[OpenSIPS-Users] TLS traffic is being relayed as UDP but on the TLS Port?

Johan De Clercq johan at democon.be
Fri Mar 15 02:42:41 EDT 2019 

Rewrite request uri So that transport=TLS

Outlook voor iOS<https://aka.ms/o0ukef> downloaden

________________________________
Van: Users <users-bounces at lists.opensips.org> namens John Kiniston <johnkiniston at gmail.com>
Verzonden: vrijdag, maart 15, 2019 12:07 AM
Aan: OpenSIPS users mailling list
Onderwerp: [OpenSIPS-Users] TLS traffic is being relayed as UDP but on the TLS Port?

I have a proxy that works fine with UDP handling mid-registrar and mediaproxy duties in front of my Asterisk Servers.

I'd like to enable TLS on my proxy and switch my phones to registering via TLS.

I've got my TLS keys working now and I see my phone sending requests to OpenSIPS where they are being processed.

However when OpenSIPS is sending the traffic to my Asterisk boxes it's sending SIP traffic to port 5061 instead of sending TLS.

U 2019/03/14 15:54:33.985636 <Proxy>:5060 -> <Asterisk>:5061 #32
REGISTER sip:<pbx>:5061 SIP/2.0.
Via: SIP/2.0/UDP Proxy:5060;branch=z9hG4bKffdc.94c66575.0;i=a64b8973.
Via: SIP/2.0/TLS 172.16.52.69:12332;received=64.119.40.170;branch=z9hG4bK3157565843;rport=12332.
From: "Test" <sip:7004@<pbx>:5061>;tag=1087298031.
To: "Test" <sip:7004@<pbx>:5061>.
Call-ID: 0_425741679 at 172.16.52.69<mailto:0_425741679 at 172.16.52.69>.
CSeq: 1 REGISTER.
Contact: <sip:7004 at Proxy:5060>.
Allow: INVITE, INFO, PRACK, ACK, BYE, CANCEL, OPTIONS, NOTIFY, REGISTER, SUBSCRIBE, REFER, PUBLISH, UPDATE, MESSAGE.
Max-Forwards: 69.
User-Agent: Yealink SIP-T42G 29.83.0.50
Expires: 3600.
Allow-Events: talk,hold,conference,refer,check-sync.
Mac: 00:15:65:72:e5:f3.
Line: 1.
Content-Length: 0.

I believe this is because the initial request opensips is recieving from the phone has 'sip' in the register?

   REGISTER sip:<pbx>:5061 SIP/2.0
    Via: SIP/2.0/TLS 172.16.52.69:12122;branch=z9hG4bK2625059359;rport
    From: "Test" <sip:7004 at pbx:5061>;tag=1299551992
    To: "Test" <sip:7004 at pbx:5061>
    Call-ID: 0_292898054 at 172.16.52.69<mailto:0_292898054 at 172.16.52.69>
    CSeq: 1 REGISTER
    Contact: <sip:7004 at 172.16.52.69:12122;transport=TLS>
    Allow: INVITE, INFO, PRACK, ACK, BYE, CANCEL, OPTIONS, NOTIFY, REGISTER, SUBSCRIBE, REFER, PUBLISH, UPDATE, MESSAGE
    Max-Forwards: 70
    User-Agent: Yealink SIP-T42G 29.83.0.50
    Expires: 3600
    Allow-Events: talk,hold,conference,refer,check-sync
    Mac: 00:15:65:72:e5:f3
    Line: 1
    Content-Length: 0


What can I do here? I've tried playing with rewriting $du and $fs but that doesn't seem to be working.
--
A human being should be able to change a diaper, plan an invasion, butcher a hog, conn a ship, design a building, write a sonnet, balance accounts, build a wall, set a bone, comfort the dying, take orders, give orders, cooperate, act alone, solve equations, analyze a new problem, pitch manure, program a computer, cook a tasty meal, fight efficiently, die gallantly. Specialization is for insects.
---Heinlein
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20190315/7b21c0f2/attachment-0001.html>

More information about the Users mailing list