Hello,<br><br>Please come back with the solution when you have it. It should be interesting for people using kamailio/freeswitch.<br><br>Regards,<br><br>David<br><div class="gmail_quote"><div dir="ltr">On Wed, Nov 23, 2016 at 10:37 AM Vladyslav Zakhozhai <<a href="mailto:v.zakhozhai@gmail.com">v.zakhozhai@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr" class="gmail_msg">Alexandru, thank you for the answer. I think you've given me right direction to investigate.<div class="gmail_msg"><br class="gmail_msg"></div><div class="gmail_msg">As you've mentioned this is really kamailio issue/question. So I'm moving to sr-users list.</div><div class="gmail_msg"><br class="gmail_msg"></div></div><div class="gmail_extra gmail_msg"><br class="gmail_msg"><div class="gmail_quote gmail_msg">2016-11-22 13:03 GMT+02:00 Alexandru Covalschi <span dir="ltr" class="gmail_msg"><<a href="mailto:568691@gmail.com" class="gmail_msg" target="_blank">568691@gmail.com</a>></span>:<br class="gmail_msg"><blockquote class="gmail_quote gmail_msg" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr" class="gmail_msg">Do you have set_contact_alias or add_contact_alias in Kamailio? Anyways you're doing something wrong as AFAIK Kamailio translates contact header to udp automatically. You should try to post on sr-users list.</div><div class="gmail_extra gmail_msg"><br class="gmail_msg"><div class="gmail_quote gmail_msg"><div class="gmail_msg"><div class="m_4852839966961539317h5 gmail_msg">2016-11-22 12:33 GMT+02:00 Vladyslav Zakhozhai <span dir="ltr" class="gmail_msg"><<a href="mailto:v.zakhozhai@gmail.com" class="gmail_msg" target="_blank">v.zakhozhai@gmail.com</a>></span>:<br class="gmail_msg"></div></div><blockquote class="gmail_quote gmail_msg" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="gmail_msg"><div class="m_4852839966961539317h5 gmail_msg"><div dir="ltr" class="gmail_msg">Hi,<div class="gmail_msg"><br class="gmail_msg"></div><div class="gmail_msg">I'm trying to understand what is the best or suitable approach to the following use case. Let me simplify thing a little bit. </div><div class="gmail_msg"><br class="gmail_msg"></div><div class="gmail_msg">Suppose we have one FreeSWITCH registrar behind SIP proxy (kamailio). I'd like to offload SSL/TLS encryption/decryption to SIP proxy:</div><div class="gmail_msg"><br class="gmail_msg"></div><div class="gmail_msg">REGISTER:</div><div class="gmail_msg"><br class="gmail_msg"></div><div class="gmail_msg">Request: UAC == SIP/TLS ==> Kamailio == UDP ==> FreeSWITCH:50</div><div class="gmail_msg">Reply: UAC <== SIP/TLS == Kamailio <== UDP == FreeSWITCH</div><div class="gmail_msg"><br class="gmail_msg"></div><div class="gmail_msg">INVITE:</div><div class="gmail_msg">UAC1 == SIP/TLS ==> Kamailio == UDP == > FreeSWITCH == UDP ==> Kamailio == SIP/TLS ==> UAC2</div><div class="gmail_msg"><br class="gmail_msg"></div><div class="gmail_msg">(FreeSWITCH uses kamailio as outbound proxy with fs_path tag appended in dialplan).</div><div class="gmail_msg"><br class="gmail_msg"></div><div class="gmail_msg">The main problem is in Contact header which contains transport=tls and we can see it in FreeSWITCH console:</div><div class="gmail_msg"><br class="gmail_msg"></div><div class="gmail_msg">User: <span class="m_4852839966961539317m_-5388894278956103916m_-5412834809417743595gmail-Apple-tab-span gmail_msg" style="white-space:pre-wrap">        </span><a href="mailto:user@domain.com" class="gmail_msg" target="_blank">user@domain.com</a></div><div class="gmail_msg">Contact: <span class="m_4852839966961539317m_-5388894278956103916m_-5412834809417743595gmail-Apple-tab-span gmail_msg" style="white-space:pre-wrap">        </span>"" <sip:user@UAC_IP:57976;transport=tls><br class="gmail_msg"></div><div class="gmail_msg">Status: <span class="m_4852839966961539317m_-5388894278956103916m_-5412834809417743595gmail-Apple-tab-span gmail_msg" style="white-space:pre-wrap">        </span>Registered(TLS)(unknown) EXP(2016-11-22 10:16:59) EXPSECS(108)</div><div