[Freeswitch-users] TLS problem using SNOM phones
Gianluca Varisco
gianluca.varisco at privatewave.com
Mon Aug 16 06:33:34 PDT 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 08/13/2010 11:25 PM, Matthias Reinacher wrote:
> Hello all,
> i have a problem using different Snom phones (300/320/820/821) with
> Freeswitch and TLS in a internet-wide setup (phones being registered via
> internet at a FS w/ public IP). Sometimes (25-50% of cases) the first
> try to call someone (internal) won't go through. Logs from phone,
> Freeswitch and ssldump show that the phone sends an INVITE, the FS asks
> for more credentials (digest auth b/c phone IP not in ACL), the phone
> answers with an INVITE w/ more auth credentials -- and this second
> INVITE package is not received by the FS. It does arrive at the server
> though, as verified by ssldump. Interestingly, if one presses "Cancel"
> on the phone, a new TCP/SSL connection is created, apparently the old
> one died -- see logs from phone, FS, and ssldump below. Also, Snom
> 820/821 show the registrar as not registered after such an action
> (presumably b/c original SSL connection is dead).
>
> Has anybody encountered this behaviour and can verify it? Are there any
> ideas what causes the problem here (FS, OpenSSL, phone?) and if there is
> any remedy for it? I was planning on using FS as a production phone
> system w/ encrypted signalling and audio using Snom phones. I can't do
> that right now b/c of the abovementioned problem, and i have not yet
> found a solution.
>
Hello Matthias,
I'm facing a similar issue and already reported it on
http://jira.freeswitch.org/browse/FSCONFIG-28 .
My environment is made up of mobile clients and, therefore, unreliable
networks. It happens that, if "userA" unexpectedly looses the connection
and - thus - his TCP connection is not closed correctly (no UNREGISTER
being sent), further calls to him 'float in the air' and are not
delivered. User remains registered but his socket is - simply - dead.
As ugly workaround, I've to use http://pastebin.com/sBUraBw9
Let me know if you find any other way to 'handle' this problem.
Cheers,
Gianluca
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)
iQEcBAEBAgAGBQJMaT4uAAoJEOPkCSSH2GC78C8H/A2HK6FDMrlyyncQUyb2eMeM
8vL4zXWtL5XzvdxVHChbz6TZvDTNXrz8FbU+Kqa6VpAFyXnRj9fMz9Ayqy7CMsC3
ed+9nxX8hmghlrVaStfmCyfsMW1UOiNEYHiELjzZBaNVQvkUrVx0ezTS4ZCk5RFq
em9rV3ooO3be1qDP25AeSycB3YRPp6ev9SXg9KgccGpQhllEx5cHgbH9P9YvTfjN
u2ubm/Zf6waV8VMeY0t5nqq5ihtTO2b3/SvTOrIdEvzVqboSnu5XAeSZOhsZz3SN
3Moc58bvb1ikYtZ1ZXt5f+r5Tq/nPQ3IhN7ZQih4vh61a3+KsW8uhFAH0rx0x7Q=
=H1pI
-----END PGP SIGNATURE-----
More information about the FreeSWITCH-users
mailing list