Hi Folks,
I have encountered one problem during SIP TLS session. I would appreciate your views on the same; During TLS binding setup from X-Lite Softphone to our IP-PBX, IP-PBX returns the server certificate to the X-Lite Softphone. Everything goes fine when IP-PBX is connected on public IP network (having real public IP) as IP-PBX return public IP address in CN field of server certificate and X-Lite Softphone has been sent TLS binding request on public IP address too. However, when IP-PBX is connected behind the NAT router with private IP address assigned on its Ethernet interface (SIP clients on public network can reach IP-PBX through port forwarding), now X-Lite softphone sends the TLS binding request on public interface of router and router forwards this TLS binding request to the IP-PBX connected behind it (port forwarding is enabled in the router). In result, IP-PBX returns server certificate with CN field as its private IP Address, but since X-Lite softphone has been sent TLS binding request on public IP address of router and expect the same public IP address in CN field of server certificate, TLS binding gets failed at this moment. I would like to know if you have ever come to know about such problem.. Best Regards, Vivek Batra _______________________________________________ Sip-implementors mailing list Sip-implementors@lists.cs.columbia.edu https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors
