[Freeswitch-users] RTP Over VPN Split Tunnel

Michael Jerris mike at jerris.com
Tue Sep 10 16:00:28 MSD 2013 

It only makes sense if the endpoints are giving out the vpn addresses as their rtp addresses in the sdp.

On Sep 9, 2013, at 10:15 PM, Peter <eidevm5 at gmail.com> wrote:

> My goal is to have SIP and media go over the split tunnel VPN, with the SIP traffic going through FS (which it does) and the RTP stream between the VPN IP addresses of the two endpoints.
> 
> I have inbound-bypass-media set to true as I don't want the media to go via FS.
> 
> Does that make sense?
> 
> 
> On Mon, Sep 9, 2013 at 10:09 PM, Michael Jerris <mike at jerris.com> wrote:
> are you trying to send the media over the vpn now or peer to peer?  do you still have inbound-bypass-media set to true?  Peer to peer may never work depending on what is in the original sdp of the clients.
> 
> On Sep 8, 2013, at 11:28 PM, Peter <eidevm5 at gmail.com> wrote:
> 
>> Hi Michael.
>> 
>> I have rtp-ip set to the VPN IP address.   Is there any other setting I can try?
>> 
>> Thanks
>> 
>> Peter
>> 
>> 
>> On Fri, Sep 6, 2013 at 4:24 PM, Michael Jerris <mike at jerris.com> wrote:
>> if your talking about the media still hitting fs but through a
>> different ip that isn't going through VPN, you should be able to work
>> this out by adjusting rtp-ip param
>> 
>> On Sep 5, 2013, at 7:52 AM, "Veniamin (Benjamin) Beskrovny"
>> <beskrovny at gmail.com> wrote:
>> 
>> > http://wiki.freeswitch.org/wiki/Codec_negotiation#Rewriting_SDP maybe?
>> >
>> > On 9/5/13, Peter <eidevm5 at gmail.com> wrote:
>> >> This is not a direct FreeSWITCH question, but was hoping someone might have
>> >> set up a similar configuration.
>> >>
>> >> Currently I have a FS server where SIP clients (Linphone) register to via a
>> >> Cisco AnyConnect VPN.  I have inbound-bypass-media set to true so that RTP
>> >> traffic is peer to peer.
>> >>
>> >>
>> >> If I tunnel all traffic, the SIP transport and RTP media works just fine.
>> >>
>> >> If I set up a VPN split tunnel that allows the subnets of the VPN client
>> >> and the FS server, the SIP signalling is fine, but in the SDP, it specifies
>> >> a non VPN address, eg:
>> >>
>> >> INVITE sips:1004 at 10.1.1.204;transport=udp SIP/2.0
>> >>   Via: SIP/2.0 10.1.254.36:53036;branch=z9hG4bK.GRrzYXeCN;rport
>> >>   From: <sip:1001 at 10.1.1.204>;tag=cN83ZcmHw
>> >>   To: sip:1004 at 10.1.1.204
>> >>   CSeq: 20 INVITE
>> >>   Call-ID: e7eEYxoML2
>> >>   Max-Forwards: 70
>> >>   Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE,
>> >> SUBSCRIBE, INFO
>> >>   Content-Type: application/sdp
>> >>   Content-Length: 426
>> >>   User-Agent: LinphoneAndroid/2.1.2-177-g015b83c (belle-sip/0.0.1)
>> >>   Contact: <sip:1001 at 10.1.254.36:53036
>> >> ;transport=udp>;+sip.instance="<urn:uuid:83c4b823-9c0d-4e02-b7f7-cdd3ae2f1259>"
>> >>
>> >>   v=0
>> >>   o=1001 3921 1865 IN IP4 [ISP address]
>> >>   s=Talk
>> >>   c=IN IP4 [ISP address]
>> >>   b=AS:380
>> >>   t=0 0
>> >>   m=audio 1031 RTP/SAVP 0 8 100 101
>> >>   a=rtpmap:100 iLBC/8000
>> >>   a=fmtp:100 mode=30
>> >>   a=rtpmap:101 telephone-event/8000
>> >>   a=fmtp:101 0-11
>> >>   a=rtcp:7079 IN IP4 [wireless IP address]
>> >>
>> >>
>> >> I'm not very familiar with how the SDP is constructed, but I'm assuming
>> >> that it's the SIP client that's responsible for offering it's IP addresses.
>> >>
>> >> Are there any FreeSWITCH settings that would affect the IP addresses in the
>> >> SDP?
>> >>
>> >> Thanks
>> >>
>> >> Peter
>> >
>> > _________________________________________________________________________
>> > Professional FreeSWITCH Consulting Services:
>> > consulting at freeswitch.org
>> > http://www.freeswitchsolutions.com
>> >
>> > 
>> > 
>> >
>> > Official FreeSWITCH Sites
>> > http://www.freeswitch.org
>> > http://wiki.freeswitch.org
>> > http://www.cluecon.com
>> >
>> > FreeSWITCH-users mailing list
>> > FreeSWITCH-users at lists.freeswitch.org
>> > http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> > UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> > http://www.freeswitch.org
>> 
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services:
>> consulting at freeswitch.org
>> http://www.freeswitchsolutions.com
>> 
>> 
>> 
>> 
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://wiki.freeswitch.org
>> http://www.cluecon.com
>> 
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>> 
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services:
>> consulting at freeswitch.org
>> http://www.freeswitchsolutions.com
>> 
>> 
>> 
>> 
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://wiki.freeswitch.org
>> http://www.cluecon.com
>> 
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
> 
> 
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
> 
> 
> 
> 
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://wiki.freeswitch.org
> http://www.cluecon.com
> 
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
> 
> 
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
> 
> 
> 
> 
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://wiki.freeswitch.org
> http://www.cluecon.com
> 
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20130910/627afaec/attachment.html

Join us at ClueCon 2013 Aug 6-8, 2013
More information about the FreeSWITCH-users mailing list