Thanks Sergiu.. It works for me.
Now, when I make a call from Teams, in syslog I see: Apr 21 10:39:39 vps793907 /usr/sbin/kamailio[20651]: DEBUG: <core> [parser/msg_parser.c:623]: parse_msg(): SIP Request: Apr 21 10:39:39 vps793907 /usr/sbin/kamailio[20651]: DEBUG: <core> [parser/msg_parser.c:625]: parse_msg(): method: <ACK> Apr 21 10:39:39 vps793907 /usr/sbin/kamailio[20651]: DEBUG: <core> [parser/msg_parser.c:627]: parse_msg(): uri: <sip:+34XXXXXXXXX@SBC-DNS :5061;user=phone;transport=tls> Apr 21 10:39:39 vps793907 /usr/sbin/kamailio[20651]: DEBUG: <core> [parser/msg_parser.c:629]: parse_msg(): version: <SIP/2.0> But now How can I do to "transfer" the call to a kamailio user or to my Asterisk? Thanks for all El mar., 21 abr. 2020 a las 6:18, Sergiu Pojoga (<pojo...@gmail.com>) escribió: > Check out below thread, it explains it all. > > https://lists.kamailio.org/pipermail/sr-users/2020-March/108684.html > > On Mon, Apr 20, 2020 at 3:24 PM sip user <sipuser...@gmail.com> wrote: > >> Sorry.. Im a bit loose in this one... >> >> So, ive use letsencrypy to generate the certificate, and the CA, how i >> have to generate? >> >> Thanks >> >> El lun., 20 abr. 2020 19:06, Sergiu Pojoga <pojo...@gmail.com> escribió: >> >>> ca_list= /etc/letsencrypt/live/FQND/chain.pem >>> >>> Is that pointing to your Root CA certificate? I highly doubt it. >>> That's probably the reason why you get "tls_read_f(): TLS >>> write:error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate >>> verify failed" >>> >>> On Mon, Apr 20, 2020 at 11:53 AM sip user <sipuser...@gmail.com> wrote: >>> >>>> Hi.. >>>> >>>> Thank you all very much for answering me. >>>> >>>> I have made many test: >>>> >>>> First, I've installed ssl cert with letsencrypt, like >>>> https://www.fredposner.com/1836/kamailio-tls-and-letsencrypt/, this >>>> one i made it before. >>>> >>>> I've configured tls.cfg like: >>>> >>>> [server:default] >>>> method = TLSv1.2 >>>> verify_certificate = yes >>>> require_certificate = yes >>>> private_key = /etc/letsencrypt/live/FQND/privkey.pem >>>> certificate = /etc/letsencrypt/live/FQDN/fullchain.pem >>>> ca_list= /etc/letsencrypt/live/FQND/chain.pem >>>> >>>> [client:default] >>>> method = TLSv1.2 >>>> verify_certificate = yes >>>> require_certificate = yes >>>> private_key = /etc/letsencrypt/live/FQND/privkey.pem >>>> certificate = /etc/letsencrypt/live/FQDN/fullchain.pem >>>> ca_list= /etc/letsencrypt/live/FQND/chain.pem >>>> >>>> In syslog I received: >>>> >>>> Apr 20 17:31:25 vps793907 /usr/sbin/kamailio[8481]: INFO: <script>: >>>> Sent out tm request: OPTIONS sip:sip.pstnhub.microsoft.com;transport=tls >>>> SIP/2.0#015#012Via: SIP/2.0/TLS >>>> SBC-IP:5061;branch=z9hG4bK66bb.a6291812000000000000000000000000.0#015#012To: >>>> <sip:sip.pstnhub.microsoft.com;transport=tls>#015#012From: >>>> <sip:dispatcher@localhost>;tag=d012046760e0e80ea51cb82629f4d4bc-c14c#015#012CSeq: >>>> 10 OPTIONS#015#012Call-ID: >>>> 0d202fa1261f1449-8481@51.89.23.96#015#012Max-Forwards >>>> <http://0d202fa1261f1449-8481@51.89.23.96#015%23012Max-Forwards>: >>>> 70#015#012Content-Length: 0#015#012User-Agent: kamailio (4.2.0 >>>> (x86_64/linux)) >>>> Apr 20 17:31:25 vps793907 /usr/sbin/kamailio[8481]: INFO: <script>: >>>> Sent out tm request: OPTIONS sip:sip2.pstnhub.microsoft.com;transport=tls >>>> SIP/2.0#015#012Via: SIP/2.0/TLS >>>> SBC-IP:5061;branch=z9hG4bK59bb.f565cf11000000000000000000000000.0#015#012To: >>>> <sip:sip2.pstnhub.microsoft.com;transport=tls>#015#012From: >>>> <sip:dispatcher@localhost>;tag=d012046760e0e80ea51cb82629f4d4bc-3df0#015#012CSeq: >>>> 10 OPTIONS#015#012Call-ID: >>>> 0d202fa1261f144a-8481@51.89.23.96#015#012Max-Forwards >>>> <http://0d202fa1261f144a-8481@51.89.23.96#015%23012Max-Forwards>: >>>> 70#015#012Content-Length: 0#015#012User-Agent: kamailio (4.2.0 >>>> (x86_64/linux)) >>>> Apr 20 17:31:25 vps793907 /usr/sbin/kamailio[8485]: ERROR: tls >>>> [tls_server.c:1193]: tls_read_f(): TLS write:error:14090086:SSL >>>> routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed >>>> Apr 20 17:31:25 vps793907 /usr/sbin/kamailio[8485]: ERROR: <core> >>>> [tcp_read.c:1279]: tcp_read_req(): ERROR: tcp_read_req: error reading >>>> Apr 20 17:31:25 vps793907 /usr/sbin/kamailio[8481]: INFO: <script>: >>>> Sent out tm request: OPTIONS sip:sip3.pstnhub.microsoft.com;transport=tls >>>> SIP/2.0#015#012Via: SIP/2.0/TLS >>>> SBC-IP:5061;branch=z9hG4bK69bb.212aa3c7000000000000000000000000.0#015#012To: >>>> <sip:sip3.pstnhub.microsoft.com;transport=tls>#015#012From: >>>> <sip:dispatcher@localhost>;tag=d012046760e0e80ea51cb82629f4d4bc-bee0#015#012CSeq: >>>> 10 OPTIONS#015#012Call-ID: >>>> 0d202fa1261f144b-8481@51.89.23.96#015#012Max-Forwards >>>> <http://0d202fa1261f144b-8481@51.89.23.96#015%23012Max-Forwards>: >>>> 70#015#012Content-Length: 0#015#012User-Agent: kamailio (4.2.0 >>>> (x86_64/linux)) >>>> Apr 20 17:31:25 vps793907 /usr/sbin/kamailio[8486]: ERROR: tls >>>> [tls_server.c:1193]: tls_read_f(): TLS write:error:14090086:SSL >>>> routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed >>>> Apr 20 17:31:25 vps793907 /usr/sbin/kamailio[8486]: ERROR: <core> >>>> [tcp_read.c:1279]: tcp_read_req(): ERROR: tcp_read_req: error reading >>>> Apr 20 17:31:25 vps793907 /usr/sbin/kamailio[8487]: ERROR: tls >>>> [tls_server.c:1193]: tls_read_f(): TLS write:error:14090086:SSL >>>> routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed >>>> Apr 20 17:31:25 vps793907 /usr/sbin/kamailio[8487]: ERROR: <core> >>>> [tcp_read.c:1279]: tcp_read_req(): ERROR: tcp_read_req: error reading >>>> >>>> And If I make kamcmd tls.list, I have no response. >>>> >>>> Test two: >>>> >>>> If I coonfigure tls.cfg like: >>>> >>>> [server:default] >>>> method = TLSv1.2 >>>> verify_certificate = no >>>> require_certificate = no >>>> private_key = /etc/letsencrypt/live/FQND/privkey.pem >>>> certificate = /etc/letsencrypt/live/FQDN/fullchain.pem >>>> ca_list= /etc/letsencrypt/live/FQND/chain.pem >>>> >>>> [client:default] >>>> method = TLSv1.2 >>>> verify_certificate = no >>>> require_certificate = no >>>> private_key = /etc/letsencrypt/live/FQND/privkey.pem >>>> certificate = /etc/letsencrypt/live/FQDN/fullchain.pem >>>> ca_list= /etc/letsencrypt/live/FQND/chain.pem >>>> >>>> In syslog: >>>> >>>> Apr 20 17:27:52 vps793907 kernel: [270882.772276] device eth0 left >>>> promiscuous mode >>>> Apr 20 17:27:53 vps793907 /usr/sbin/kamailio[8257]: INFO: <script>: >>>> Sent out tm request: OPTIONS sip:sip.pstnhub.microsoft.com;transport=tls >>>> SIP/2.0#015#012Via: SIP/2.0/TLS >>>> SBC-IP:5061;branch=z9hG4bKf62f.0c39c2d0000000000000000000000000.0#015#012To: >>>> <sip:sip.pstnhub.microsoft.com;transport=tls>#015#012From: >>>> <sip:dispatcher@localhost>;tag=d012046760e0e80ea51cb82629f4d4bc-24c6#015#012CSeq: >>>> 10 OPTIONS#015#012Call-ID: >>>> 02376c756e11dbd4-8257@51.89.23.96#015#012Max-Forwards >>>> <http://02376c756e11dbd4-8257@51.89.23.96#015%23012Max-Forwards>: >>>> 70#015#012Content-Length: 0#015#012User-Agent: kamailio (4.2.0 >>>> (x86_64/linux)) >>>> Apr 20 17:27:53 vps793907 /usr/sbin/kamailio[8257]: INFO: <script>: >>>> Sent out tm request: OPTIONS sip:sip2.pstnhub.microsoft.com;transport=tls >>>> SIP/2.0#015#012Via: SIP/2.0/TLS >>>> SBC-IP:5061;branch=z9hG4bK072f.0e9be960000000000000000000000000.0#015#012To: >>>> <sip:sip2.pstnhub.microsoft.com;transport=tls>#015#012From: >>>> <sip:dispatcher@localhost>;tag=d012046760e0e80ea51cb82629f4d4bc-5a49#015#012CSeq: >>>> 10 OPTIONS#015#012Call-ID: >>>> 02376c756e11dbd5-8257@51.89.23.96#015#012Max-Forwards >>>> <http://02376c756e11dbd5-8257@51.89.23.96#015%23012Max-Forwards>: >>>> 70#015#012Content-Length: 0#015#012User-Agent: kamailio (4.2.0 >>>> (x86_64/linux)) >>>> Apr 20 17:27:53 vps793907 /usr/sbin/kamailio[8257]: INFO: <script>: >>>> Sent out tm request: OPTIONS sip:sip3.pstnhub.microsoft.com;transport=tls >>>> SIP/2.0#015#012Via: SIP/2.0/TLS >>>> SBC-IP:5061;branch=z9hG4bKd62f.82d8b643000000000000000000000000.0#015#012To: >>>> <sip:sip3.pstnhub.microsoft.com;transport=tls>#015#012From: >>>> <sip:dispatcher@localhost>;tag=d012046760e0e80ea51cb82629f4d4bc-d959#015#012CSeq: >>>> 10 OPTIONS#015#012Call-ID: >>>> 02376c756e11dbd6-8257@51.89.23.96#015#012Max-Forwards >>>> <http://02376c756e11dbd6-8257@51.89.23.96#015%23012Max-Forwards>: >>>> 70#015#012Content-Length: 0#015#012User-Agent: kamailio (4.2.0 >>>> (x86_64/linux)) >>>> >>>> And If I make kamcmd tls.list: >>>> >>>> { >>>> id: 1 >>>> timeout: 3595 >>>> src_ip: 52.114.75.24 >>>> src_port: 5061 >>>> dst_ip: SBC-IP >>>> dst_port: 37531 >>>> cipher: ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA >>>> Enc=AESGCM(256) Mac=AEAD >>>> ct_wq_size: 0 >>>> enc_rd_buf: 0 >>>> flags: 2 >>>> state: established >>>> } >>>> { >>>> id: 2 >>>> timeout: 3596 >>>> src_ip: 52.114.132.46 >>>> src_port: 5061 >>>> dst_ip: SBC-IP >>>> dst_port: 33370 >>>> cipher: ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA >>>> Enc=AESGCM(256) Mac=AEAD >>>> ct_wq_size: 0 >>>> enc_rd_buf: 0 >>>> flags: 2 >>>> state: established >>>> } >>>> { >>>> id: 3 >>>> timeout: 3596 >>>> src_ip: 52.114.7.24 >>>> src_port: 5061 >>>> dst_ip: SBC-IP >>>> dst_port: 48819 >>>> cipher: ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA >>>> Enc=AESGCM(256) Mac=AEAD >>>> ct_wq_size: 0 >>>> enc_rd_buf: 0 >>>> flags: 2 >>>> state: established >>>> } >>>> >>>> And with kamcmd dispatcher.list | egrep "URI|FLAGS" I see: >>>> >>>> URI: sip:sip.pstnhub.microsoft.com;transport=tls FLAGS: AP >>>> URI: sip:sip2.pstnhub.microsoft.com;transport=tls FLAGS: AX >>>> URI: sip:sip3.pstnhub.microsoft.com;transport=tls FLAGS: AP >>>> >>>> But in Teams Direct Routing I always see my SBC with problems, never >>>> active. >>>> >>>> In kamailio.cfg I've configure just before request_route: >>>> >>>> event_route[tm:local-request] { >>>> if(is_method("OPTIONS") && $ru =~ "pstnhub.microsoft.com") { >>>> append_hf("Contact: >>>> <sip:SBC-DNS:5061;transport=tls>\r\n"); >>>> } >>>> xlog("L_INFO", "Sent out tm request: $mb\n"); >>>> } >>>> >>>> I don't know where could be the problem.. >>>> >>>> Any more else I can test? >>>> >>>> Thanks for all..!! >>>> >>>> El sáb., 18 abr. 2020 a las 12:39, Yuriy Nasida (<ynas...@gmail.com>) >>>> escribió: >>>> >>>>> Probably. You can get full pcap files using tcpdump and check TLS >>>>> handshakes usign wireshark. >>>>> Also it is not really need to check cert on the side of kamailio. You >>>>> can set (at least for tests) >>>>> verify_certificate = no >>>>> require_certificate = no >>>>> >>>>> On Fri, 17 Apr 2020 at 10:02, sip user <sipuser...@gmail.com> wrote: >>>>> >>>>>> Hi Sergiu.. >>>>>> >>>>>> I've made many test and many change... >>>>>> >>>>>> In tls.cfg I have this: >>>>>> >>>>>> [server:default] >>>>>> method = TLSv1.2 >>>>>> verify_certificate = yes >>>>>> require_certificate = yes >>>>>> private_key = /etc/letsencrypt/ssl/cert.key >>>>>> certificate = /etc/letsencrypt/ssl/cert.crt >>>>>> ca_list = /etc/letsencrypt/ssl/ca.crt >>>>>> >>>>>> [client:default] >>>>>> method = TLSv1.2 >>>>>> verify_certificate = yes >>>>>> require_certificate = yes >>>>>> private_key = /etc/letsencrypt/ssl/cert.key >>>>>> certificate = /etc/letsencrypt/ssl/cert.crt >>>>>> ca_list = /etc/letsencrypt/ssl/ca.crt >>>>>> >>>>>> But when I make Kamcmd tls.list I have not response.. Not show me >>>>>> anything. >>>>>> >>>>>> Problem with certificated?? >>>>>> >>>>>> Thanks >>>>>> >>>>>> El jue., 16 abr. 2020 a las 20:31, Sergiu Pojoga (<pojo...@gmail.com>) >>>>>> escribió: >>>>>> >>>>>>> Hi SIP User/anonymous/one-time-visitor/, >>>>>>> >>>>>>> Your TLS config isn't correct. The article clearly says >>>>>>> verify/require_certificate must be set to 'yes' >>>>>>> >>>>>>> *kamcmd tls.list* >>>>>>> Does it show any 'established' connections with MS proxy? >>>>>>> >>>>>>> Good luck, >>>>>>> >>>>>>> --Sergiu >>>>>>> >>>>>>> On Thu, Apr 16, 2020 at 11:41 AM Ovidiu Sas <o...