28 Jul
2015
28 Jul
'15
1:01 p.m.
Hello,
sips uri scheme should not be used for TLS connectivity -- that should
be just an URI with transport=tls
The sips means that the communication must be done via a secure channel,
which can be UDP over IPSec, for example.
IIRC, the scheme is taken from request URI, based on SIP RFC.
You should instruct the UA to use sip with transport=tls or you can
change the r-uri not to use sips anymore on your server, before doing
record_route().
Cheers,
Daniel
On 27/07/15 17:04, Asgaroth wrote:
Hi All,
I have kamailio setup and listening on logical interfaces (for
failover purposes) and therefore need to force the sending socket on
initial messages. We are testing sips+tls at the moment and what we
are trying to achive is that the TLS connection occurs from the UAC to
the edge proxy (also responsible for the domain) and then force UDP
for internal communications to services.
What I am comming up against is that when I force the sending socket
on the internal interface to UDP, the record route header still shows
up as a "sips" request. Then, at the presense server, when generating
the NOTIFY it attempts to send it to the proxy using TLS.
My understanding was that the record route would set the uri something
like "sip:internal_ip" when forcing the sending socket to be
"udp:internal_ip". Is my understanding correct, or am I doing
something wrong here?
An example subscribe message follows, the top most record-route
header, from my understanding, should read sip:internal_ip, not
sips:internal_ip. Is this the expected behaviour of double rr with
these types of messages? How could I ensure that the top most
record-route would always be a sip uri (never sips).
SUBSCRIBE sips:subscriber@domain.com:5061 SIP/2.0.
Record-Route: <sips:proxy_internal_ip;r2=on;lr;ftag=594055226>.
Record-Route:
<sips:proxy_external_ip:5061;transport=tls;r2=on;lr;ftag=594055226>.
Max-Breadth: 60.
Via: SIP/2.0/UDP
proxy_internal_ip;branch=z9hG4bK6c9.d7dc4801e872ce9fb5730f9e09f1889e.0;i=1.
Via: SIP/2.0/TLS
172.16.0.121:5060;rport=33273;received=78.143.152.30;branch=z9hG4bK708ea7ba.
Max-Forwards: 69.
Call-ID: 17212ff4-4421321c8feafd63bf800080f0808080@KX-HDV230X.
From: <sips:subscriber@domain.com>;tag=594055226.
To: <sips:subscriber@domain.com>.
CSeq: 2 SUBSCRIBE.
Allow:
INVITE,ACK,CANCEL,BYE,PRACK,INFO,UPDATE,OPTIONS,MESSAGE,NOTIFY,REFER.
Accept:
application/dialog-info+xml,application/rlmi+xml,multipart/related.
Contact: <sips:subscriber@172.16.0.121:5060;alias=78.143.152.30~33273~3>.
Expires: 3600.
Event: dialog.
Any thoughts, tips, tricks would be greatly appreciated.
Cheers
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users(a)lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
--
Daniel-Constantin Mierla
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
Book: SIP Routing With Kamailio - http://www.asipto.com