<div dir="ltr"><font color="#0b5394">Hi, </font><div><font color="#0b5394"><br></font></div><div><font color="#0b5394">Hope you're doing good. </font></div><div><font color="#0b5394"><br></font></div><div><font color="#0b5394">I'm facing an issue with having FreeSWITCH (TLS + SRTP). </font></div><div><font color="#0b5394"><br></font></div><div><font color="#0b5394"><b><u>Issue:</u></b> Audio not coming when I've SRTP(media) enabled on both of the soft-phone endpoints. </font></div><div><font color="#0b5394"><b><u>Observation:</u> </b>Audio is coming if we don't use SRTP for media encryption. </font></div><div><font color="#0b5394"><br></font></div><div><font color="#0b5394"><br></font></div><div><b><u><font color="#0b5394">Set-up Description:</font></u></b></div><div><font color="#0b5394">I'm registered using TLS and able to make call through FreeSWITCH, but call is disconnected after 30 sec because there is not media flow between the endpoints.</font></div><div><font color="#0b5394">I have two softphone (we're using Linphone as soft-phone) registered on FS server with extension 1003 & 1010, call flow is like:</font></div><div><font color="#0b5394"><br></font></div><div><font color="#0b5394">Call Flow</font></div><div><font color="#0b5394">1003 ------> FS Server -------> 1010</font></div><div><font color="#0b5394"><br></font></div><div><font color="#0b5394">x.x.x.x - Server Public IP<br></font></div><div><font color="#0b5394">y.y.y.y - Server Local IP</font></div><div><font color="#0b5394"><i>NOTE:</i> <i>For security reasons replaced the actual IPs.</i></font></div><div><font color="#0b5394"><br></font></div><div><font color="#0b5394">FreeSWITCH Version Information:</font></div><div><div><b><font color="#0b5394">freeswitch@internal> version</font></b></div><div><b><font color="#0b5394">FreeSWITCH Version 1.4.21+git~20150901T202622Z~a223dd0236~64bit (git a223dd0 2015-09-01 20:26:22Z 64bit)</font></b></div></div><div><font color="#0b5394"><br></font></div><div><font color="#0b5394">I've done some changes in default dialplan/configuration in FreeSWITCH:</font></div><div><font color="#0b5394"><br></font></div><div><font color="#0b5394">1. Force FreeSWICTH to listen on TLS port only (By using this parameter <b><param name="tls-only" value="true"/> </b>in internal as well as external profile).</font></div><div><font color="#0b5394"><br></font></div><div><div><b><font color="#0b5394">freeswitch@internal> sofia status</font></b></div><div><b><font color="#0b5394"> Name<span class="" style="white-space:pre"> </span> Type<span class="" style="white-space:pre"> </span> Data<span class="" style="white-space:pre"> </span>State</font></b></div><div><b><font color="#0b5394">=================================================================================================</font></b></div><div><b><font color="#0b5394"> external<span class="" style="white-space:pre"> </span>profile<span class="" style="white-space:pre"> </span> sip:mod_sofia@x.x.x.x:5081<span class="" style="white-space:pre"> </span>RUNNING (0) (TLS)</font></b></div><div><b><font color="#0b5394"> external::<a href="http://example.com">example.com</a><span class="" style="white-space:pre"> </span>gateway<span class="" style="white-space:pre"> </span> <a href="mailto:sip%3Ajoeuser@example.com">sip:joeuser@example.com</a><span class="" style="white-space:pre"> </span>NOREG</font></b></div><div><b><font color="#0b5394"> x.x.x.x<span class="" style="white-space:pre"> </span> alias<span class="" style="white-space:pre"> </span> internal<span class="" style="white-space:pre"> </span>ALIASED</font></b></div><div><b><font color="#0b5394"> internal<span class="" style="white-space:pre"> </span>profile<span class="" style="white-space:pre"> </span> sip:mod_sofia@x.x.x.x:5061<span class="" style="white-space:pre"> </span>RUNNING (0) (TLS)</font></b></div><div><b><font color="#0b5394">=================================================================================================</font></b></div><div><b><font color="#0b5394">2 profiles 1 alias</font></b></div></div><div><font color="#0b5394"><br></font></div><div><font color="#0b5394">2. Use the ODBC driver for driver (By uncomment this <b><!--<param name="odbc-dsn" value="dsn:user:pass"/>--></b> in config files)</font></div><div><font color="#0b5394"><br></font></div><div><font color="#0b5394"><br></font></div><div><font color="#0b5394">In Linphone soft-client, these are the changes has been done:</font></div><div><font color="#0b5394">1. <b>TLS </b>as Transport.</font></div><div><font color="#0b5394">2. <b>SRTP</b> in Media encryption.</font></div><div><font color="#0b5394"><br></font></div><div><font color="#0b5394"><br></font></div><div><font color="#0b5394">In FreeSWITCH, these are the registration logs showing I'm softphones are using TLS</font></div><div><div><b><font color="#0b5394">freeswitch@internal> sofia status profile internal reg</font></b></div><div><b><font color="#0b5394"><br></font></b></div><div><b><font color="#0b5394">Registrations:</font></b></div><div><b><font color="#0b5394">=================================================================================================</font></b></div><div><b><font color="#0b5394">Call-ID: <span class="" style="white-space:pre"> </span>xmuVdotDkb</font></b></div><div><b><font color="#0b5394">User: <span style="background-color:rgb(255,255,0)"><span class="" style="white-space:pre"> </span>1003</span>@x.x.x.x</font></b></div><div><b><font color="#0b5394">Contact: <span class="" style="white-space:pre"> </span>"" <sip:1003@180.151.83.178:63093;app-id=622464153529;pn-type=google;pn-tok=APA91bF-MsdZGvDi951jjCoTDSJc2reyR2JvYHlgtwpeE1vLAlG2zrOIrBmwzx6PPPAHKfcE8aqaOHFtYFoLVztBeqAqz9Cr6D6waN7VCWSIQk7dAdm9HXQ;transport=tls></font></b></div><div><b><font color="#0b5394">Agent: <span class="" style="white-space:pre"> </span>LinphoneAndroid/2.4.1-28-g98516d9 (belle-sip/1.4.1)</font></b></div><div><b><font color="#0b5394">Status: <span style="background-color:rgb(255,255,0)"> <span class="" style="white-space:pre"> </span>Registered(TLS)</span>(unknown) EXP(2015-09-09 11:16:30) EXPSECS(3137)</font></b></div><div><b><font color="#0b5394">Ping-Status:<span class="" style="white-space:pre"> </span>Reachable</font></b></div><div><b><font color="#0b5394">Host: <span class="" style="white-space:pre"> </span>ip-y-y-y-y.ec2.internal</font></b></div><div><b><font color="#0b5394">IP: <span class="" style="white-space:pre"> </span>180.151.83.178</font></b></div><div><b><font color="#0b5394">Port: <span class="" style="white-space:pre"> </span>63093</font></b></div><div><b><font color="#0b5394">Auth-User: <span class="" style="white-space:pre"> </span>1003</font></b></div><div><b><font color="#0b5394">Auth-Realm: <span class="" style="white-space:pre"> </span>x.x.x.x</font></b></div><div><b><font color="#0b5394">MWI-Account:<span class="" style="white-space:pre"> </span>1003@x.x.x.x</font></b></div><div><b><font color="#0b5394"><br></font></b></div><div><b><font color="#0b5394">Call-ID: <span class="" style="white-space:pre"> </span>6B25YNRXb5</font></b></div><div><b><font color="#0b5394">User: <span class="" style="white-space:pre"> </span><span style="background-color:rgb(255,255,0)">1010</span>@x.x.x.x</font></b></div><div><b><font color="#0b5394">Contact: <span class="" style="white-space:pre"> </span>"" <sip:1010@180.151.83.178:13916;app-id=622464153529;pn-type=google;pn-tok=APA91bFqivAK_KIDpU_6PM0pf0U8rx9DOKm0vhyNRqjE1Dpq_uPRbTbT-BMwxNP5NmEyCMfnKxa-fjEhI2J-lzLkCcfFphO1hL39cE4VNqAnnfDbVeQbvmQ;transport=tls></font></b></div><div><b><font color="#0b5394">Agent: <span class="" style="white-space:pre"> </span>LinphoneAndroid/2.4.1-28-g98516d9 (belle-sip/1.4.1)</font></b></div><div><b><font color="#0b5394">Status: <span style="background-color:rgb(255,255,0)"> <span class="" style="white-space:pre"> </span>Registered(TLS)</span>(unknown) EXP(2015-09-09 11:11:31) EXPSECS(2838)</font></b></div><div><b><font color="#0b5394">Ping-Status:<span class="" style="white-space:pre"> </span>Reachable</font></b></div><div><b><font color="#0b5394">Host: <span class="" style="white-space:pre"> </span>ip-y-y-y-y.ec2.internal</font></b></div><div><b><font color="#0b5394">IP: <span class="" style="white-space:pre"> </span>180.151.83.178</font></b></div><div><b><font color="#0b5394">Port: <span class="" style="white-space:pre"> </span>13916</font></b></div><div><b><font color="#0b5394">Auth-User: <span class="" style="white-space:pre"> </span>1010</font></b></div><div><b><font color="#0b5394">Auth-Realm: <span class="" style="white-space:pre"> </span>x.x.x.x</font></b></div><div><b><font color="#0b5394">MWI-Account:<span class="" style="white-space:pre"> </span>1010@x.x.x.x</font></b></div><div><b><font color="#0b5394"><br></font></b></div><div><b><font color="#0b5394">Total items returned: 2</font></b></div><div><b><font color="#0b5394">=================================================================================================</font></b></div></div><div><font color="#0b5394"><br></font></div><div><font color="#0b5394">For an active call I can see in the channels table, I'm able to see secure parameter is set during the call for both of the call legs.