[Freeswitch-users] all-reg-options-ping and tls issue

Sergey Safarov s.safarov at gmail.com
Fri Feb 26 17:44:53 MSK 2016


Please send output of command "sofia status profile internal reg
<exten_number>"

On Fri, Feb 26, 2016 at 4:21 PM, Seeliger, Adam <Adam.Seeliger at qsc.de>
wrote:

> Hi,
>
>
>
> the phone uses sip+tls.
>
> I test using a snom715, got plenty other phones here, but I guess they
> will behave the same way.
>
> It really looks like FreeSWITCH is doing something wrong (or is wrongly
> configured – if there are any parameters for options ping supporting both,
> udp and tls)
>
>
>
> Regards
>
>
>
> *Von:* freeswitch-users-bounces at lists.freeswitch.org [mailto:
> freeswitch-users-bounces at lists.freeswitch.org] *Im Auftrag von *Sergey
> Safarov
> *Gesendet:* Freitag, 26. Februar 2016 13:59
>
> *An:* FreeSWITCH Users Help
> *Betreff:* Re: [Freeswitch-users] all-reg-options-ping and tls issue
>
>
>
> If your phone has enabled SIPS uri please disable and use sip+tls.
>
>
>
>
>
> On Fri, Feb 26, 2016 at 3:37 PM, Seeliger, Adam <Adam.Seeliger at qsc.de>
> wrote:
>
> Hi and thanks for the feedback,
>
>
>
> sry that I did not respond for a long time.
>
>
>
> I already use:
>
> <variable name=“sip-force-contact”
> value="NDLB-connectile-dysfunction-2.0"/>
>
>
>
> I also tested all mentioned params below, nothing works.
>
>
>
> When I register a User via TLS FreeSWITCH does not even try to ping the
> user.
>
> I turned sofia global siptrace on and watched the flow:
>
>
>
> User                                        Server
>
> 13:09:33.311446:             REGISTER [TLS] ->
>
> 13:09:33.312552:             <- 401 UNAUTHORIZED [TLS]
>
> 13:09:33.331948:             REGISTER (AUTH) [TLS]  ->
>
> 13:09:33.336959:             <- 200 OK [TLS]
>
> Nothing happens
>
> 2016-02-26 13:10:00.619525 [WARNING] sofia.c:5769 Sip user 'user at host' is
> now Unreachable
>
> 2016-02-26 13:10:00.619525 [WARNING] sofia.c:5780 Expire sip user
> 'user at host' due to options failure
>
>
>
> When I REGISTER the User via UDP FreeSWITCH starts to ping (OPTIONS) the
> user as soon as he is registered.
>
>
>
> Is there any way to force FreeSWITCH to send OPTIONs in both, udp and tls,
> depending on the registration?
>
>
>
> Thanks in advance,
>
> Adam
>
>
>
> *Von:* freeswitch-users-bounces at lists.freeswitch.org [mailto:
> freeswitch-users-bounces at lists.freeswitch.org] *Im Auftrag von *Emrah
> *Gesendet:* Freitag, 29. Januar 2016 09:25
> *An:* FreeSWITCH Users Help
> *Betreff:* Re: [Freeswitch-users] all-reg-options-ping and tls issue
>
>
>
> Hi!
>
> This is interesting. I experienced something rather similar where calls
> would drop because FS would timeout on certain packets sent over UDP
> instead of TLS.
>
> I assume you mean FS exits with port 5060 instead of port 5061? Because
> the port on the remote end should be dynamically set.
>
> I found out that in my case, what works best even with TLS, is to use:
>
> <variable
> name=“sip-force-contact” value="NDLB-connectile-dysfunction-2.0"/>
>
> This goes as far as it can to lay out the path to contacting the client
> with all consideration in regards to NAT and dynamic ports.
>
> Not sure if it will help you. I’ve personally disabled options-ping an let
> my clients deal with keep-alive instead.
>
>
>
> You could also look into:
>
>     <!-- add a ;received="<ip>:<port>" to the contact when replying to
> register for nat handling -->
>
> <!— <param name="NDLB-received-in-nat-reg-contact" value="true"/> -->
>
> <!— <param name="bind-params" value="transport=tcp,udp,tls"/>  -->
>
> <!-- additional bind parameters for TLS -->
>
>     <param name=“tls-bind-params" value="transport=tls"/>
>
>
>
> I’ll leave it up to you to investigate those options more in details on
> the FS documentation.
>
>
>
> Please keep us posted!
>
>
>
> E
>
> On Jan 28, 2016, at 11:48 AM, Seeliger, Adam <Adam.Seeliger at qsc.de> wrote:
>
>
>
> Hi all,
>
>
>
> I have a problem, when I enable TLS and register a phone using TLS on Port
> 5061.
>
> FreeSWITCH still tries to “ping” the phone using Port 5060 using UDP,
> which is ignored by the phone.
>
> Moments later FreeSWITCH deletes the registration, because
> “unregister-on-options-fail” is set to “true”.
>
>
>
> I already figured out, that you can set “all-reg-options-ping” to
> “udp-only”, but this would completely disable this feature for TLS.
>
> Is there any way to ping TLS registered using TLS?
>
>
>
> Thanks in advance
>
>
>
> - Adam
>
>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://confluence.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>
>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://confluence.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://confluence.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20160226/0d9a7080/attachment-0001.html 


Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users mailing list