@voipembedded.com> >>>>>>> wrote: >>>>>>> >>>>>>>> The tutorial is pretty clear: >>>>>>>> You need to add the Contact header only for OPTIONS pings. >>>>>>>> You need to use the proper Record-Route headers based on the >>>>>>>> direction >>>>>>>> of the call. >>>>>>>> There's no out of the box solution because each setup is different. >>>>>>>> >>>>>>>> If you understand how loose routing works in SIP, then you know how >>>>>>>> to >>>>>>>> adjust the config to use record_route_preset(), just as explained in >>>>>>>> the tutorial. There is also an example of an INVITE that has the >>>>>>>> right >>>>>>>> Record-Route headers in the tutorial. >>>>>>>> >>>>>>>> You can choose to use the FQDN for the Record-Route header facing MS >>>>>>>> and the IP for the Record-Route header facing the carrier or use the >>>>>>>> FQDN for both Record-Route headers (just like in the >>>>>>>> tutorialexample). >>>>>>>> Alternatively, one can try to advertise the FQDN in the listen >>>>>>>> directive in the config and then the Record-Route headers should be >>>>>>>> populated automatically. >>>>>>>> >>>>>>>> Regards, >>>>>>>> Ovidiu Sas >>>>>>>> >>>>>>>> On Thu, Apr 16, 2020 at 10:50 AM sip user <sipuser...@gmail.com> >>>>>>>> wrote: >>>>>>>> > >>>>>>>> > Hi Nasida.. Thanks for answerd to me... >>>>>>>> > >>>>>>>> > I've activarted the debugger module, and I see the same: >>>>>>>> > >>>>>>>> > Apr 15 11:11:41 vps793907 kamailio[23122]: 13(23167) DEBUG: >>>>>>>> <core> [ip_addr.c:243]: print_ip(): tcpconn_new: new tcp connection: >>>>>>>> 52.114.7.24 >>>>>>>> > Apr 15 11:11:41 vps793907 kamailio[23122]: 13(23167) DEBUG: >>>>>>>> <core> [tcp_main.c:1073]: tcpconn_new(): tcpconn_new: on port 4160, >>>>>>>> type 3 >>>>>>>> > Apr 15 11:11:41 vps793907 kamailio[23122]: 13(23167) DEBUG: >>>>>>>> <core> [tcp_main.c:1382]: tcpconn_add(): tcpconn_add: hashes: >>>>>>>> 171:1857:1187, 30 >>>>>>>> > Apr 15 11:11:41 vps793907 kamailio[23122]: 13(23167) DEBUG: >>>>>>>> <core> [io_wait.h:388]: io_watch_add(): DBG: io_watch_add(0xa1f240, >>>>>>>> 23, 2, >>>>>>>> 0x7f90f2438f80), fd_no=17 >>>>>>>> > Apr 15 11:11:41 vps793907 kamailio[23122]: 13(23167) DEBUG: >>>>>>>> <core> [io_wait.h:610]: io_watch_del(): DBG: io_watch_del (0xa1f240, >>>>>>>> 23, >>>>>>>> -1, 0x0) fd_no=18 called >>>>>>>> > Apr 15 11:11:41 vps793907 kamailio[23122]: 13(23167) DEBUG: >>>>>>>> <core> [tcp_main.c:4219]: handle_tcpconn_ev(): tcp: DBG: sending to >>>>>>>> child, >>>>>>>> events 1 >>>>>>>> > Apr 15 11:11:41 vps793907 kamailio[23122]: 13(23167) DEBUG: >>>>>>>> <core> [tcp_main.c:3902]: send2child(): selected tcp worker 1 >>>>>>>> 10(23159) for >>>>>>>> activity on [tls:SBC_IP:5061], 0x7f90f2438f80 >>>>>>>> > Apr 15 11:11:41 vps793907 kamailio[23122]: 10(23159) DEBUG: >>>>>>>> <core> [tcp_read.c:1507]: handle_io(): received n=8 >>>>>>>> con=0x7f90f2438f80, fd=9 >>>>>>>> > Apr 15 11:11:41 vps793907 kamailio[23122]: 10(23159) DEBUG: tls >>>>>>>> [tls_server.c:184]: tls_complete_init(): Using TLS domain TLSs<default> >>>>>>>> > Apr 15 11:11:41 vps793907 kamailio[23122]: 10(23159) DEBUG: tls >>>>>>>> [tls_domain.c:700]: sr_ssl_ctx_info_callback(): SSL handshake started >>>>>>>> > Apr 15 11:11:41 vps793907 kamailio[23122]: 10(23159) DEBUG: >>>>>>>> <core> [tcp_main.c:2516]: tcpconn_do_send(): tcp_send: