[Freeswitch-users] wss and nginx
Philipp Zeitschel
philipp at zeitschel.net
Wed May 18 12:35:24 MSD 2016
Hi,
i've googled for hours but i don't get it to work
i have a nginx proxy at my public ip and it forwards the traffic through 10.1.71.5 to my freeswitch box at 10.1.71.10
i've set ext-rtp-ip and ext-sip-ip to my external IP adress and created the acl.conf.xml in autoload_configs with following content:
<configuration name="acl.conf" description="Network Lists">
<network-lists>
<list name="lan" default="deny">
<node type="allow" cidr="10.1.1.1/32" />
</list>
</network-lists>
</configuration>
In fs_cli i get the message
2016-05-18 08:13:43.245201 [WARNING] switch_core_media.c:3458 NO candidate ACL defined, Defaulting to wan.auto
So i think the acl is working.
My nginx config looks like this:
server {
listen 0.0.0.0:443;
server_name hostname;
keepalive_timeout 70;
ssl on;
ssl_certificate /etc/ssl/my.ct;
ssl_certificate_key /etc/ssl/my.key;
ssl_dhparam /etc/ssl/dhparam.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
location / {
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_read_timeout 3600;
proxy_http_version 1.1;
proxy_pass https://10.1.71.10:7443;
}
}
I can login and establish calls but i don't hear voice so i think the rtp packages are not ok
Because of that i've enabled sip trace and get this:
send 1668 bytes to wss/[10.1.71.5]:32890 at 08:13:43.266640:
------------------------------------------------------------------------
SIP/2.0 200 OK
Via: SIP/2.0/WSS keenaijeb5h6.invalid;branch=z9hG4bK779005;received=10.1.71.5;rport=32890
From: <sip:user at domain>;tag=n8m38teo73
To: <sip:conf at domain>;tag=gX23c0rey78vH
Call-ID: toghv9ifikpaeib85mh8
CSeq: 6099 INVITE
Contact: <sip:conf at 138.201.x.x:5080;transport=udp>
User-Agent: FreeSWITCH-mod_sofia/1.6.8-15-99de0ad~64bit
Accept: application/sdp
Allow: INVITE, ACK, BYE, CANCEL, OPTIONS, MESSAGE, INFO, UPDATE, REGISTER, REFER, NOTIFY
Supported: timer, path, replaces
Allow-Events: talk, hold, conference, refer
Content-Type: application/sdp
Content-Disposition: session
Content-Length: 901
Remote-Party-ID: "conf" <sip:conf at domain>;party=calling;privacy=off;screen=no
v=0
o=FreeSWITCH 1463528835 1463528836 IN IP4 10.1.71.10
s=FreeSWITCH
c=IN IP4 10.1.71.10
t=0 0
a=msid-semantic: WMS 7y98fmZXWMapBpCUcRfJdKQGM9JU5t83
a=end-of-candidates
m=audio 30388 UDP/TLS/RTP/SAVPF 111 101 106
a=rtpmap:111 opus/48000/2
a=fmtp:111 useinbandfec=1; minptime=10
a=rtpmap:101 telephone-event/8000
a=rtpmap:106 CN/8000
a=ptime:20
a=fingerprint:sha-256 5E:AE:56:B1:0B:39:38:7B:00:6F:8A:84:F6:0F:DC:86:8D:24:9A:7D:4D:59:F8:95:8F:CC:ED:A2:6F:90:84:2C
a=setup:active
a=rtcp-mux
a=rtcp:30388 IN IP4 10.1.71.10
a=ice-ufrag:wLDAlj6YjGJfZH8H
a=ice-pwd:F0vQH6N0H0LyFhs1SVr45oSe
a=candidate:0546395930 1 udp 659136 10.1.71.10 30388 typ host generation 0
a=ssrc:2671785415 cname:R71XkQK7tLmU0PF3
a=ssrc:2671785415 msid:7y98fmZXWMapBpCUcRfJdKQGM9JU5t83 a0
a=ssrc:2671785415 mslabel:7y98fmZXWMapBpCUcRfJdKQGM9JU5t83
a=ssrc:2671785415 label:7y98fmZXWMapBpCUcRfJdKQGM9JU5t83a0
------------------------------------------------------------------------
My freeswitch (running on debian jessie) version is
FreeSWITCH Version 1.6.8-15-99de0ad~64bit (-15-99de0ad 64bit)
What am i doing wrong? What else can i do to force freeswitch to use my external IP in the RTP Packages?
Regards
Philipp
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20160518/46b61231/attachment-0001.html
Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users
mailing list