Thanks for your help and interest Bogdan..I know you are busy..I know that my script is related to the GW forwarding but that is the only thing related RELAY that I do "With reference to your first replay"
My config is http://pastebin.com/m45551815
-----Original Message----- From: Bogdan-Andrei Iancu [mailto:bogdan@voice-system.ro] Sent: Wednesday, March 26, 2008 3:07 PM To: Ali Jawad Cc: users@lists.openser.org Subject: Re: [OpenSER-Users] UA Cant Connect To TLS
Hi Ali,
but the script you listed doesn't seam to be related to REGISTER processing....for a GW forwarding.
Regards, Bogdan
Ali Jawad wrote:
Hi Bodgan Thank you for your help
I had the following "now commented" statement in route[1]
route[1] {
xlog("L_INFO","rewritehostport to VOIP_GW:5060");## Removed On 1.36 25 03 08 ## sethostport("xx.xx.xx.xx:5060");
if (subst_uri('/(sip:.*);nat=yes/\1/')){ setbflag(6); }; if (isflagset(5)||isbflagset(6)) { route(3); } if (!t_relay()) { sl_reply_error(); }; exit;}
I commented it out as you can see now I cant login either but I am getting these errors
Forbidden and Unauthorized
Another thing I would like to mention is that it worked with non TLS clients using the previous setups.
Thx for your help so far. -----Original Message----- From: Bogdan-Andrei Iancu [mailto:bogdan@voice-system.ro] Sent: Tuesday, March 25, 2008 1:02 PM To: Ali Jawad Cc: users@lists.openser.org Subject: Re: [OpenSER-Users] UA Cant Connect To TLS
Hi Ali,
The REGISTER gets to the server and it is processed by the routing script - your script tries to relay the request to another
destination:
Mar 19 12:04:42 [29280] DBG:tm:t_relay_to: new transaction fwd'ed
I would say the problem is on the cfg script and not in TLS part.
Regards, Bogdan
Ali Jawad wrote:
Hi All
My UA cant connect to tls on my openser server, as per logs
everything
seems fine ..I don't know why it disconnects in the end ..the log is http://java.pastebin.ca/948774
My TLS settings are
/* uncomment the following lines to enable TLS support (default off)
*/
#disable_tls = yes
disable_tls = no
listen = tls:xx.xx.x.xx.x
tls_verify_server = 1
tls_verify_client = 1
tls_require_client_certificate = 0
tls_method = TLSv1
#tls_certificate = "/usr/local/eyeball/license/cert.pem"
#tls_private_key = "/usr/local/eyeball/license/privkey.pem"
#tls_ca_list = "/usr/local/eyeball/license/splendor3.crtpvk.pem"
tls_certificate = "/usr/local/etc/openser/tls/user/user-cert.pem"
tls_private_key = "/usr/local/etc/openser/tls/user/user-privkey.pem"
tls_ca_list = "/usr/local/etc/openser/tls/user/user-calist.pem"
#port=5060
/* uncomment and configure the following line if you want openser to
bind on a specific interface/port/proto (default bind on all
available) */
listen=udp:87.236.144.13:5060
#listen=tcp:87.236.144.12:5060
sip_warning=yes
------------------------------------------------------------------------
Users mailing list Users@lists.openser.org http://lists.openser.org/cgi-bin/mailman/listinfo/users