[Freeswitch-users] RTP Over VPN Split Tunnel

Peter eidevm5 at gmail.com
Wed Sep 11 08:46:37 MSD 2013


Agreed that if the clients gave out the vpn addresses in the SDP, it would
be fine.

I tried with csipsimple, and it has a whole bunch of useful settings,
including "Allow SDP NAT rewrite", which does:

*Fix the address sent in the SDP to use the same interface address as the
one in the REGISTER request.*

Unfortunately Linphone doesn't have a similar setting, so the only way I
can see to get it working is to rewrite the SDP in FreeSWITCH.   Just need
to work out how to do that.


On Tue, Sep 10, 2013 at 10:00 PM, Michael Jerris <mike at jerris.com> wrote:

> It only makes sense if the endpoints are giving out the vpn addresses as
> their rtp addresses in the sdp.
>
> On Sep 9, 2013, at 10:15 PM, Peter <eidevm5 at gmail.com> wrote:
>
> My goal is to have SIP and media go over the split tunnel VPN, with the
> SIP traffic going through FS (which it does) and the RTP stream between the
> VPN IP addresses of the two endpoints.
>
> I have inbound-bypass-media set to true as I don't want the media to go
> via FS.
>
> Does that make sense?
>
>
> On Mon, Sep 9, 2013 at 10:09 PM, Michael Jerris <mike at jerris.com> wrote:
>
>> are you trying to send the media over the vpn now or peer to peer?  do
>> you still have inbound-bypass-media set to true?  Peer to peer may never
>> work depending on what is in the original sdp of the clients.
>>
>> On Sep 8, 2013, at 11:28 PM, Peter <eidevm5 at gmail.com> wrote:
>>
>> Hi Michael.
>>
>> I have rtp-ip set to the VPN IP address.   Is there any other setting I
>> can try?
>>
>> Thanks
>>
>> Peter
>>
>>
>> On Fri, Sep 6, 2013 at 4:24 PM, Michael Jerris <mike at jerris.com> wrote:
>>
>>> if your talking about the media still hitting fs but through a
>>> different ip that isn't going through VPN, you should be able to work
>>> this out by adjusting rtp-ip param
>>>
>>> On Sep 5, 2013, at 7:52 AM, "Veniamin (Benjamin) Beskrovny"
>>> <beskrovny at gmail.com> wrote:
>>>
>>> > http://wiki.freeswitch.org/wiki/Codec_negotiation#Rewriting_SDP maybe?
>>> >
>>> > On 9/5/13, Peter <eidevm5 at gmail.com> wrote:
>>> >> This is not a direct FreeSWITCH question, but was hoping someone
>>> might have
>>> >> set up a similar configuration.
>>> >>
>>> >> Currently I have a FS server where SIP clients (Linphone) register to
>>> via a
>>> >> Cisco AnyConnect VPN.  I have inbound-bypass-media set to true so
>>> that RTP
>>> >> traffic is peer to peer.
>>> >>
>>> >>
>>> >> If I tunnel all traffic, the SIP transport and RTP media works just
>>> fine.
>>> >>
>>> >> If I set up a VPN split tunnel that allows the subnets of the VPN
>>> client
>>> >> and the FS server, the SIP signalling is fine, but in the SDP, it
>>> specifies
>>> >> a non VPN address, eg:
>>> >>
>>> >> INVITE sips:1004 at 10.1.1.204;transport=udp SIP/2.0
>>> >>   Via: SIP/2.0 10.1.254.36:53036;branch=z9hG4bK.GRrzYXeCN;rport
>>> >>   From: <sip:1001 at 10.1.1.204>;tag=cN83ZcmHw
>>> >>   To: sip:1004 at 10.1.1.204
>>> >>   CSeq: 20 INVITE
>>> >>   Call-ID: e7eEYxoML2
>>> >>   Max-Forwards: 70
>>> >>   Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE,
>>> >> SUBSCRIBE, INFO
>>> >>   Content-Type: application/sdp
>>> >>   Content-Length: 426
>>> >>   User-Agent: LinphoneAndroid/2.1.2-177-g015b83c (belle-sip/0.0.1)
>>> >>   Contact: <sip:1001 at 10.1.254.36:53036
>>> >>
>>> ;transport=udp>;+sip.instance="<urn:uuid:83c4b823-9c0d-4e02-b7f7-cdd3ae2f1259>"
>>> >>
>>> >>   v=0
>>> >>   o=1001 3921 1865 IN IP4 [ISP address]
>>> >>   s=Talk
>>> >>   c=IN IP4 [ISP address]
>>> >>   b=AS:380
>>> >>   t=0 0
>>> >>   m=audio 1031 RTP/SAVP 0 8 100 101
>>> >>   a=rtpmap:100 iLBC/8000
>>> >>   a=fmtp:100 mode=30
>>> >>   a=rtpmap:101 telephone-event/8000
>>> >>   a=fmtp:101 0-11
>>> >>   a=rtcp:7079 IN IP4 [wireless IP address]
>>> >>
>>> >>
>>> >> I'm not very familiar with how the SDP is constructed, but I'm
>>> assuming
>>> >> that it's the SIP client that's responsible for offering it's IP
>>> addresses.
>>> >>
>>> >> Are there any FreeSWITCH settings that would affect the IP addresses
>>> in the
>>> >> SDP?
>>> >>
>>> >> Thanks
>>> >>
>>> >> Peter
>>> >
>>> >
>>> _________________________________________________________________________
>>> > Professional FreeSWITCH Consulting Services:
>>> > consulting at freeswitch.org
>>> > http://www.freeswitchsolutions.com
>>> >
>>> > 
>>> > 
>>> >
>>> > Official FreeSWITCH Sites
>>> > http://www.freeswitch.org
>>> > http://wiki.freeswitch.org
>>> > http://www.cluecon.com
>>> >
>>> > FreeSWITCH-users mailing list
>>> > FreeSWITCH-users at lists.freeswitch.org
>>> > http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>> > UNSUBSCRIBE:
>>> http://lists.freeswitch.org/mailman/options/freeswitch-users
>>> > http://www.freeswitch.org
>>>
>>> _________________________________________________________________________
>>> Professional FreeSWITCH Consulting Services:
>>> consulting at freeswitch.org
>>> http://www.freeswitchsolutions.com
>>>
>>> 
>>> 
>>>
>>> Official FreeSWITCH Sites
>>> http://www.freeswitch.org
>>> http://wiki.freeswitch.org
>>> http://www.cluecon.com
>>>
>>> FreeSWITCH-users mailing list
>>> FreeSWITCH-users at lists.freeswitch.org
>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>> http://www.freeswitch.org
>>>
>>
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services:
>> consulting at freeswitch.org
>> http://www.freeswitchsolutions.com
>>
>> 
>> 
>>
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://wiki.freeswitch.org
>> http://www.cluecon.com
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>>
>>
>>
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services:
>> consulting at freeswitch.org
>> http://www.freeswitchsolutions.com
>>
>> 
>> 
>>
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://wiki.freeswitch.org
>> http://www.cluecon.com
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>>
>>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> 
> 
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://wiki.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> 
> 
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://wiki.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20130911/0f6a98f6/attachment-0001.html 


Join us at ClueCon 2013 Aug 6-8, 2013
More information about the FreeSWITCH-users mailing list