With TLS it still is not working
Mar 27 11:39:16 [4421] INFO:core:probe_max_receive_buffer: using a UDP receive buffer of 255 kb Mar 27 11:39:16 [4425] WARNING:usrloc:dbrow2info: non-local socket tcp:172.16.16.218:5091...ignoring Mar 27 11:39:18 [4431] INFO:core:tls_accept: client did not present a certificate Mar 27 11:39:55 [4432] INFO:core:tls_accept: client did not present a certificate Mar 27 11:40:01 [4431] ERROR:rr:w_record_route: Double attempt to record-route Mar 27 11:40:01 [4426] ERROR:core:tls_connect: SSL_ERROR_SYSCALL err=Connection reset by peer(104) Mar 27 11:40:01 [4426] ERROR:core:tls_connect: something wrong in SSL: 5 (ret=-1) err=Connection reset by peer(104) Mar 27 11:40:01 [4426] ERROR:core:tcp_send: failed to send Mar 27 11:40:01 [4426] ERROR:core:msg_send: tcp_send failed Mar 27 11:40:01 [4425] WARNING:core:run_actions: null action list (rec_level=1)
my doubt is that if somethings wrong with SSL certificates that i created myself (i.e my own root CA, and self signed certificates), then how come registration is working like charm? if there is some problem with Certificates then registration should also not work. am i right?
----
Regards,
Hemanshu Patel Sr. Software Engg SIS,Ahmedabad Mo:09601295238
On Sat 27/03/10 9:50 AM , "Hemanshu Patel" hemanshu.patel@saicare.com wrote:
I havent tested over TCP, let me check it but hardphone, i mean hardware based phones from grandstream gvx3140 works fine with same implementation on TLS. -- Regards, Hemanshu Patel M: 09601295238
Does eyebeam with SIP over TCP is working?
Am 26.03.2010 13:43, schrieb Hemanshu Patel:
i am still having this problem. when i use two grandstream phone everything works fine, i can make calls on TLS and users can talk to each other.
But when i use two eyebream phone, it doesnt work, gives
following error
:33 [2875] WARNING:core:init_ssl_ctx_behavior: server
verification NOT
activated. Weaker security. [ panreg-tls]$ [ panreg-tls]$ [ panreg-tls]$ Mar 26 18:11:59 [2889] ERROR:rr:w_record_route: Double attempt to record-route Mar 26 18:12:09 [2884] ERROR:core:tcp_blocking_connect: timeout
10 s
elapsed from 10 s Mar 26 18:12:09 [2884] ERROR:core:tcpconn_connect:
tcp_blocking_connect
failed Mar 26 18:12:09 [2884] ERROR:core:tcp_send: connect failed Mar 26 18:12:09 [2884] ERROR:core:msg_send: tcp_send failed Mar 26 18:12:10 [2883] ERROR:core:tcp_blocking_connect: timeout
10 s
elapsed from 10 s Mar 26 18:12:10 [2883] ERROR:core:tcpconn_connect:
tcp_blocking_connect
failed Mar 26 18:12:10 [2883] ERROR:core:tcp_send: connect failed Mar 26 18:12:10 [2883] ERROR:core:msg_send: tcp_send failed Mar 26 18:12:10 [2883] WARNING:core:run_actions: null action list (rec_level=1) Mar 26 18:12:11 [2881] ERROR:core:tcp_blocking_connect: timeout
10 s
elapsed from 10 s Mar 26 18:12:11 [2881] ERROR:core:tcpconn_connect:
tcp_blocking_connect
failed Mar 26 18:12:11 [2881] ERROR:core:tcp_send: connect failed Mar 26 18:12:11 [2881] ERROR:core:msg_send: tcp_send failed Mar 26 18:12:13 [2882] ERROR:core:tcp_blocking_connect: timeout
10 s
elapsed from 10 s Mar 26 18:12:13 [2882] ERROR:core:tcpconn_connect:
tcp_blocking_connect
failed Mar 26 18:12:13 [2882] ERROR:core:tcp_send: connect failed Mar 26 18:12:13 [2882] ERROR:core:msg_send: tcp_send failed Mar 26 18:12:19 [2884] ERROR:core:tcp_blocking_connect: timeout
10 s
elapsed from 10 s Mar 26 18:12:19 [2884] ERROR:core:tcpconn_connect:
tcp_blocking_connect
failed Mar 26 18:12:19 [2884] ERROR:core:tcp_send: connect failed Mar 26 18:12:19 [2884] ERROR:core:msg_send: tcp_send failed
Any idea? Same configuration works with grandstream, while they
cant in
softphone? and gives 477 errot code.
my asterisk log is as below:
26 18:08:09] WARNING[2833]: chan_sip.c:1648 setup_crypto:
Hemanshu:
local_key641 jhbAJ7jFE1p/Ngn4kVxy7qTTmkJpeBiN6W98+gmM len 40 -- Called kamailio/1003 -- Got SIP response 477 "Send failed (477/SL)" back from 172.16.16.218 -- No one is available to answer at this time (1:0/0/0) -- Executing [_default:4] Hangup("SIP/5091-8c001430", "") in new stack == Spawn extension (hemu_default, 1003, 4) exited non-zero on 'SIP/5091-8c001430' > ::Disconnected form Oracle, trying to connect again.. > ::Tried a lot, not getting connected.. -- Got SIP response 477 "Send failed (477/SL)" back from 172.16.16.218
Any idea what could be the problem?
Kamailio (OpenSER) - Users mailing list http://lists.kamailio.org/cgi-bin/mailman/listinfo/users http://lists.openser-project.org/cgi-bin/mailman/listinfo/users
---- SIS Blade Server, Desktop & Thin Client is now available on DGS & D rate contract. For more detail kindly visit our website http://www.saicare.com
Kamailio tries to open a TLS connection to the client. You should avoid this - Kamailio should use the existing TLS/TCP connection that was established by the client during registration.
klaus
Am 27.03.2010 07:07, schrieb Hemanshu Patel:
With TLS it still is not working
Mar 27 11:39:16 [4421] INFO:core:probe_max_receive_buffer: using a UDP receive buffer of 255 kb Mar 27 11:39:16 [4425] WARNING:usrloc:dbrow2info: non-local sockettcp:172.16.16.218:5091...ignoring Mar 27 11:39:18 [4431] INFO:core:tls_accept: client did not present a certificate Mar 27 11:39:55 [4432] INFO:core:tls_accept: client did not present a certificate Mar 27 11:40:01 [4431] ERROR:rr:w_record_route: Double attempt to record-route Mar 27 11:40:01 [4426] ERROR:core:tls_connect: SSL_ERROR_SYSCALL err=Connection reset by peer(104) Mar 27 11:40:01 [4426] ERROR:core:tls_connect: something wrong in SSL: 5 (ret=-1) err=Connection reset by peer(104) Mar 27 11:40:01 [4426] ERROR:core:tcp_send: failed to send Mar 27 11:40:01 [4426] ERROR:core:msg_send: tcp_send failed Mar 27 11:40:01 [4425] WARNING:core:run_actions: null action list (rec_level=1)
my doubt is that if somethings wrong with SSL certificates that i created myself (i.e my own root CA, and self signed certificates), then how come registration is working like charm? if there is some problem with Certificates then registration should also not work. am i right?
Regards,
Hemanshu Patel Sr. Software Engg SIS,Ahmedabad Mo:09601295238
On Sat 27/03/10 9:50 AM , "Hemanshu Patel"hemanshu.patel@saicare.com wrote:
I havent tested over TCP, let me check it but hardphone, i mean hardware based phones from grandstream gvx3140 works fine with same implementation on TLS. -- Regards, Hemanshu Patel M: 09601295238
Does eyebeam with SIP over TCP is working?
Am 26.03.2010 13:43, schrieb Hemanshu Patel:
i am still having this problem. when i use two grandstream phone everything works fine, i can make calls on TLS and users can talk to each other.
