Hello,

if tls connection from client is terminated to Kamailio, then a phone can be reachable only via the Kamailio that accepted its connection. You can add local path to the registration and then enable:

  * https://www.kamailio.org/docs/modules/stable/modules/registrar.html#registrar.p.path_check_local

Now, just some different ideas to explore: if you just have only two Kamailio systems and do not expect more, you can skip replication and just route to the other Kamailio if lookup() location returns false for traffic coming from endpoints. If traffic is coming from the other Kamailio, return 404. This works fine and can be simpler approach if there is a single phone per user account. In case there can be many phones per user account, then after lookup location add a branch with the address of the other Kamailio.

Cheers,
Daniel

On 23.09.20 09:07, Joey Golan wrote:
Hello,

I’m trying to make a call between 2 users registered (TLS) on two different kamailio instances behind haproxy with NAT handling.

UE1 is registered to kamailio1
UE2 is registered to kamailio2

DMQ and dmq_usrloc are enabled so each kamailio can see all registered users.

What else do I need to do in order to make it work properly?

Thanks,

Joey.

_______________________________________________
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
-- 
Daniel-Constantin Mierla -- www.asipto.com
www.twitter.com/miconda -- www.linkedin.com/in/miconda
Funding: https://www.paypal.me/dcmierla