[Freeswitch-users] wss and nginx

Philipp Zeitschel philipp at zeitschel.net
Wed May 18 12:35:24 MSD 2016


Hi,



i've googled for hours but i don't get it to work



i have a nginx proxy at my public ip and it forwards the traffic through 10.1.71.5 to my freeswitch box at 10.1.71.10



i've set ext-rtp-ip and ext-sip-ip  to my external IP adress and created the acl.conf.xml in autoload_configs with following content:

<configuration name="acl.conf" description="Network Lists">

<network-lists>

<list name="lan" default="deny">

<node type="allow" cidr="10.1.1.1/32" />

</list>

</network-lists>

</configuration>



In fs_cli i get the message

2016-05-18 08:13:43.245201 [WARNING] switch_core_media.c:3458 NO candidate ACL defined, Defaulting to wan.auto



So i think the acl is working.



My nginx config looks like this:



server {

  listen 0.0.0.0:443;

  server_name   hostname;

    keepalive_timeout   70;

    ssl on;

    ssl_certificate     /etc/ssl/my.ct;

    ssl_certificate_key /etc/ssl/my.key;

    ssl_dhparam         /etc/ssl/dhparam.pem;



    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

    ssl_prefer_server_ciphers on;

    ssl_session_cache shared:SSL:10m;

    ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';



  location / {

   proxy_set_header Upgrade $http_upgrade;

    proxy_set_header Connection $connection_upgrade;

    proxy_set_header X-Real-IP $remote_addr;

    proxy_set_header Host $host;

    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

    proxy_read_timeout 3600;

    proxy_http_version 1.1;

    proxy_pass https://10.1.71.10:7443;

  }

}





I can login and establish calls but i don't hear voice so i think the rtp packages are not ok



Because of that i've enabled sip trace and get this:



send 1668 bytes to wss/[10.1.71.5]:32890 at 08:13:43.266640:

   ------------------------------------------------------------------------

   SIP/2.0 200 OK

   Via: SIP/2.0/WSS keenaijeb5h6.invalid;branch=z9hG4bK779005;received=10.1.71.5;rport=32890

   From: <sip:user at domain>;tag=n8m38teo73

   To: <sip:conf at domain>;tag=gX23c0rey78vH

   Call-ID: toghv9ifikpaeib85mh8

   CSeq: 6099 INVITE

   Contact: <sip:conf at 138.201.x.x:5080;transport=udp>

   User-Agent: FreeSWITCH-mod_sofia/1.6.8-15-99de0ad~64bit

   Accept: application/sdp

   Allow: INVITE, ACK, BYE, CANCEL, OPTIONS, MESSAGE, INFO, UPDATE, REGISTER, REFER, NOTIFY

   Supported: timer, path, replaces

   Allow-Events: talk, hold, conference, refer

   Content-Type: application/sdp

   Content-Disposition: session

   Content-Length: 901

   Remote-Party-ID: "conf" <sip:conf at domain>;party=calling;privacy=off;screen=no



   v=0

   o=FreeSWITCH 1463528835 1463528836 IN IP4 10.1.71.10

   s=FreeSWITCH

   c=IN IP4 10.1.71.10

   t=0 0

   a=msid-semantic: WMS 7y98fmZXWMapBpCUcRfJdKQGM9JU5t83

   a=end-of-candidates

   m=audio 30388 UDP/TLS/RTP/SAVPF 111 101 106

   a=rtpmap:111 opus/48000/2

   a=fmtp:111 useinbandfec=1; minptime=10

   a=rtpmap:101 telephone-event/8000

   a=rtpmap:106 CN/8000

   a=ptime:20

   a=fingerprint:sha-256 5E:AE:56:B1:0B:39:38:7B:00:6F:8A:84:F6:0F:DC:86:8D:24:9A:7D:4D:59:F8:95:8F:CC:ED:A2:6F:90:84:2C

   a=setup:active

   a=rtcp-mux

   a=rtcp:30388 IN IP4 10.1.71.10

   a=ice-ufrag:wLDAlj6YjGJfZH8H

   a=ice-pwd:F0vQH6N0H0LyFhs1SVr45oSe

   a=candidate:0546395930 1 udp 659136 10.1.71.10 30388 typ host generation 0

   a=ssrc:2671785415 cname:R71XkQK7tLmU0PF3

   a=ssrc:2671785415 msid:7y98fmZXWMapBpCUcRfJdKQGM9JU5t83 a0

   a=ssrc:2671785415 mslabel:7y98fmZXWMapBpCUcRfJdKQGM9JU5t83

   a=ssrc:2671785415 label:7y98fmZXWMapBpCUcRfJdKQGM9JU5t83a0

   ------------------------------------------------------------------------



My freeswitch (running on debian jessie) version is

FreeSWITCH Version 1.6.8-15-99de0ad~64bit (-15-99de0ad 64bit)



What am i doing wrong? What else can i do to force freeswitch to use my external IP in the RTP Packages?



Regards



Philipp

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20160518/46b61231/attachment-0001.html 


Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users mailing list