sending... >>>>>>>> > Apr 15 11:11:41 vps793907 kamailio[23122]: 10(23159) DEBUG: >>>>>>>> <core> [tcp_main.c:2550]: tcpconn_do_send(): tcp_send: after real >>>>>>>> write: c= >>>>>>>> 0x7f90f2438f80 n=1468 fd=9 >>>>>>>> > Apr 15 11:11:41 vps793907 kamailio[23122]: 10(23159) DEBUG: >>>>>>>> <core> [tcp_main.c:2551]: tcpconn_do_send(): tcp_send: buf= >>>>>>>> > Apr 15 11:11:41 vps793907 kamailio[23122]: #026#003#003 >>>>>>>> > Apr 15 11:11:41 vps793907 kamailio[23122]: 10(23159) DEBUG: >>>>>>>> <core> [io_wait.h:388]: io_watch_add(): DBG: io_watch_add(0x9c1700, 9, >>>>>>>> 2, >>>>>>>> 0x7f90f2438f80), fd_no=1 >>>>>>>> > Apr 15 11:11:42 vps793907 kamailio[23122]: 10(23159) DEBUG: >>>>>>>> <core> [tcp_read.c:296]: tcp_read_data(): EOF on 0x7f90f2438f80, FD 9 >>>>>>>> > Apr 15 11:11:42 vps793907 kamailio[23122]: 10(23159) DEBUG: >>>>>>>> <core> [tcp_read.c:1291]: tcp_read_req(): tcp_read_req: EOF >>>>>>>> > Apr 15 11:11:42 vps793907 kamailio[23122]: 10(23159) DEBUG: >>>>>>>> <core> [io_wait.h:610]: io_watch_del(): DBG: io_watch_del (0x9c1700, >>>>>>>> 9, -1, >>>>>>>> 0x10) fd_no=2 called >>>>>>>> > Apr 15 11:11:42 vps793907 kamailio[23122]: 10(23159) DEBUG: >>>>>>>> <core> [tcp_read.c:1434]: release_tcpconn(): releasing con >>>>>>>> 0x7f90f2438f80, >>>>>>>> state -1, fd=9, id=30 >>>>>>>> > Apr 15 11:11:42 vps793907 kamailio[23122]: 10(23159) DEBUG: >>>>>>>> <core> [tcp_read.c:1435]: release_tcpconn(): extra_data 0x7f90f2432b40 >>>>>>>> > Apr 15 11:11:42 vps793907 kamailio[23122]: 13(23167) DEBUG: >>>>>>>> <core> [tcp_main.c:3331]: handle_tcp_child(): handle_tcp_child: reader >>>>>>>> response= 7f90f2438f80, -1 from 1 >>>>>>>> > Apr 15 11:11:42 vps793907 kamailio[23122]: 13(23167) DEBUG: tls >>>>>>>> [tls_server.c:604]: tls_h_close(): Closing SSL connection >>>>>>>> 0x7f90f2432b40 >>>>>>>> > >>>>>>>> > I don't see any different. >>>>>>>> > >>>>>>>> > I know that the module is loaded because I see: >>>>>>>> > >>>>>>>> > exec: *** cfgtrace:request_route=[DEFAULT_ROUTE] >>>>>>>> c=[/etc/kamailio/kamailio.cfg] l=486 a=5 n=route >>>>>>>> > >>>>>>>> > When I restart kamailio, but when I "launch" a call from Teams to >>>>>>>> my Kamailio I only see that. >>>>>>>> > >>>>>>>> > To configure it, I follow >>>>>>>> https://skalatan.de/en/blog/kamailio-sbc-teams.. But I cannot make >>>>>>>> it works.. >>>>>>>> > >>>>>>>> > Any more thing that i can test or do?? >>>>>>>> > >>>>>>>> > Thanks >>>>>>>> > >>>>>>>> > El jue., 16 abr. 2020 a las 14:20, Nasida Yuriy (<nas...@live.ru>) >>>>>>>> escribió: >>>>>>>> >> >>>>>>>> >> Wow, so many people want to configure kamailio with MS. First of >>>>>>>> all i think you need to get sip debug between kamailio and MS. >>>>>>>> Kamilio has >>>>>>>> module to save sip traces. This way you will get sip debug decrypted. >>>>>>>> >> >>>>>>>> >> >>>>>>>> >> ________________________________ >>>>>>>> >> От: sr-users <sr-users-boun...@lists.kamailio.org> от имени sip >>>>>>>> user <sipuser...