</font></div><div><font color="#0b5394"><br></font></div><div><div><b><font color="#0b5394">freeswitch=# select * from channels ;</font></b></div><div><b><font color="#0b5394"> uuid | direction | created | created_epoch | name | state | cid_name | cid_num | ip_addr </font></b></div><div><b><font color="#0b5394"> | dest | application | application_data | dialplan | context | read_codec | read_rate | read_bit_rate | write_codec | write_rate | write_bit_rate | secure </font></b></div><div><b><font color="#0b5394"> | hostname | presence_id | presence_data | callstate | callee_name | callee_num | callee_direction | call_uuid | sent_callee_name | sen</font></b></div><div><b><font color="#0b5394">t_callee_num | initial_cid_name | initial_cid_num | initial_ip_addr | initial_dest | initial_dialplan | initial_context </font></b></div><div><b><font color="#0b5394">--------------------------------------+-----------+---------------------+---------------+------------------------------------------+-------------------+----------------+---------+------------</font></b></div><div><b><font color="#0b5394">----+------+-------------+------------------------+----------+---------+------------+-----------+---------------+-------------+------------+----------------+----------------------------------</font></b></div><div><b><font color="#0b5394">-+------------------------------+-------------------+---------------+-----------+---------------+------------+------------------+--------------------------------------+------------------+----</font></b></div><div><b><font color="#0b5394">-------------+------------------+-----------------+-----------------+--------------+------------------+-----------------</font></b></div><div><b><font color="#0b5394"> 485d07d6-56da-11e5-ac1a-a53fe62ce2f9 | outbound | 2015-09-09 10:05:22 | 1441793122 | sofia/internal/<a href="http://1010@180.151.83.178:13916">1010@180.151.83.178:13916</a> | CS_EXCHANGE_MEDIA | Extension 1003 | 1003 | 180.151.83.</font></b></div><div><b><font color="#0b5394">178 | 1010 | | | XML | default | opus | 48000 | 0 | opus | 48000 | 0 |<span style="background-color:rgb(255,255,0)"> srtp:sdes:AES_CM_256_HMAC_SHA1_80</span></font></b></div><div><b><font color="#0b5394"> | ip-172-31-42-34.ec2.internal | 1010@x.x.x.x | | ACTIVE | Outbound Call | 1010 | SEND | 47fa445c-56da-11e5-abf5-a53fe62ce2f9 | Extension 1003 | 100</font></b></div><div><b><font color="#0b5394">3 | Extension 1003 | 1003 | 180.151.83.178 | 1010 | XML | default</font></b></div><div><b><font color="#0b5394"> 47fa445c-56da-11e5-abf5-a53fe62ce2f9 | inbound | 2015-09-09 10:05:22 | 1441793122 | sofia/internal/1003@x.x.x.x | CS_EXECUTE | 1003 | 1003 | 180.151.83.</font></b></div><div><b><font color="#0b5394">178 | 1010 | bridge | user/1010@x.x.x.x | XML | default | opus | 48000 | 0 | opus | 48000 | 0 | <span style="background-color:rgb(255,255,0)">srtp:sdes:AES_CM_128_HMAC_SHA1_80</span></font></b></div><div><b><font color="#0b5394"> | ip-172-31-42-34.ec2.internal | 1003@x.x.x.x | | ACTIVE | Outbound Call | 1010 | SEND | 47fa445c-56da-11e5-abf5-a53fe62ce2f9 | Outbound Call | 101</font></b></div><div><b><font color="#0b5394">0 | 1003 | 1003 | 180.151.83.178 | 1010 | XML | default</font></b></div><div><b><font color="#0b5394">(2 rows)</font></b></div></div><div><b><font color="#0b5394"><br></font></b></div><div><font color="#0b5394"> </font></div><div><font color="#0b5394">Attached herewith the complete FreeSWITCH log. Please let me know if any other information is required.<br></font></div><div><font color="#0b5394"><br></font></div><div><font color="#0b5394">Any help from your side would be really appreciated. Seeking some guidance & help from FreeSWITCH team.</font></div><div><br></div><div>-- <br><div class="gmail_signature"><div dir="ltr"><div><div dir="ltr"><p style="color:rgb(7,55,99)"><font face="arial narrow, sans-serif"><b>Thanks:</b><br></font></p><p style="color:rgb(7,55,99)"><font face="arial narrow, sans-serif">Saurabh Kumar Verma<br></font></p><p style="color:rgb(7,55,99)"><font face="arial narrow, sans-serif">VVDN Technologies Pvt Ltd</font></p><font face="arial narrow, sans-serif"><b style="color:rgb(7,55,99)">Cell</b><span style="color:rgb(7,55,99)"> : +91 7042378747 | </span><b style="color:rgb(7,55,99)">Skype</b><span style="color:rgb(7,55,99)"> : saurabh.verma001</span></font><br></div></div></div></div>
</div></div>