Hi List I have a specific requiremnt where I want Kamailio proxy need to work as a intermideiate proxy . The endpoints will talk to Kamailio using UDP as transport and Kamailio should interact with main proxy using TLS. Is this scenario possible with Kamailio ?
If so, can you give me some pointer how can I acheive it.
Thanks Kamal Net clooud systems Bangalore
Hello,
yes, it is possible. There are couple options:
- rewrite r-uri ($ru) to contain the transport=tls and then t_relay() - set dst uri ($du) to the uri point to main proxy address having the transport=tls parameter and then t_relay() - use t_relay_to("tls:mainproxyip:port")
Cheers, Daniel
On 10/4/12 12:21 PM, Kamal Palei wrote:
Hi List I have a specific requiremnt where I want Kamailio proxy need to work as a intermideiate proxy . The endpoints will talk to Kamailio using UDP as transport and Kamailio should interact with main proxy using TLS. Is this scenario possible with Kamailio ? If so, can you give me some pointer how can I acheive it. Thanks Kamal Net clooud systems Bangalore
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Hi Daniel Thanks a lot for kind response.
For this requirement, I need -
1. When a message is received at Kamailio proxy, that message either will be sent to client side or to main proxy side.
2. If it is supposed to send to client side, then it should send in plain UDP. Also note that, when the message is received from clients it should be received in plain udp by Kamailio proxy.
3. If Kamailio proxy is supposed to send the message to main proxy side, then it should send using TLS. Also note that, any message that comes from main proxy, Kamailio should receive in TLS only. As I understand, the three optioned mentioned below in your mail, I can use either of one. Do I need to take any additional precaution so that TLS stuff will work fine (actually will be working on TLS first time).
Thanks Kamal NECS, Bangalore
On Fri, Oct 5, 2012 at 1:56 PM, Daniel-Constantin Mierla miconda@gmail.comwrote:
Hello,
yes, it is possible. There are couple options:
- rewrite r-uri ($ru) to contain the transport=tls and then t_relay()
- set dst uri ($du) to the uri point to main proxy address having the
transport=tls parameter and then t_relay()
- use t_relay_to("tls:mainproxyip:port")
Cheers, Daniel
On 10/4/12 12:21 PM, Kamal Palei wrote:
Hi List I have a specific requiremnt where I want Kamailio proxy need to work as a intermideiate proxy . The endpoints will talk to Kamailio using UDP as transport and Kamailio should interact with main proxy using TLS. Is this scenario possible with Kamailio ?
If so, can you give me some pointer how can I acheive it.
Thanks Kamal Net clooud systems Bangalore
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing listsr-users@lists.sip-router.orghttp://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
-- Daniel-Constantin Mierla - http://www.asipto.comhttp://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda Kamailio Advanced Training, Berlin, Nov 5-8, 2012 - http://asipto.com/u/kat Kamailio Advanced Training, Miami, USA, Nov 12-14, 2012 - http://asipto.com/u/katu
Hello,
On 10/5/12 1:29 PM, Kamal Palei wrote:
Hi Daniel Thanks a lot for kind response. For this requirement, I need -
- When a message is received at Kamailio proxy, that message either
will be sent to client side or to main proxy side. 2. If it is supposed to send to client side, then it should send in plain UDP. Also note that, when the message is received from clients it should be received in plain udp by Kamailio proxy. 3. If Kamailio proxy is supposed to send the message to main proxy side, then it should send using TLS. Also note that, any message that comes from main proxy, Kamailio should receive in TLS only. As I understand, the three optioned mentioned below in your mail, I can use either of one.
yes, any is good.
Do I need to take any additional precaution so that TLS stuff will work fine (actually will be working on TLS first time).
TLS is quite transparent to the configuration file, working automatically -- in you case you need to force the transport by yourself, because it is not specified in R-URI. Request within dialog will be routed using Route headers, so there is nothing to do for them.
Cheers, Daniel
Thanks Kamal NECS, Bangalore
On Fri, Oct 5, 2012 at 1:56 PM, Daniel-Constantin Mierla <miconda@gmail.com mailto:miconda@gmail.com> wrote:
Hello, yes, it is possible. There are couple options: - rewrite r-uri ($ru) to contain the transport=tls and then t_relay() - set dst uri ($du) to the uri point to main proxy address having the transport=tls parameter and then t_relay() - use t_relay_to("tls:mainproxyip:port") Cheers, Daniel On 10/4/12 12:21 PM, Kamal Palei wrote:Hi List I have a specific requiremnt where I want Kamailio proxy need to work as a intermideiate proxy . The endpoints will talk to Kamailio using UDP as transport and Kamailio should interact with main proxy using TLS. Is this scenario possible with Kamailio ? If so, can you give me some pointer how can I acheive it. Thanks Kamal Net clooud systems Bangalore _______________________________________________ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org <mailto:sr-users@lists.sip-router.org> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users-- Daniel-Constantin Mierla -http://www.asipto.com <http://www.asipto.com/> http://twitter.com/#!/miconda <http://twitter.com/#%21/miconda> -http://www.linkedin.com/in/miconda Kamailio Advanced Training, Berlin, Nov 5-8, 2012 -http://asipto.com/u/kat Kamailio Advanced Training, Miami, USA, Nov 12-14, 2012 -http://asipto.com/u/katu
Hi Daniel I was just googling TLS support in Kamailio. Came across http://nil.uniza.sk/network-security/tls/configuring-tls-support-kamailio-31... , am just wondering if I have to go step by step mentioned in this link. Can you please advise if all of these are required?
And I was looking at how do I rewrite the request uri. Where I can get the exact syntax for rewriting the request uri.
Thanks kamal
On Fri, Oct 5, 2012 at 1:56 PM, Daniel-Constantin Mierla miconda@gmail.comwrote:
Hello,
yes, it is possible. There are couple options:
- rewrite r-uri ($ru) to contain the transport=tls and then t_relay()
- set dst uri ($du) to the uri point to main proxy address having the
transport=tls parameter and then t_relay()
- use t_relay_to("tls:mainproxyip:port")
Cheers, Daniel
On 10/4/12 12:21 PM, Kamal Palei wrote:
Hi List I have a specific requiremnt where I want Kamailio proxy need to work as a intermideiate proxy . The endpoints will talk to Kamailio using UDP as transport and Kamailio should interact with main proxy using TLS. Is this scenario possible with Kamailio ?
If so, can you give me some pointer how can I acheive it.
Thanks Kamal Net clooud systems Bangalore
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing listsr-users@lists.sip-router.orghttp://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
-- Daniel-Constantin Mierla - http://www.asipto.comhttp://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda Kamailio Advanced Training, Berlin, Nov 5-8, 2012 - http://asipto.com/u/kat Kamailio Advanced Training, Miami, USA, Nov 12-14, 2012 - http://asipto.com/u/katu
There might be some steps which can be skipped - eg. if you already have certificates. But if you are not familiar with TLS yet, it may be a good idea to perform the howto step-by-step and learn about TLS.
regards Klaus
On 12.10.2012 12:00, Kamal Palei wrote:
Hi Daniel I was just googling TLS support in Kamailio. Came across http://nil.uniza.sk/network-security/tls/configuring-tls-support-kamailio-31... , am just wondering if I have to go step by step mentioned in this link. Can you please advise if all of these are required? And I was looking at how do I rewrite the request uri. Where I can get the exact syntax for rewriting the request uri. Thanks kamal
On Fri, Oct 5, 2012 at 1:56 PM, Daniel-Constantin Mierla <miconda@gmail.com mailto:miconda@gmail.com> wrote:
Hello, yes, it is possible. There are couple options: - rewrite r-uri ($ru) to contain the transport=tls and then t_relay() - set dst uri ($du) to the uri point to main proxy address having the transport=tls parameter and then t_relay() - use t_relay_to("tls:mainproxyip:port") Cheers, Daniel On 10/4/12 12:21 PM, Kamal Palei wrote:Hi List I have a specific requiremnt where I want Kamailio proxy need to work as a intermideiate proxy . The endpoints will talk to Kamailio using UDP as transport and Kamailio should interact with main proxy using TLS. Is this scenario possible with Kamailio ? If so, can you give me some pointer how can I acheive it. Thanks Kamal Net clooud systems Bangalore _______________________________________________ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org <mailto:sr-users@lists.sip-router.org> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users-- Daniel-Constantin Mierla -http://www.asipto.com <http://www.asipto.com/> http://twitter.com/#!/miconda -http://www.linkedin.com/in/miconda Kamailio Advanced Training, Berlin, Nov 5-8, 2012 -http://asipto.com/u/kat Kamailio Advanced Training, Miami, USA, Nov 12-14, 2012 -http://asipto.com/u/katu
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
-
Daniel-Constantin Mierla -
Kamal Palei -
Klaus Darilion