class="gmail_msg">IP: <span class="m_4852839966961539317m_-5388894278956103916m_-5412834809417743595gmail-Apple-tab-span gmail_msg" style="white-space:pre-wrap">        </span>SIP_PROXY_IP<br class="gmail_msg"></div><div class="gmail_msg">Port: <span class="m_4852839966961539317m_-5388894278956103916m_-5412834809417743595gmail-Apple-tab-span gmail_msg" style="white-space:pre-wrap">        5060</span><br clear="all" class="gmail_msg"><div class="gmail_msg"><br class="gmail_msg"></div><div class="gmail_msg">When FreeSWITCH sends INVITE to UAC2 (during call) it tries to establish TLS session to UAC2. It fails because there is no TLS-enabled sofia profiles in the config of FreeSWITCH.</div><div class="gmail_msg"><br class="gmail_msg"></div><div class="gmail_msg">I have only one solution in my mind: rewrite transport tag in Contact header on SIP proxy (transport=udp to FreeSWITCH, and transport=tls to UAC).</div><div class="gmail_msg"><br class="gmail_msg"></div><div class="gmail_msg">I'd like to know it this solution ok or there is more elegant solutions.</div><div class="gmail_msg"><br class="gmail_msg"></div><div class="gmail_msg">I've tried appending tag transport=udp in FreeSWITCH's dialplan but no success.</div><div class="gmail_msg"><br class="gmail_msg"></div><div class="gmail_msg">Thank you in advance.</div><span class="m_4852839966961539317m_-5388894278956103916HOEnZb gmail_msg"><font color="#888888" class="gmail_msg"><div class="gmail_msg"><br class="gmail_msg"></div>-- <br class="gmail_msg"><div class="m_4852839966961539317m_-5388894278956103916m_-5412834809417743595gmail_signature gmail_msg"><div dir="ltr" class="gmail_msg">С уважением,<br class="gmail_msg">Владислав Захожай<br class="gmail_msg"><br class="gmail_msg"></div></div>
</font></span></div></div>
<br class="gmail_msg"></div></div>_________________________________________________________________________<br class="gmail_msg">
Professional FreeSWITCH Consulting Services:<br class="gmail_msg">
<a href="mailto:consulting@freeswitch.org" class="gmail_msg" target="_blank">consulting@freeswitch.org</a><br class="gmail_msg">
<a href="http://www.freeswitchsolutions.com" rel="noreferrer" class="gmail_msg" target="_blank">http://www.freeswitchsolutions.com</a><br class="gmail_msg">
<br class="gmail_msg">
Official FreeSWITCH Sites<br class="gmail_msg">
<a href="http://www.freeswitch.org" rel="noreferrer" class="gmail_msg" target="_blank">http://www.freeswitch.org</a><br class="gmail_msg">
<a href="http://confluence.freeswitch.org" rel="noreferrer" class="gmail_msg" target="_blank">http://confluence.freeswitch.org</a><br class="gmail_msg">
<a href="http://www.cluecon.com" rel="noreferrer" class="gmail_msg" target="_blank">http://www.cluecon.com</a><br class="gmail_msg">
<br class="gmail_msg">
FreeSWITCH-users mailing list<br class="gmail_msg">
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" class="gmail_msg" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br class="gmail_msg">
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" rel="noreferrer" class="gmail_msg" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br class="gmail_msg">
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" rel="noreferrer" class="gmail_msg" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br class="gmail_msg">
<a href="http://www.freeswitch.org" rel="noreferrer" class="gmail_msg" target="_blank">http://www.freeswitch.org</a><span class="m_4852839966961539317HOEnZb gmail_msg"><font color="#888888" class="gmail_msg"><br class="gmail_msg"></font></span></blockquote></div><span class="m_4852839966961539317HOEnZb gmail_msg"><font color="#888888" class="gmail_msg"><br class="gmail_msg"><br clear="all" class="gmail_msg"><div class="gmail_msg"><br class="gmail_msg"></div>-- <br class="gmail_msg"><div class="m_4852839966961539317m_-5388894278956103916gmail_signature gmail_msg" data-smartmail="gmail_signature"><div dir="ltr" class="gmail_msg"><div class="gmail_msg"><div dir="ltr" class="gmail_msg"><div class="gmail_msg"><div dir="ltr" class="gmail_msg">Alexandru Covalschi<br class="gmail_msg"><div class="gmail_msg">VoIP engineer and system administrator<br class="gmail_msg">tel: <a href="tel:%2B37367398493" value="+37367398493" class="gmail_msg" target="_blank">+37367398493</a><br class="gmail_msg"><br class="gmail_msg"></div></div></div></div></div></div></div>
