Iancu bogdan at opensips.org
Thu Dec 12 14:04:18 UTC 2024 

Hi,

The key may be this err:

     ERROR:proto_tls:proto_tls_conn_init: no TLS client domain found

meaning in tls_mgm you do not have a TLS client domain matching the 
destination here

     NOTICE:new branch at sip:2 at 22.22.22.22;transport=tls

Double check that first.

Regards,

Bogdan-Andrei Iancu

OpenSIPS Founder and Developer
   https://www.opensips-solutions.com
   https://www.siphub.com

On 11.12.2024 05:20, Alexander Jankowsky via Users wrote:
>
> Running OpenSIPS 3.4.9 on Debian 12.7, softphones are MicroSIP v3.21.4
>
>                            Softphone 1
>
>                               |
>
> ┌----------------Local_NAT_Router1------------------Local_NAT_Router3--------------OpenSIPS 
> Server
>
>       |                       |
>
>       | Local_NAT_Router2
>
>       |                       |
>
>       |                    Softphone 2
>
>       |
>
> Public Internet
>
>       |
>
>       |                [LOCKED SIP ALG ROUTER]
>
> └----------------Remote_NAT_Router4------------------Remote_NAT_Router5------------Softphone 
> 5
>
> Local softphones 1 & 2 can successfully call remote softphone 5 on TLS 
> with two way audio.
>
> When softphone 5 attempts a call back on TLS there is the pop-up “Send 
> failed (477/TM)”
>
> Using “opensips-cli –x mi ul_dump”
>
> This is the local Softphone 2
>
> "AOR": "2",
>
> "Contact": "sip:2 at 11.11.11.11:37335;transport=TLS;ob",
>
> "ContactID": "3659174697266531",
>
> "Expires": 57,
>
> "Q": "",
>
> "Callid": "56a5db52f0094c7baaaf80323220d576",
>
> "Cseq": 40112,
>
> "User-agent": "MicroSIP/3.21.4",
>
> "State": "CS_NEW",
>
> "Flags": 0,
>
> "Cflags": "",
>
> "Socket": "tls:11.11.11.11:42061",
>
> "Methods": 8063
>
> This is the Remote Softphone 5, behind the locked SIP ALG router.
>
> "AOR": "5",
>
> "Contact": "sip:5 at 22.22.22.22:56010;transport=TLS;ob",
>
> "ContactID": "3588805953090311",
>
> "Expires": 11,
>
> "Q": "",
>
> "Callid": "859ff264a633470a9e5f05db749174f9",
>
> "Cseq": 10265,
>
> "User-agent": "MicroSIP/3.21.4",
>
> "State": "CS_NEW",
>
> "Flags": 0,
>
> "Cflags": "",
>
> "Socket": "tls:11.11.11.11:42061",
>
> "Methods": 8063
>
> This is the call attempt from remote softphone 5 to local softphone 2
>
> Using “journalctl –xeu opensips.service” to read the call attempt shows…
>
> NOTICE:new branch at sip:2 at 22.22.22.22;transport=tls
>
> ERROR:proto_tls:proto_tls_conn_init: no TLS client domain found
>
> ERROR:core:tcp_conn_create: failed to do proto 3 specific init for 
> conn 0x7f67a7887d00
>
> ERROR:core:tcp_async_connect: tcp_conn_create failed
>
> ERROR:proto_tls:proto_tls_send: async TCP connect failed
>
> ERROR:tm:msg_send: send() to 22.22.22.22:5061 for proto tls/3 failed
>
> ERROR:tm:t_forward_nonack: sending request failed
>
> opensips.cfg https://pastebin.com/r0kwzG02
>
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20241212/57b3edd1/attachment.html>

More information about the Users mailing list