[Freeswitch-users] FS with SSL/TLS issues!

Anthony Minessale anthony.minessale at gmail.com
Thu Feb 28 00:54:02 MSK 2013


This will work better in 1.4 but the code in 1.2 is frozen so we can't
improve it there.
In the meantime you can just do this:

make an acl that is default allow called tls
add it to apply-nat-acl param in sofia profile where you have tls

Now it will record the rport for every client in the contact path and it
should resolve the existing connection.




On Wed, Feb 27, 2013 at 3:32 PM, Vittorio Guglielmo <
vittorio.guglielmo at gmail.com> wrote:

>  Hi,
>
> I've done all you said but I'm in trouble indeed:
>
> TLS/SRTP enabled on two extension;
>
> If I try to dial between the two extensions I have:
>
> *mod_dptools.c:3052 Originate Failed.  Cause: INCOMPATIBLE_DESTINATION*
>
> If I call outbound, it's ok, and the call is encrypted.
>
> Can you help me?
>
> Vic
>
>
>
>
> On 27/02/13 15:47, mehroz wrote:
>
> TLS-NAT issue arises due to the fact that it tries to contact on other port
> (TCP session) as far as my understanding.
>
> Changing contact header can sort this issue and i have done it setting up
>
> <variable name="sip-force-contact" value="NDLB-tls-connectile-dysfunction"/>
> for each directory (user).
>
> This helped and worked :)
>
> I suppose you should also have "ext-rtp-ip and "ext-sip-ip" =  "nat-auto"
> in SIP profile.
> Cheeers!
>
>
>
> --
> View this message in context: http://freeswitch-users.2379917.n2.nabble.com/FS-with-SSL-TLS-issues-tp7587736p7588069.html
> Sent from the freeswitch-users mailing list archive at Nabble.com.
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:consulting at freeswitch.orghttp://www.freeswitchsolutions.com
>
> FreeSWITCH-powered IP PBX: The CudaTel Communication Server
>
> Official FreeSWITCH Siteshttp://www.freeswitch.orghttp://wiki.freeswitch.orghttp://www.cluecon.com
>
> FreeSWITCH-users mailing listFreeSWITCH-users at lists.freeswitch.orghttp://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-usershttp://www.freeswitch.org
>
>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> 
> 
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://wiki.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>


-- 
Anthony Minessale II

FreeSWITCH http://www.freeswitch.org/
ClueCon http://www.cluecon.com/
Twitter: http://twitter.com/FreeSWITCH_wire

AIM: anthm
MSN:anthony_minessale at hotmail.com
GTALK/JABBER/PAYPAL:anthony.minessale at gmail.com
IRC: irc.freenode.net #freeswitch

FreeSWITCH Developer Conference
sip:888 at conference.freeswitch.org
googletalk:conf+888 at conference.freeswitch.org
pstn:+19193869900
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20130227/f5eb5137/attachment.html 


Join us at ClueCon 2011 Aug 9-11, 2011
More information about the FreeSWITCH-users mailing list