</font></span></div>
<br class="gmail_msg">_________________________________________________________________________<br class="gmail_msg">
Professional FreeSWITCH Consulting Services:<br class="gmail_msg">
<a href="mailto:consulting@freeswitch.org" class="gmail_msg" target="_blank">consulting@freeswitch.org</a><br class="gmail_msg">
<a href="http://www.freeswitchsolutions.com" rel="noreferrer" class="gmail_msg" target="_blank">http://www.freeswitchsolutions.com</a><br class="gmail_msg">
<br class="gmail_msg">
Official FreeSWITCH Sites<br class="gmail_msg">
<a href="http://www.freeswitch.org" rel="noreferrer" class="gmail_msg" target="_blank">http://www.freeswitch.org</a><br class="gmail_msg">
<a href="http://confluence.freeswitch.org" rel="noreferrer" class="gmail_msg" target="_blank">http://confluence.freeswitch.org</a><br class="gmail_msg">
<a href="http://www.cluecon.com" rel="noreferrer" class="gmail_msg" target="_blank">http://www.cluecon.com</a><br class="gmail_msg">
<br class="gmail_msg">
FreeSWITCH-users mailing list<br class="gmail_msg">
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" class="gmail_msg" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br class="gmail_msg">
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" rel="noreferrer" class="gmail_msg" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br class="gmail_msg">
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" rel="noreferrer" class="gmail_msg" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br class="gmail_msg">
<a href="http://www.freeswitch.org" rel="noreferrer" class="gmail_msg" target="_blank">http://www.freeswitch.org</a><br class="gmail_msg"></blockquote></div><br class="gmail_msg"><br clear="all" class="gmail_msg"><div class="gmail_msg"><br class="gmail_msg"></div>-- <br class="gmail_msg"><div class="m_4852839966961539317gmail_signature gmail_msg" data-smartmail="gmail_signature"><div dir="ltr" class="gmail_msg">С уважением,<br class="gmail_msg">Владислав Захожай<br class="gmail_msg"><br class="gmail_msg"></div></div>
</div>
_________________________________________________________________________<br class="gmail_msg">
Professional FreeSWITCH Consulting Services:<br class="gmail_msg">
<a href="mailto:consulting@freeswitch.org" class="gmail_msg" target="_blank">consulting@freeswitch.org</a><br class="gmail_msg">
<a href="http://www.freeswitchsolutions.com" rel="noreferrer" class="gmail_msg" target="_blank">http://www.freeswitchsolutions.com</a><br class="gmail_msg">
<br class="gmail_msg">
Official FreeSWITCH Sites<br class="gmail_msg">
<a href="http://www.freeswitch.org" rel="noreferrer" class="gmail_msg" target="_blank">http://www.freeswitch.org</a><br class="gmail_msg">
<a href="http://confluence.freeswitch.org" rel="noreferrer" class="gmail_msg" target="_blank">http://confluence.freeswitch.org</a><br class="gmail_msg">
<a href="http://www.cluecon.com" rel="noreferrer" class="gmail_msg" target="_blank">http://www.cluecon.com</a><br class="gmail_msg">
<br class="gmail_msg">
FreeSWITCH-users mailing list<br class="gmail_msg">
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" class="gmail_msg" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br class="gmail_msg">
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" rel="noreferrer" class="gmail_msg" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br class="gmail_msg">
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" rel="noreferrer" class="gmail_msg" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br class="gmail_msg">
<a href="http://www.freeswitch.org" rel="noreferrer" class="gmail_msg" target="_blank">http://www.freeswitch.org</a></blockquote></div>