
<html>

  <head>

    <meta content="text/html; charset=windows-1252"

      http-equiv="Content-Type">

  </head>

  <body text="#000000" bgcolor="#FFFFFF">

    <tt>Matt,<br>

      <br>

      Try to do a:<br>

           subst_uri('/(sip:.*);transport=tls/\1/')<br>

      before t_relay().<br>

      <br>

      It requires the URI module.<br>

      <br>

      Regards,<br>

    </tt>

    <pre class="moz-signature" cols="72">Bogdan-Andrei Iancu

OpenSIPS Founder and Developer

<a class="moz-txt-link-freetext" href="http://www.opensips-solutions.com">http://www.opensips-solutions.com</a></pre>

    <div class="moz-cite-prefix">On 24.08.2015 19:16, Matt Hamilton

      wrote:<br>

    </div>

    <blockquote

cite="mid:DM3PR1201MB11186EDF4CF089AF606DD950B3620@DM3PR1201MB1118.namprd12.prod.outlook.com"

      type="cite">

      <meta http-equiv="Content-Type" content="text/html;

        charset=windows-1252">

      <style type="text/css" style="display:none;"><!-- P {margin-top:0;margin-bottom:0;} --></style>

      <div id="divtagdefaultwrapper"

style="font-size:12pt;color:#000000;background-color:#FFFFFF;font-family:Calibri,Arial,Helvetica,sans-serif;">

        <p>Hi Bogdan,</p>

        <p><br>

        </p>

        <p>UAC RURI doesn't have SIPS schema; it's regular SIP with

          transport=tls.</p>

        <p><br>

        </p>

        <p>UAC    (TLS)-&gt;      Opensips    (force UDP)-&gt;     

          Asterisk</p>

        <p><br>

        </p>

        In spite of the warning message, the traffic flows fine, and

        Asterisk receives the packets unencrypted (as we want). To get

        rid of that warning, is is possible to do a protocol/port

        exchange from TLS(5061) to UDP(5060) in this specific case?<br>

        <br>

        Thanks,<br>

        Matt<br>

        <br>

        <p><br>

        </p>

        <div style="color: rgb(0, 0, 0);">

          <hr tabindex="-1" style="display:inline-block; width:98%">

          <div id="divRplyFwdMsg" dir="ltr"><font style="font-size:11pt"

              color="#000000" face="Calibri, sans-serif"><b>From:</b>

              Bogdan-Andrei Iancu <a class="moz-txt-link-rfc2396E" href="mailto:bogdan@opensips.org">&lt;bogdan@opensips.org&gt;</a><br>

              <b>Sent:</b> Monday, August 24, 2015 5:41 AM<br>

              <b>To:</b> OpenSIPS users mailling list;

              <a class="moz-txt-link-abbreviated" href="mailto:mistral9999@hotmail.com">mistral9999@hotmail.com</a><br>

              <b>Subject:</b> Re: [OpenSIPS-Users] Protocol/port

              mismatch warning (TLS - UDP)</font>

            <div> </div>

          </div>

          <div><tt>Hi Matt,<br>

              <br>

              The RURI you receive from the UAC side, does it contain a

              SIPS schema or a "transport=tls" indication ?<br>

              <br>

              The error you see translates into "there is a conflict

              between the requests protocol and the interface you

              force". So even if you force the UDP interface, maybe the

              RURI may force the TLS protocol, leading to an internal

              conflict.<br>

              <br>

              Regards,<br>

            </tt>

            <pre class="moz-signature" cols="72">Bogdan-Andrei Iancu

OpenSIPS Founder and Developer

<a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://www.opensips-solutions.com">http://www.opensips-solutions.com</a></pre>

            <div class="moz-cite-prefix">On 23.08.2015 19:53, Matt

              Hamilton wrote:<br>

            </div>

            <blockquote type="cite">

              <div id="divtagdefaultwrapper" style="font-size:12pt;

                color:#000000; background-color:#FFFFFF;

                font-family:Calibri,Arial,Helvetica,sans-serif">

                <p><br>

                </p>

                <p>We use Opensips (1.7.1, in the process of upgrading

                  to 2.1) as a dispatcher to multiple Asterisk servers. 

                  Currently we are trying to set up TLS.</p>

                <p><br>

                </p>

                <p><br>

                </p>

                <p>UAC -&gt; Opensips -&gt; Asterisk</p>

                <p><br>

                </p>

                <p>TLS is available and enabled on all three. The

                  traffic between UAC and Opensips is on TLS and

                  encrypted. On the other hand, it's not encrypted

                  between Opensips and Asterisk since we use

                  force_send_socket (UDP) to the Asterisk servers. This

                  is the way we want it - encrypted between UAC and

                  Opensips and not encrypted between Opensips and

                  Asterisk. The communication is fine, but we get a

                  warning "core:get_send_socket: protocol/port mismatch"

                  in our logs. </p>

                <p><br>

                </p>

                <p>My question is: Is forcing TLS traffic thru UDP is

                  the only way to get Opensips - Asterisk traffic is

                  unencrypted?</p>

                <p><br>

                </p>

                <p>Thanks,</p>

                <p>Matt<br>

                </p>

              </div>

              <br>

              <fieldset class="mimeAttachmentHeader"></fieldset>

              <br>

              <pre>_______________________________________________

Users mailing list

<a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a>

<a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a>

</pre>

            </blockquote>

            <br>

          </div>

        </div>

      </div>

    </blockquote>

    <br>

  </body>

</html>