Hi All,<br><br>I need to setup a SIP TLS Stateless Proxy Server using opensips<br><br>In test setup I have two machines SL, SS and two soft phones PH1, PH2<br><br>SL: machine 172.16.8.79 is working as Stateless Proxy using opensips<br>
<br>SS: machine 172.16.8.24 is working main Sip Proxy server, which is<br> also working as Registrar using opensips<br><br>Both phones are minisip_gtkgui soft phones<br>both are running on SIP server machine 172.16.8.24<br>
and each have two users profiles,<br><br>for udp udpproxytest1 , for tls tlsproxytest1 on Phone PH1<br><br>for udp udpproxytest2 , for tls tlsproxytest2 on Phone PH2<br><br>Phone PH1:<br>Profile udpproxytest1<br> SIP url is <a href="mailto:sip%3Audpproxytest1@172.16.8.24">sip:udpproxytest1@172.16.8.24</a><br>
username: udpproxytest1<br> password: udpproxytest1<br> Outbound proxy<br> SIPProxy: 172.16.8.79<br> Network Port: 5060<br> Transport Method: UDP<br><br>Profile tlsproxytest1<br> SIP url is <a href="mailto:sips%3Atlsproxytest1@172.16.8.24">sips:tlsproxytest1@172.16.8.24</a><br>
username: tlsproxytest1<br> password: tlsproxytest1<br> Outbound proxy<br> SIPProxy: 172.16.8.79<br> Network Port: 5061<br> Transport Method: TLS<br><br>Phone PH2:<br>Profile udpproxytest2<br> SIP url is <a href="mailto:sip%3Audpproxytest2@172.16.8.24">sip:udpproxytest2@172.16.8.24</a><br>
username: udpproxytest2<br> password: udpproxytest2<br> Outbound proxy<br> SIPProxy: 172.16.8.79<br> Network Port: 5060<br> Transport Method: UDP<br><br>Profile tlsproxytest2<br> SIP url is <a href="mailto:sips%3Atlsproxytest2@172.16.8.24">sips:tlsproxytest2@172.16.8.24</a><br>
username: tlsproxytest2<br> password: tlsproxytest2<br> Outbound proxy<br> SIPProxy: 172.16.8.79<br> Network Port: 5061<br> Transport Method: TLS<br><br><br>When I test with users who uses UDP transport<br>
I am able to successfully Register and Invite and make call.<br><br><br>But in case of TLS only Registration get succeed, but Call<br>failed with "Remote side Rejected call".<br><br>NOTE:<br>,----<br>| Please note here is some problem with minisip phones that in case of<br>
| TLS transport they register with Contact that have transport=tcp that I<br>| have to change manually using<br>|<br>| opensipsctl ul add<br>| opensipsctl ul rm<br>|<br>| command keeping same ports that was registered earlier.<br>
`----<br><br>I also noticed in case TLS call the port designated in Contact uri in<br>time of registration are not open (that may be the reason for failed call)<br><br>Anybody could please let me know when Stateless Proxy could<br>
successfully work in UDP than what problem causing failure of call in<br>TLS.<br><br>I have included link to the logs for both UDP and TLS session.<br><br>In all logs my comments are also there starting with DateTime and Sharad:<br>
like<br> 26Apr2013-11:33:51 Sharad: Starting test on udp<br><br>in comment I have informed when I am going to do a operation like<br>register or call.<br><br>For generating certificate I have followed<br><a href="http://www.opensips.org/html/docs/tutorials/tls-1.4.x.html#AEN118">http://www.opensips.org/html/docs/tutorials/tls-1.4.x.html#AEN118</a><br>
<br>I have generated main server certificate with<br> /usr/local/sbin/opensipsctl tls rootCA<br> /usr/local/sbin/opensipsctl tls userCERT mainserver<br>in sslmainserver-tls.tar dir<br><br>I have generated stateless proxy server certificate with<br>
/usr/local/sbin/opensipsctl tls rootCA<br> /usr/local/sbin/opensipsctl tls userCERT slproxy<br>in sslslproxy-tls.tar dir<br><br>Both generated certificate I have installed in both phones.<br><br>Logs and Config Files are at<br>
<a href="https://drive.google.com/folderview?id=0B4zwpbVQ5V3gMHl2SlVBUjR6NEU&usp=sharing">https://drive.google.com/folderview?id=0B4zwpbVQ5V3gMHl2SlVBUjR6NEU&usp=sharing</a><br><br>sipSLproxy-udp.log: UDP Stateless Proxy Log<br>
sipserver-udp.log: UDP Main SIP Proxy Log<br>phone1-udp.log: UDP Phone1 Log<br>phone2-udp.log: UDP Phone2 Log<br><br>sipSLproxy-tls.log: TLS Stateless Proxy Log<br>sipserver-tls.log: TLS Main SIP Proxy Log<br>phone1-tls.log: TLS Phone1 Log<br>
phone2-tls.log: TLS Phone2 Log<br><br>SIPSERVER-opensips.cfg: SIP Server opensips.cfg<br>SIP-STATELESS-Proxy-opensips.cfg: SIP Stateless proxy opensips.cfg<br><br>sslslproxy-tls.tar: etc/opensips/tls dir for Stateless Proxy<br>
also have used certificate<br>sslmainserver-tls.tar: etc/opensips/tls dir for Main SIP Server<br> also have used certificate<br>--<br>Regards,<br>-sharad<br><br><br>