[Users] OpenSER using TLS / TCP

Cesc cesc.santa at gmail.com
Tue Apr 11 13:56:20 CEST 2006 

inline ...

On 4/11/06, Thorsten.Haupt at t-systems.com <Thorsten.Haupt at t-systems.com> wrote:
> > I think snoms are not capable of receiving incoming tls connection.
>
> And MiniSIP ... ?
>
minisip can ... you just need to configure it to listen on a tls port
(udp & tcp on 5060, tls on 5061, for example). The thing is that to do
this, you need to provide minisip with a certificate, signed by some
CA that openser accepts (in the ca_list). Of course, you can always
modify the "verification" procedure in openser and minisip so that
neither really checks the cert ... but that should be used only with
debugging.

> > Thus, you have to keep the snom-openser tls connection open ... a way to do it is to force the snom phone the register
> > before the tls timeout ... i think that the timeout is around 2 minutes ...
>
> Yes, this is one solution. My telephones (Snoms and MiniSIP) register now every minute.
> But is there no other solution, server-side? What about the parameters "tls_handshake_timeout", "tls_send_timeout" or "tcp_connect_timeout"? I tried this parameters, but nothing changed.
>
mmm ... i think there was a discussion on this keep-alive thing ...
maybe you could use the same NAT tricks to keep the connection open
... i just don't know how well would snom/minisip respond to "empty"
data ... you can try, though.

Cesc


> Torsten
>
>
>
> On 4/10/06, Thorsten.Haupt at t-systems.com <Thorsten.Haupt at t-systems.com> wrote:
> >
> >
> > Hello,
> >
> > I have a problem with OpenSER using TLS / TCP, Clients are MiniSIP and
> > Snom 360 phones.
> > I start the server, the phones connect to it using TCP or TLS over TCP.
> > Calls between all phones are possible.
> > But after some minutes, I think it is the timeout of TLS or TCP, no
> > calls are possible any longer.
> > OpenSER shows the following error message:
> >
> >  8(31121) ERROR: tcp_blocking_connect: SO_ERROR (111) Connection
> > refused
> >  8(31121) ERROR: tcpconn_connect: tcp_blocking_connect failed
> >  8(31121) ERROR: tcp_send: connect failed
> >  8(31121) msg_send: ERROR: tcp_send failed
> >  8(31121) ERROR:tm:t_forward_nonack: sending request failed
> >
> > Has anyone a solution for this problem?
> > Thanks.
> >
> > Torsten
> > _______________________________________________
> > Users mailing list
> > Users at openser.org
> > http://openser.org/cgi-bin/mailman/listinfo/users
> >
> >
> >
>
> _______________________________________________
> Users mailing list
> Users at openser.org
> http://openser.org/cgi-bin/mailman/listinfo/users
>

More information about the Users mailing list