<div dir="ltr"><div><div><div>Agreed that if the clients gave out the vpn addresses in the SDP, it would be fine.<br><br></div>I tried with csipsimple, and it has a whole bunch of useful settings, including "Allow SDP NAT rewrite", which does:<br>
<br></div><i>Fix the address sent in the SDP to use the same interface address as the one in the REGISTER request.</i><br><br></div>Unfortunately Linphone doesn't have a similar setting, so the only way I can see to get it working is to rewrite the SDP in FreeSWITCH. Just need to work out how to do that.<br>
</div><div class="gmail_extra"><br><br><div class="gmail_quote">On Tue, Sep 10, 2013 at 10:00 PM, Michael Jerris <span dir="ltr"><<a href="mailto:mike@jerris.com" target="_blank">mike@jerris.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word">It only makes sense if the endpoints are giving out the vpn addresses as their rtp addresses in the sdp.<div>
<div class="h5"><div><br><div><div>On Sep 9, 2013, at 10:15 PM, Peter <<a href="mailto:eidevm5@gmail.com" target="_blank">eidevm5@gmail.com</a>> wrote:</div><br><blockquote type="cite"><div dir="ltr"><div>My goal is to have SIP and media go over the split tunnel VPN, with the SIP traffic going through FS (which it does) and the RTP stream between the VPN IP addresses of the two endpoints.<br>
<br></div>I have inbound-bypass-media set to true as I don't want the media to go via FS.<br>
<br>Does that make sense?<br></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Mon, Sep 9, 2013 at 10:09 PM, Michael Jerris <span dir="ltr"><<a href="mailto:mike@jerris.com" target="_blank">mike@jerris.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word">are you trying to send the media over the vpn now or peer to peer? do you still have inbound-bypass-media set to true? Peer to peer may never work depending on what is in the original sdp of the clients.<div>
<div><br><div><div>On Sep 8, 2013, at 11:28 PM, Peter <<a href="mailto:eidevm5@gmail.com" target="_blank">eidevm5@gmail.com</a>> wrote:</div><br><blockquote type="cite"><div dir="ltr"><div>Hi Michael.<br>
<br></div>I have rtp-ip set to the VPN IP address. Is there any other setting I can try?<br><br>Thanks<br><br>Peter<br></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Fri, Sep 6, 2013 at 4:24 PM, Michael Jerris <span dir="ltr"><<a href="mailto:mike@jerris.com" target="_blank">mike@jerris.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">if your talking about the media still hitting fs but through a<br>
different ip that isn't going through VPN, you should be able to work<br>
this out by adjusting rtp-ip param<br>
<br>
On Sep 5, 2013, at 7:52 AM, "Veniamin (Benjamin) Beskrovny"<br>
<div><<a href="mailto:beskrovny@gmail.com" target="_blank">beskrovny@gmail.com</a>> wrote:<br>
<br>
> <a href="http://wiki.freeswitch.org/wiki/Codec_negotiation#Rewriting_SDP" target="_blank">http://wiki.freeswitch.org/wiki/Codec_negotiation#Rewriting_SDP</a> maybe?<br>
><br>
> On 9/5/13, Peter <<a href="mailto:eidevm5@gmail.com" target="_blank">eidevm5@gmail.com</a>> wrote:<br>
>> This is not a direct FreeSWITCH question, but was hoping someone might have<br>
>> set up a similar configuration.<br>
>><br>
>> Currently I have a FS server where SIP clients (Linphone) register to via a<br>
>> Cisco AnyConnect VPN. I have inbound-bypass-media set to true so that RTP<br>
>> traffic is peer to peer.<br>
>><br>
>><br>
>> If I tunnel all traffic, the SIP transport and RTP media works just fine.<br>
>><br>
>> If I set up a VPN split tunnel that allows the subnets of the VPN client<br>
>> and the FS server, the SIP signalling is fine, but in the SDP, it specifies<br>
>> a non VPN address, eg:<br>
>><br>
>> INVITE <a href="mailto:sips%3A1004@10.1.1.204" target="_blank">sips:1004@10.1.1.204</a>;transport=udp SIP/2.0<br>
>> Via: SIP/2.0 10.1.254.36:53036;branch=z9hG4bK.GRrzYXeCN;rport<br>
>> From: <<a href="mailto:sip%3A1001@10.1.1.204" target="_blank">sip:1001@10.1.1.204</a>>;tag=cN83ZcmHw<br>
>> To: <a href="mailto:sip%3A1004@10.1.1.204" target="_blank">sip:1004@10.1.1.204</a><br>
>> CSeq: 20 INVITE<br>
>> Call-ID: e7eEYxoML2<br>
>> Max-Forwards: 70<br>
>> Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE,<br>
>> SUBSCRIBE, INFO<br>
>> Content-Type: application/sdp<br>
>> Content-Length: 426<br>
>> User-Agent: LinphoneAndroid/2.1.2-177-g015b83c (belle-sip/0.0.1)<br>
>> Contact: <<a href="http://sip:1001@10.1.254.36:53036/" target="_blank">sip:1001@10.1.254.36:53036</a><br>
