<html><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">Hi,<div class="">I am experiencing call drops when using TLS. Calls terminates with a 408 <span style="font-family: Menlo; font-size: 11px;" class="">RECOVERY_ON_TIMER_EXPIRE. </span></div><div class=""><font face="Menlo" class=""><span style="font-size: 11px;" class="">this seems to only happen when I use options-ping. It never occurred when I disabled it on the profile, however I need it and had to reenable it. I think that it may also be only happening on user accounts that have multiple devices registered.</span></font></div><div class=""><font face="Menlo" class=""><span style="font-size: 11px;" class=""><br class=""></span></font></div><div class=""><font face="Menlo" class=""><span style="font-size: 11px;" class="">This erratic behavior of FreeSWITCH over TLS is very disconcerting and none of my messages seem to have created any traction so far.</span></font></div><div class=""><font face="Menlo" class=""><span style="font-size: 11px;" class=""><br class=""></span></font></div><div class=""><font face="Menlo" class=""><span style="font-size: 11px;" class="">The Wiki page about TLS is outdated and contains wrong information. For instance, it says all the RTP and signaling will be encapsulated over the TLS port if TLS is used and this is absolutely incorrect. RTP will remain negotiated over UDP and will have to be separately encrypted. SSLv23 is deprecated now and so TLS v1.1 or v1.2 are the only viable options.</span></font></div><div class=""><font face="Menlo" class=""><span style="font-size: 11px;" class=""><br class=""></span></font></div><div class=""><font face="Menlo" class=""><span style="font-size: 11px;" class="">Now. I think it would benefit everyone if those among you that have had a successful experience with FS and TLS could share some of their best practices.</span></font></div><div class=""><font face="Menlo" class=""><span style="font-size: 11px;" class=""><br class=""></span></font></div><div class=""><font face="Menlo" class=""><span style="font-size: 11px;" class="">So far, I have been successful at making and receiving calls over TLS and SRTP. Lately I've been experiencing call drops with the 408 RECOVERY_ON_TIMER_EXPIRE. In addition to that, the call setup process will randomly fail because my clients experience an SSL error while sending the auth packet after receiving the 407.</span></font></div><div class=""><font face="Menlo" class=""><span style="font-size: 11px;" class="">Does this speak to anyone?</span></font></div><div class=""><font face="Menlo" class=""><span style="font-size: 11px;" class=""><br class=""></span></font></div><div class=""><font face="Menlo" class=""><span style="font-size: 11px;" class="">Cheers</span></font></div></body></html>