[OpenSIPS-Users] Protocol/port mismatch warning (TLS - UDP)

Bogdan-Andrei Iancu bogdan at opensips.org
Mon Aug 24 18:59:45 CEST 2015 

Matt,

Try to do a:
      subst_uri('/(sip:.*);transport=tls/\1/')
before t_relay().

It requires the URI module.

Regards,

Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
http://www.opensips-solutions.com

On 24.08.2015 19:16, Matt Hamilton wrote:
>
> Hi Bogdan,
>
>
> UAC RURI doesn't have SIPS schema; it's regular SIP with transport=tls.
>
>
> UAC    (TLS)->      Opensips    (force UDP)-> Asterisk
>
>
> In spite of the warning message, the traffic flows fine, and Asterisk 
> receives the packets unencrypted (as we want). To get rid of that 
> warning, is is possible to do a protocol/port exchange from TLS(5061) 
> to UDP(5060) in this specific case?
>
> Thanks,
> Matt
>
>
> ------------------------------------------------------------------------
> *From:* Bogdan-Andrei Iancu <bogdan at opensips.org>
> *Sent:* Monday, August 24, 2015 5:41 AM
> *To:* OpenSIPS users mailling list; mistral9999 at hotmail.com
> *Subject:* Re: [OpenSIPS-Users] Protocol/port mismatch warning (TLS - 
> UDP)
> Hi Matt,
>
> The RURI you receive from the UAC side, does it contain a SIPS schema 
> or a "transport=tls" indication ?
>
> The error you see translates into "there is a conflict between the 
> requests protocol and the interface you force". So even if you force 
> the UDP interface, maybe the RURI may force the TLS protocol, leading 
> to an internal conflict.
>
> Regards,
> Bogdan-Andrei Iancu
> OpenSIPS Founder and Developer
> http://www.opensips-solutions.com
> On 23.08.2015 19:53, Matt Hamilton wrote:
>>
>>
>> We use Opensips (1.7.1, in the process of upgrading to 2.1) as a 
>> dispatcher to multiple Asterisk servers. Currently we are trying to 
>> set up TLS.
>>
>>
>>
>> UAC -> Opensips -> Asterisk
>>
>>
>> TLS is available and enabled on all three. The traffic between UAC 
>> and Opensips is on TLS and encrypted. On the other hand, it's not 
>> encrypted between Opensips and Asterisk since we use 
>> force_send_socket (UDP) to the Asterisk servers. This is the way we 
>> want it - encrypted between UAC and Opensips and not encrypted 
>> between Opensips and Asterisk. The communication is fine, but we get 
>> a warning "core:get_send_socket: protocol/port mismatch" in our logs.
>>
>>
>> My question is: Is forcing TLS traffic thru UDP is the only way to 
>> get Opensips - Asterisk traffic is unencrypted?
>>
>>
>> Thanks,
>>
>> Matt
>>
>>
>>
>> _______________________________________________
>> Users mailing list
>> Users at lists.opensips.org
>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20150824/1acae4fe/attachment.htm>

More information about the Users mailing list