>> ;transport=udp>;+sip.instance="<urn:uuid:83c4b823-9c0d-4e02-b7f7-cdd3ae2f1259>"<br>
>><br>
>> v=0<br>
>> o=1001 3921 1865 IN IP4 [ISP address]<br>
>> s=Talk<br>
>> c=IN IP4 [ISP address]<br>
>> b=AS:380<br>
>> t=0 0<br>
>> m=audio 1031 RTP/SAVP 0 8 100 101<br>
>> a=rtpmap:100 iLBC/8000<br>
>> a=fmtp:100 mode=30<br>
>> a=rtpmap:101 telephone-event/8000<br>
>> a=fmtp:101 0-11<br>
>> a=rtcp:7079 IN IP4 [wireless IP address]<br>
>><br>
>><br>
>> I'm not very familiar with how the SDP is constructed, but I'm assuming<br>
>> that it's the SIP client that's responsible for offering it's IP addresses.<br>
>><br>
>> Are there any FreeSWITCH settings that would affect the IP addresses in the<br>
>> SDP?<br>
>><br>
>> Thanks<br>
>><br>
>> Peter<br>
><br>
> _________________________________________________________________________<br>
> Professional FreeSWITCH Consulting Services:<br>
> <a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><br>
> <a href="http://www.freeswitchsolutions.com/" target="_blank">http://www.freeswitchsolutions.com</a><br>
><br>
> FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>
> <a href="http://www.cudatel.com/" target="_blank">http://www.cudatel.com</a><br>
><br>
> Official FreeSWITCH Sites<br>
> <a href="http://www.freeswitch.org/" target="_blank">http://www.freeswitch.org</a><br>
> <a href="http://wiki.freeswitch.org/" target="_blank">http://wiki.freeswitch.org</a><br>
> <a href="http://www.cluecon.com/" target="_blank">http://www.cluecon.com</a><br>
><br>
> FreeSWITCH-users mailing list<br>
> <a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br>
> <a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
> UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
> <a href="http://www.freeswitch.org/" target="_blank">http://www.freeswitch.org</a><br>
<br>
_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com/" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>
<a href="http://www.cudatel.com/" target="_blank">http://www.cudatel.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org/" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://wiki.freeswitch.org/" target="_blank">http://wiki.freeswitch.org</a><br>
<a href="http://www.cluecon.com/" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org/" target="_blank">http://www.freeswitch.org</a><br>
</div></blockquote></div><br></div>
_________________________________________________________________________<br>Professional FreeSWITCH Consulting Services:<br><a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><br><a href="http://www.freeswitchsolutions.com/" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br><a href="http://www.cudatel.com/" target="_blank">http://www.cudatel.com</a><br><br>Official FreeSWITCH Sites<br><a href="http://www.freeswitch.org/" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://wiki.freeswitch.org/" target="_blank">http://wiki.freeswitch.org</a><br><a href="http://www.cluecon.com/" target="_blank">http://www.cluecon.com</a><br><br>FreeSWITCH-users mailing list<br><a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org/" target="_blank">http://www.freeswitch.org</a><br></blockquote></div><br></div></div></div><br>_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com/" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>
<a href="http://www.cudatel.com/" target="_blank">http://www.cudatel.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org/" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://wiki.freeswitch.org/" target="_blank">http://wiki.freeswitch.org</a><br>
<a href="http://www.cluecon.com/" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org/" target="_blank">http://www.freeswitch.org</a><br>
<br></blockquote></div><br></div>
_________________________________________________________________________<br>Professional FreeSWITCH Consulting Services:<br><a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><br><a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br><a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br><br>Official FreeSWITCH Sites<br><a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br><a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br><br>FreeSWITCH-users mailing list<br><a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br></blockquote></div><br></div></div></div></div><br>_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>
<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<br></blockquote></div><br></div>