<div dir="ltr"><p>Hi Klaus,</p>
<p>Thanks for your reply!</p>
<p>If you move slightly upward in my log file, you will find following lines:</p>
<p>Aug 20 17:00:42 [22847] DBG:core:tcp_send: no open tcp connection found, opening new one<br>Aug 20 17:00:42 [22847] DBG:core:print_ip: tcpconn_new: new tcp connection to: <a href="http://172.25.0.113">172.25.0.113</a><br>
Aug 20 17:00:42 [22847] DBG:core:tcpconn_new: on port 28785, type 3<br>Aug 20 17:00:42 [22847] DBG:core:tls_tcpconn_init: entered: Creating a whole new ssl connection<br>Aug 20 17:00:42 [22847] DBG:core:tls_tcpconn_init: name based TLS client domains are disabled<br>
Aug 20 17:00:42 [22847] DBG:core:tls_tcpconn_init: no TLS client doman AVP set, looking for socket based TLS client domain<br>Aug 20 17:00:42 [22847] DBG:core:tls_find_client_domain: virtual TLS client domain not found, Using default TLS client domain settings<br>
Aug 20 17:00:42 [22847] DBG:core:tls_tcpconn_init: found socket based TLS client domain [<a href="http://0.0.0.0:0">0.0.0.0:0</a>]<br>Aug 20 17:00:42 [22847] DBG:core:tls_tcpconn_init: Setting in CONNECT mode (client)<br>
Aug 20 17:00:42 [22847] DBG:core:tcp_send: sending...<br>Aug 20 17:00:42 [22847] DBG:core:tls_update_fd: New fd is 25<br>Aug 20 17:00:42 [22847] ERROR:core:tls_connect: something wrong in SSL:</p>
<p>This shows that there is not any existing TCP connection with eyeBeam available and it is obvious as the "INVITE" message is outbound message.</p>
<p>OpenSIPs server successfully establishes TCP connection with eyeBeam but the TLS handshake fails. So as suggested by you I need to go in more dtails by using ssldump utility. </p>
<p><br>Thanks agian,<br>NT<br><br><br></p>
<div class="gmail_quote">On Mon, Sep 1, 2008 at 8:06 PM, Klaus Darilion <span dir="ltr"><<a href="mailto:klaus.mailinglists@pernau.at">klaus.mailinglists@pernau.at</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">Aug 20 17:00:42 [22847] DBG:core:tcp_send: sending...<br>Aug 20 17:00:42 [22847] DBG:core:tls_update_fd: New fd is 25<br>
Aug 20 17:00:42 [22847] ERROR:core:tls_connect: something wrong in SSL:<br>Aug 20 17:00:42 [22847] DBG:core:tcp_send: after write: c= 0xb60f4d78 n=-1 fd=25<br>Aug 20 17:00:42 [22847] DBG:core:tcp_send: buf=<br><br>Unfortunately the log file does not tell us what the problem was.<br>
<br>Sniff the TLS connection to find out the problem:<br>1. Does openser establish TCP connection with eyebeam - usually there should be an existing TCP/TLS connection - if this is not the case you will problems anyway.)<br>
<br>So watch out if there is existing TCP/TLS connection of if a new one is setup<br><br>If a new one is setup, take a look if the ssl ahdnshak is fine (e.g. use ssldump utility)<br><br>regards<br>klaus<br><br>Nachiket Tarate schrieb:<br>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">
<div>
<div></div>
<div class="Wj3C7c">Hi,<br><br>I am currently trying to make Secure RTP calls between my SIP client and the eyeBeam. When eyeBeam is configured for encrypted calls, it uses Secure RTP for media and TLS for SIP signalling.<br>
<br>I have configured the OpenSIPs server with TLS support.<br><br>The scenario is as shown below:<br><br><br> ---------------- UDP ------------------ TLS -------------<br>| My SIP Client | <-----> | OpenSIPs Server | <-----> | eyeBeam 1.5 |<br>
---------------- ------------------ -------------<br> Linux Machine Linux Machine Widows XP machine<br><br>When a call is made from eyeBeam to My SIP client the call gets established properly and the OpenSIPs server acts as a gateway.<br>
<br>But when a call is made from My SIP client to eyeBeam the OpenSIPs returns the *477 Send failed* response to My SIP client.<br><br>By enabling the debug informaiton on OpenSIPs server, I found that it couldn't do TLS handshake with the eyeBeam and so couldn't send the SIP Request from My SIP client to the eyeBeam.<br>
<br>In brief the OpenSIPs server can accept the inbound messages via TLS but *it can't send outbound messages via TLS*.<br><br>Can anybody help me to resolve this problem? Please see my opensips.cfg file and OpenSIPs server logs attached with this mail.<br>
<br>Thanks,<br>NT<br> <br><br></div></div>
<div class="Ih2E3d">------------------------------------------------------------------------<br><br>_______________________________________________<br>Users mailing list<br><a href="mailto:Users@lists.opensips.org" target="_blank">Users@lists.opensips.org</a><br>
<a href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users" target="_blank">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a><br></div></blockquote></blockquote></div><br></div>