<div dir="ltr">This will work better in 1.4 but the code in 1.2 is frozen so we can&#39;t improve it there.<div style>In the meantime you can just do this: </div><div style><br></div><div style>make an acl that is default allow called tls</div>
<div style>add it to apply-nat-acl param in sofia profile where you have tls</div><div style><br></div><div style>Now it will record the rport for every client in the contact path and it should resolve the existing connection.</div>
<div style><br></div><div style><br></div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Wed, Feb 27, 2013 at 3:32 PM, Vittorio Guglielmo <span dir="ltr">&lt;<a href="mailto:vittorio.guglielmo@gmail.com" target="_blank">vittorio.guglielmo@gmail.com</a>&gt;</span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
  
    
  
  <div bgcolor="#FFFFFF" text="#000000">
    Hi,<br>
    <br>
    I&#39;ve done all you said but I&#39;m in trouble indeed:<br>
    <br>
    TLS/SRTP enabled on two extension;<br>
    <br>
    If I try to dial between the two extensions I have:<br>
    <br>
    <i>mod_dptools.c:3052 Originate Failed.  Cause:
      INCOMPATIBLE_DESTINATION</i><br>
    <br>
    If I call outbound, it&#39;s ok, and the call is encrypted.<br>
    <br>
    Can you help me?<br>
    <br>
    Vic<div><div class="h5"><br>
    <br>
    <br>
    <br>
    <div>On 27/02/13 15:47, mehroz wrote:<br>
    </div>
    <blockquote type="cite">
      <pre>TLS-NAT issue arises due to the fact that it tries to contact on other port
(TCP session) as far as my understanding.

Changing contact header can sort this issue and i have done it setting up

&lt;variable name=&quot;sip-force-contact&quot; value=&quot;NDLB-tls-connectile-dysfunction&quot;/&gt;
for each directory (user).

This helped and worked :)

I suppose you should also have &quot;ext-rtp-ip and &quot;ext-sip-ip&quot; =  &quot;nat-auto&quot; 
in SIP profile.
Cheeers!



--
View this message in context: <a href="http://freeswitch-users.2379917.n2.nabble.com/FS-with-SSL-TLS-issues-tp7587736p7588069.html" target="_blank">http://freeswitch-users.2379917.n2.nabble.com/FS-with-SSL-TLS-issues-tp7587736p7588069.html</a>
Sent from the freeswitch-users mailing list archive at Nabble.com.

_________________________________________________________________________
Professional FreeSWITCH Consulting Services:
<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a>

FreeSWITCH-powered IP PBX: The CudaTel Communication Server
<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a>

Official FreeSWITCH Sites
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a>
<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a>

FreeSWITCH-users mailing list
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a>

</pre>
    </blockquote>
    <br>
  </div></div></div>

<br>_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>
<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<br></blockquote></div><br><br clear="all"><div><br></div>-- <br>Anthony Minessale II<br><br>FreeSWITCH <a href="http://www.freeswitch.org/">http://www.freeswitch.org/</a><br>ClueCon <a href="http://www.cluecon.com/">http://www.cluecon.com/</a><br>
Twitter: <a href="http://twitter.com/FreeSWITCH_wire">http://twitter.com/FreeSWITCH_wire</a><br><br>AIM: anthm<br><a href="mailto:MSN%3Aanthony_minessale@hotmail.com">MSN:anthony_minessale@hotmail.com</a><br>GTALK/JABBER/<a href="mailto:PAYPAL%3Aanthony.minessale@gmail.com">PAYPAL:anthony.minessale@gmail.com</a><br>
IRC: <a href="http://irc.freenode.net">irc.freenode.net</a> #freeswitch<br><br>FreeSWITCH Developer Conference<br><a href="mailto:sip%3A888@conference.freeswitch.org">sip:888@conference.freeswitch.org</a><br><a href="mailto:googletalk%3Aconf%2B888@conference.freeswitch.org">googletalk:conf+888@conference.freeswitch.org</a><br>
pstn:+19193869900
</div>