VoIP Mailing List Archives :: View topic - [asterisk-users] Asterisk registers with TLS, but sends out calls via UDP

Sponsor: VoiceMeUp - Corporate & Wholesale VoIP Services

VoIP Mailing List Archives
Mailing list archives for the VoIP community

[asterisk-users] Asterisk registers with TLS, but sends out calls via UDP

VoIP Mailing List Archives Forum Index -> Asterisk Users

View previous topic :: View next topic

Author

Message

damm at sipgate.de
Guest

Posted: Wed May 04, 2016 6:26 am Post subject: [asterisk-users] Asterisk registers with TLS, but sends out

Hi, I have an Asterisk 13.8.2, which is supposed to be only a client to an encrypted SIP service. All local phones are connected via UDP. Since I can't use PJSIP (see my mailing list post from yesterday), I tried configuring chan_sip to work that way. My settings are: [general] context=public allowoverlap=no udpbindaddr=0.0.0. tlsbindaddr=0.0.0.0 tcpenable=yes tcpbindaddr=0.0.0.0 tlsenable=yes transport=udp srvlookup=yes tlscafile=/usr/local/etc/asterisk/keys/4cfd3c78.0 tlscapath=/usr/local/etc/asterisk/keys tlsclientmethod=tlsv1 sipdebug = yes register => tls://1234567@example.org:foobar@dev.example.org [devtrunk] type=peer host=example.org defaultuser=1234567 fromuser=1234567 remotesecret=foobar transport=tls outboundproxy=dev.example.org context=carrier-in encryption=yes When I start up, I see my Asterisk doing a _sips._tcp SRV lookup, but that's just for the registration, I guess. I also see it doing _sip._udp SRV queries. I wouldn't know why it would have to do that. The REGISTER packets are sent out via TLS, as I would expect. When I issue a "sip show peer devtrunk" command, it tells me this: Prim.Transp. : TLS Allowed.Trsp : TLS Looks okay to me. But when I place a call, Asterisk does this: Reliably Transmitting (no NAT) to 2.3.4.5:5060: INVITE sip:0123456789@example.org SIP/2.0 Via: SIP/2.0/UDP 9.8.7.6:0;branch=z9hG4bK2974d534 It sends the packet out via UDP, and to the wrong host, since it doesn't use the correct SRV entry and instead sends it to the UDP server. I did not generate a certificate for my Asterisk, because it only acts as a client. I think, this shouldn't be needed. Can anyone point me to where I misconfigured something? Or did I stumble upon a bug? What would I have to do to make Asterisk use the open TLS connection used for registering for outbound calls, too? Best Regards, Sebastian -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users

Display posts from previous:

	VoIP Mailing List Archives Forum Index -> Asterisk Users	All times are GMT - 5 Hours
Page 1 of 1

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum