<div dir="ltr">Hello guys<div>I want configure user frendly WebRTC server based on FreeSwitch and SipML5 client.</div><div><br></div><div>It can be easy done in FreeSwitch and NGINX is bounded to different IP/ports. But if you wants use one IP and 443 port then you will try configre NGINX to proxy all reuests line "/fs-socket/" to FreeSwitch port 7443.</div><div><br></div><div>It is works fine but FreeSwitch cannot not see real client IP address like folowing. Captured on Amazon server.</div><div><br></div><div>freeswitch@ip-172-31-29-87.us-west-2.compute.internal> sofia status profile internal reg </div><div><br></div><div>Registrations:</div><div>=================================================================================================</div><div>Call-ID: <span class="Apple-tab-span" style="white-space:pre"> </span>f1e8c7ca-8f50-4285-fd1a-148d2f1d1b88</div><div>User: <span class="Apple-tab-span" style="white-space:pre"> </span><a href="mailto:23@46.218.201.23">23@46.218.201.23</a></div><div>Contact: <span class="Apple-tab-span" style="white-space:pre"> </span>"23" <sips:23@df7jal23ls0d.invalid;rtcweb-breaker=no;transport=wss;fs_nat=yes;fs_path=sips%3A23%40172.31.29.87%3A37244%3Brtcweb-breaker%3Dno%3Btransport%3Dwss></div><div>Agent: <span class="Apple-tab-span" style="white-space:pre"> </span>IM-client/OMA1.0 sipML5-v1.2016.03.04</div><div>Status: <span class="Apple-tab-span" style="white-space:pre"> </span>Registered(TLS-NAT)(unknown) EXP(2016-12-24 09:42:43) EXPSECS(230)</div><div>Ping-Status:<span class="Apple-tab-span" style="white-space:pre"> </span>Reachable</div><div>Ping-Time:<span class="Apple-tab-span" style="white-space:pre"> </span>0.00</div><div>Host: <span class="Apple-tab-span" style="white-space:pre"> </span>ip-172-31-29-87.us-west-2.compute.internal</div><div>IP: <span class="Apple-tab-span" style="white-space:pre"> </span>172.31.29.87</div><div>Port: <span class="Apple-tab-span" style="white-space:pre"> </span>37244</div><div>Auth-User: <span class="Apple-tab-span" style="white-space:pre"> </span>23</div><div>Auth-Realm: <span class="Apple-tab-span" style="white-space:pre"> </span>46.218.201.23</div><div>MWI-Account:<span class="Apple-tab-span" style="white-space:pre"> </span><a href="mailto:23@46.218.201.23">23@46.218.201.23</a></div><div><br></div><div>Total items returned: 1</div><div>=================================================================================================</div><div><br></div><div>Displayed real IP address of NGINX</div><div><br></div><div>Also when received INVITE then variables like network_addr will cantain real IP of NGINX.</div><div><br></div><div>Then you can try confgire nginx like ng</div><div><pre style="margin-top:0px;margin-bottom:1em;padding:5px;border:0px;font-size:13px;width:auto;max-height:600px;overflow:auto;font-family:consolas,menlo,monaco,"lucida console","liberation mono","dejavu sans mono","bitstream vera sans mono","courier new",monospace,sans-serif;background-color:rgb(239,240,241);word-wrap:normal;color:rgb(36,39,41)"><code style="margin:0px;padding:0px;border:0px;font-family:consolas,menlo,monaco,"lucida console","liberation mono","dejavu sans mono","bitstream vera sans mono","courier new",monospace,sans-serif;white-space:inherit">proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;</code></pre></div><div><br></div><div>But FreeSwitch wants SIP headers "X-AUTH-IP" and "X-AUTH-PORT" in every SIP message not only connection establishing. NGINX not understand SIP messages and cannot do it.</div><div><br></div><div>Then you will try cofigure Kamailio between NGINX and FreeSwitch. In this case Kamailio can parce http headers and add requred SIP header.</div><div>Are you can suggest other way to publish FreeSwitch socket on same port with http server?</div><div><br></div><div> </div></div>