But when i use two eyebream phone, it doesnt work, gives
following error
:33 [2875] WARNING:core:init_ssl_ctx_behavior: server
verification NOT
activated. Weaker security. [ panreg-tls]$ [ panreg-tls]$ [ panreg-tls]$ Mar 26 18:11:59 [2889] ERROR:rr:w_record_route: Double attempt to record-route Mar 26 18:12:09 [2884] ERROR:core:tcp_blocking_connect: timeout
10 s
elapsed from 10 s Mar 26 18:12:09 [2884] ERROR:core:tcpconn_connect:
tcp_blocking_connect
failed Mar 26 18:12:09 [2884] ERROR:core:tcp_send: connect failed Mar 26 18:12:09 [2884] ERROR:core:msg_send: tcp_send failed Mar 26 18:12:10 [2883] ERROR:core:tcp_blocking_connect: timeout
10 s
elapsed from 10 s Mar 26 18:12:10 [2883] ERROR:core:tcpconn_connect:
tcp_blocking_connect
failed Mar 26 18:12:10 [2883] ERROR:core:tcp_send: connect failed Mar 26 18:12:10 [2883] ERROR:core:msg_send: tcp_send failed Mar 26 18:12:10 [2883] WARNING:core:run_actions: null action list (rec_level=1) Mar 26 18:12:11 [2881] ERROR:core:tcp_blocking_connect: timeout
10 s
elapsed from 10 s Mar 26 18:12:11 [2881] ERROR:core:tcpconn_connect:
tcp_blocking_connect
failed Mar 26 18:12:11 [2881] ERROR:core:tcp_send: connect failed Mar 26 18:12:11 [2881] ERROR:core:msg_send: tcp_send failed Mar 26 18:12:13 [2882] ERROR:core:tcp_blocking_connect: timeout
10 s
elapsed from 10 s Mar 26 18:12:13 [2882] ERROR:core:tcpconn_connect:
tcp_blocking_connect
failed Mar 26 18:12:13 [2882] ERROR:core:tcp_send: connect failed Mar 26 18:12:13 [2882] ERROR:core:msg_send: tcp_send failed Mar 26 18:12:19 [2884] ERROR:core:tcp_blocking_connect: timeout
10 s
elapsed from 10 s Mar 26 18:12:19 [2884] ERROR:core:tcpconn_connect:
tcp_blocking_connect
failed Mar 26 18:12:19 [2884] ERROR:core:tcp_send: connect failed Mar 26 18:12:19 [2884] ERROR:core:msg_send: tcp_send failed
Any idea? Same configuration works with grandstream, while they
cant in
softphone? and gives 477 errot code.
my asterisk log is as below:
26 18:08:09] WARNING[2833]: chan_sip.c:1648 setup_crypto:
Hemanshu:
local_key641 jhbAJ7jFE1p/Ngn4kVxy7qTTmkJpeBiN6W98+gmM len 40 -- Called kamailio/1003 -- Got SIP response 477 "Send failed (477/SL)" back from 172.16.16.218 -- No one is available to answer at this time (1:0/0/0) -- Executing [_default:4] Hangup("SIP/5091-8c001430", "") in new stack == Spawn extension (hemu_default, 1003, 4) exited non-zero on 'SIP/5091-8c001430' > ::Disconnected form Oracle, trying to connect again.. > ::Tried a lot, not getting connected.. -- Got SIP response 477 "Send failed (477/SL)" back from 172.16.16.218
Any idea what could be the problem?
Kamailio (OpenSER) - Users mailing list http://lists.kamailio.org/cgi-bin/mailman/listinfo/users http://lists.openser-project.org/cgi-bin/mailman/listinfo/users
---- SIS Blade Server, Desktop& Thin Client is now available on DGS& D rate contract. For more detail kindly visit our website http://www.saicare.com
How can i stop kamailio creating new connection.
you see, phones are connected from different ip:port, and their contact value points to sameip:diff port. So while forwarding the request naturally kamailio tries to go to contact pairs, and that is the root problem
Any suggestion to sort out this thing?
But interesting thing is that...the same is the case for my Grandstream hardphones as well.
in those phones as well, the Connection IP:port is different that the contact ip:port value.
You have to apply NAT traversal (fix_nated_contact()). Maybe NAT detection does not work with Eyebeam. Disable NAT detection and always apply NAT traversal.
regards klaus
Am 29.03.2010 12:13, schrieb Hemanshu Patel:
But interesting thing is that...the same is the case for my Grandstream hardphones as well.
in those phones as well, the Connection IP:port is different that the contact ip:port value.
-
Hemanshu Patel -
Klaus Darilion