<html>
  <head>
    <meta content="text/html; charset=windows-1252"
      http-equiv="Content-Type">
  </head>
  <body text="#000000" bgcolor="#FFFFFF">
    <tt>Matt,<br>
      <br>
      Try to do a:<br>
           subst_uri('/(sip:.*);transport=tls/\1/')<br>
      before t_relay().<br>
      <br>
      It requires the URI module.<br>
      <br>
      Regards,<br>
    </tt>
    <pre class="moz-signature" cols="72">Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
<a class="moz-txt-link-freetext" href="http://www.opensips-solutions.com">http://www.opensips-solutions.com</a></pre>
    <div class="moz-cite-prefix">On 24.08.2015 19:16, Matt Hamilton
      wrote:<br>
    </div>
    <blockquote
cite="mid:DM3PR1201MB11186EDF4CF089AF606DD950B3620@DM3PR1201MB1118.namprd12.prod.outlook.com"
      type="cite">
      <meta http-equiv="Content-Type" content="text/html;
        charset=windows-1252">
      <style type="text/css" style="display:none;"><!-- P {margin-top:0;margin-bottom:0;} --></style>
      <div id="divtagdefaultwrapper"
style="font-size:12pt;color:#000000;background-color:#FFFFFF;font-family:Calibri,Arial,Helvetica,sans-serif;">
        <p>Hi Bogdan,</p>
        <p><br>
        </p>
        <p>UAC RURI doesn't have SIPS schema; it's regular SIP with
          transport=tls.</p>
        <p><br>
        </p>
        <p>UAC    (TLS)-&gt;      Opensips    (force UDP)-&gt;     
          Asterisk</p>
        <p><br>
        </p>
        In spite of the warning message, the traffic flows fine, and
        Asterisk receives the packets unencrypted (as we want). To get
        rid of that warning, is is possible to do a protocol/port
        exchange from TLS(5061) to UDP(5060) in this specific case?<br>
        <br>
        Thanks,<br>
        Matt<br>
        <br>
        <p><br>
        </p>
        <div style="color: rgb(0, 0, 0);">
          <hr tabindex="-1" style="display:inline-block; width:98%">
          <div id="divRplyFwdMsg" dir="ltr"><font style="font-size:11pt"
              color="#000000" face="Calibri, sans-serif"><b>From:</b>
              Bogdan-Andrei Iancu <a class="moz-txt-link-rfc2396E" href="mailto:bogdan@opensips.org">&lt;bogdan@opensips.org&gt;</a><br>
              <b>Sent:</b> Monday, August 24, 2015 5:41 AM<br>
              <b>To:</b> OpenSIPS users mailling list;
              <a class="moz-txt-link-abbreviated" href="mailto:mistral9999@hotmail.com">mistral9999@hotmail.com</a><br>
              <b>Subject:</b> Re: [OpenSIPS-Users] Protocol/port
              mismatch warning (TLS - UDP)</font>
            <div> </div>
          </div>
          <div><tt>Hi Matt,<br>
              <br>
              The RURI you receive from the UAC side, does it contain a
              SIPS schema or a "transport=tls" indication ?<br>
              <br>
              The error you see translates into "there is a conflict
              between the requests protocol and the interface you
              force". So even if you force the UDP interface, maybe the
              RURI may force the TLS protocol, leading to an internal
              conflict.<br>
              <br>
              Regards,<br>
            </tt>
            <pre class="moz-signature" cols="72">Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
<a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://www.opensips-solutions.com">http://www.opensips-solutions.com</a></pre>
            <div class="moz-cite-prefix">On 23.08.2015 19:53, Matt
              Hamilton wrote:<br>
            </div>
            <blockquote type="cite">
              <div id="divtagdefaultwrapper" style="font-size:12pt;
                color:#000000; background-color:#FFFFFF;
                font-family:Calibri,Arial,Helvetica,sans-serif">
                <p><br>
                </p>
                <p>We use Opensips (1.7.1, in the process of upgrading
                  to 2.1) as a dispatcher to multiple Asterisk servers. 
                  Currently we are trying to set up TLS.</p>
                <p><br>
                </p>
                <p><br>
                </p>
                <p>UAC -&gt; Opensips -&gt; Asterisk</p>
                <p><br>
                </p>
                <p>TLS is available and enabled on all three. The
                  traffic between UAC and Opensips is on TLS and
                  encrypted. On the other hand, it's not encrypted
                  between Opensips and Asterisk since we use
                  force_send_socket (UDP) to the Asterisk servers. This
                  is the way we want it - encrypted between UAC and
                  Opensips and not encrypted between Opensips and
                  Asterisk. The communication is fine, but we get a
                  warning "core:get_send_socket: protocol/port mismatch"
                  in our logs. </p>
                <p><br>
                </p>
                <p>My question is: Is forcing TLS traffic thru UDP is
                  the only way to get Opensips - Asterisk traffic is
                  unencrypted?</p>
                <p><br>
                </p>
                <p>Thanks,</p>
                <p>Matt<br>
                </p>
              </div>
              <br>
              <fieldset class="mimeAttachmentHeader"></fieldset>
              <br>
              <pre>_______________________________________________
Users mailing list
<a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a>
<a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a>
</pre>
            </blockquote>
            <br>
          </div>
        </div>
      </div>
    </blockquote>
    <br>
  </body>
</html>