@gmail.com> >>>>>>>> >> Отправлено: 16 апреля 2020 г. 10:19 >>>>>>>> >> Кому: sr-users@lists.kamailio.org <sr-users@lists.kamailio.org> >>>>>>>> >> Тема: [SR-Users] Kamailio like SBC with Teams >>>>>>>> >> >>>>>>>> >> Hello good morning ... I am new to this list and I was starting >>>>>>>> to mess with Kamailio, mainly to set it up as SBC against Teams, in >>>>>>>> this >>>>>>>> case. >>>>>>>> >> >>>>>>>> >> But I can't get it to work for me. If I launch a call from the >>>>>>>> Teams, in the Kamailio I see: >>>>>>>> >> >>>>>>>> >> 1.- In syslog: >>>>>>>> >> >>>>>>>> >> Apr 15 11:11:41 vps793907 kamailio[23122]: 13(23167) DEBUG: >>>>>>>> <core> [ip_addr.c:243]: print_ip(): tcpconn_new: new tcp connection: >>>>>>>> 52.114.7.24 >>>>>>>> >> Apr 15 11:11:41 vps793907 kamailio[23122]: 13(23167) DEBUG: >>>>>>>> <core> [tcp_main.c:1073]: tcpconn_new(): tcpconn_new: on port 4160, >>>>>>>> type 3 >>>>>>>> >> Apr 15 11:11:41 vps793907 kamailio[23122]: 13(23167) DEBUG: >>>>>>>> <core> [tcp_main.c:1382]: tcpconn_add(): tcpconn_add: hashes: >>>>>>>> 171:1857:1187, 30 >>>>>>>> >> Apr 15 11:11:41 vps793907 kamailio[23122]: 13(23167) DEBUG: >>>>>>>> <core> [io_wait.h:388]: io_watch_add(): DBG: io_watch_add(0xa1f240, >>>>>>>> 23, 2, >>>>>>>> 0x7f90f2438f80), fd_no=17 >>>>>>>> >> Apr 15 11:11:41 vps793907 kamailio[23122]: 13(23167) DEBUG: >>>>>>>> <core> [io_wait.h:610]: io_watch_del(): DBG: io_watch_del (0xa1f240, >>>>>>>> 23, >>>>>>>> -1, 0x0) fd_no=18 called >>>>>>>> >> Apr 15 11:11:41 vps793907 kamailio[23122]: 13(23167) DEBUG: >>>>>>>> <core> [tcp_main.c:4219]: handle_tcpconn_ev(): tcp: DBG: sending to >>>>>>>> child, >>>>>>>> events 1 >>>>>>>> >> Apr 15 11:11:41 vps793907 kamailio[23122]: 13(23167) DEBUG: >>>>>>>> <core> [tcp_main.c:3902]: send2child(): selected tcp worker 1 >>>>>>>> 10(23159) for >>>>>>>> activity on [tls:SBC_IP:5061], 0x7f90f2438f80 >>>>>>>> >> Apr 15 11:11:41 vps793907 kamailio[23122]: 10(23159) DEBUG: >>>>>>>> <core> [tcp_read.c:1507]: handle_io(): received n=8 >>>>>>>> con=0x7f90f2438f80, fd=9 >>>>>>>> >> Apr 15 11:11:41 vps793907 kamailio[23122]: 10(23159) DEBUG: tls >>>>>>>> [tls_server.c:184]: tls_complete_init(): Using TLS domain TLSs<default> >>>>>>>> >> Apr 15 11:11:41 vps793907 kamailio[23122]: 10(23159) DEBUG: tls >>>>>>>> [tls_domain.c:700]: sr_ssl_ctx_info_callback(): SSL handshake started >>>>>>>> >> Apr 15 11:11:41 vps793907 kamailio[23122]: 10(23159) DEBUG: >>>>>>>> <core> [tcp_main.c:2516]: tcpconn_do_send(): tcp_send: sending... >>>>>>>> >> Apr 15 11:11:41 vps793907 kamailio[23122]: 10(23159) DEBUG: >>>>>>>> <core> [tcp_main.c:2550]: tcpconn_do_send(): tcp_send: after real >>>>>>>> write: c= >>>>>>>> 0x7f90f2438f80 n=1468 fd=9 >>>>>>>> >> Apr 15 11:11:41 vps793907 kamailio[23122]: 10(23159) DEBUG: >>>>>>>> <core> [tcp_main.c:2551]: tcpconn_do_send(): tcp_send: buf= >>>>>>>> >> Apr 15 11:11:41 vps793907 kamailio[23122]: #026#003#003 >>>>>>>> >> Apr 15 11:11:41 vps793907 kamailio[23122]: 10(23159) DEBUG: >>>>>>>> <core> [io_wait.h:388]: io_watch_add(): DBG: io_watch_add(0x9c1700, 9, >>>>>>>> 2, >>>>>>>> 0x7f90f2438f80), fd_no=1 >>>>>>>> >> Apr 15 11:11:42 vps793907 kamailio[23122]: 10(23159) DEBUG: >>>>>>>> <core> [tcp_read.c:296]: tcp_read_data(): EOF on 0x7f90f2438f80, FD 9 >>>>>>>> >> Apr 15 11:11:42 vps793907 kamailio[23122]: 10(23159) DEBUG: >>>>>>>> <core> [tcp_read.c:1291]: tcp_read_req(): tcp_read_req: EOF >>>>>>>> >> Apr 15 11:11:42 vps793907 kamailio[23122]: 10(23159) DEBUG: >>>>>>>> <core> [io_wait.h:610]: io_watch_del(): DBG: io_watch_del (0x9c1700, >>>>>>>> 9, -1, >>>>>>>> 0x10) fd_no=2 called >>>>>>>> >> Apr 15 11:11:42 vps793907 kamailio[23122]: 10(23159) DEBUG: >>>>>>>> <core> [tcp_read.c:1434]: release_tcpconn(): releasing con >>>>>>>> 0x7f90f2438f80, >>>>>>>> state -1, fd=9, id=30 >>>>>>>> >> Apr 15 11:11:42 vps793907 kamailio[23122]: 10(23159) DEBUG: >>>>>>>> <core> [tcp_read.c:1435]: release_tcpconn(): extra_data 0x7f90f2432b40 >>>>>>>> >> Apr 15 11:11:42 vps793907 kamailio[23122]: 13(23167) DEBUG: >>>>>>>> <core> [tcp_main.c:3331]: handle_tcp_child(): handle_tcp_child: reader >>>>>>>> response= 7f90f2438f80, -1 from 1 >>>>>>>> >> Apr 15 11:11:42 vps793907 kamailio[23122]: 13(23167) DEBUG: tls >>>>>>>> [tls_server.c:604]: tls_h_close(): Closing SSL connection >>>>>>>> 0x7f90f2432b40 >>>>>>>> >> >>>>>>>> >> 2.- With TCPDUMP: >>>>>>>> >> >>>>>>>> >> 11:13:09.311797 IP SBC_IP .1024 > SBC_IP .eu.sip-tls: Flags [S], >>>>>>>> seq 261244614, win 64240, options [mss 1440,nop,wscale >>>>>>>> 8,nop,nop,sackOK], >>>>>>>> length 0 >>>>>>>> >> 11:13:09.311898 IP SBC_IP .eu.sip-tls > 52.114.76.76.1024: >>>>>>>> Flags [S.], seq 812357247, ack 261244615, win 29200, options [mss >>>>>>>> 1460,nop,nop,sackOK,nop,wscale 7], length 0 >>>>>>>> >> 11:13:09.340358 IP 52.114.76.76.1024 > SBC_IP .eu.sip-tls: >>>>>>>> Flags [.], ack 1, win 2053, length 0 >>>>>>>> >> 11:13:09.340560 IP 52.114.76.76.1024 > SBC_IP .eu.sip-tls: Flags >>>>>>>> [P.], seq 1:187, ack 1, win 2053, length 186 >>>>>>>> >> 11:13:09.340578 IP SBC_IP .eu.sip-tls > 52.114.76.76.1024: Flags >>>>>>>> [.], ack 187, win 237, length 0 >>>>>>>> >> 11:13:09.341361 IP SBC_IP .eu.sip-tls > 52.114.76.76.1024: Flags >>>>>>>> [P.], seq 1:1469, ack 187, win 237, length 1468 >>>>>>>> >> 11:13:09.369606 IP 52.114.76.76.1024 > SBC_IP .eu.sip-tls: Flags >>>>>>>> [.], ack 1469, win 2053, length 0 >>>>>>>> >> 11:13:12.451498 IP 52.114.7.24.1216 > SBC_IP .eu.sip-tls: Flags >>>>>>>> [S], seq 309084204, win 64240, options [mss 1440,nop,wscale >>>>>>>> 8,nop,nop,sackOK], length 0 >>>>>>>> >> 11:13:12.451587 IP SBC_IP .eu.sip-tls > 52.114.7.24.1216: Flags >>>>>>>> [S.], seq 3275066862, ack 309084205, win 29200, options [mss >>>>>>>> 1460,nop,nop,sackOK,nop,wscale 7], length 0 >>>>>>>> >> 11:13:12.707119 IP 52.114.7.24.1216 > SBC_IP .eu.sip-tls: Flags >>>>>>>> [.], ack 1, win 2053, length 0 >>>>>>>> >> 11:13:12.707311 IP 52.114.7.24.1216 > SBC_IP .eu.sip-tls: Flags >>>>>>>> [P.], seq 1:187, ack 1, win 2053, length 186 >>>>>>>> >> 11:13:12.707345 IP SBC_IP .eu.sip-tls > 52.114.7.24.1216: Flags >>>>>>>> [.], ack 187, win 237, length 0 >>>>>>>> >> 11:13:12.708273 IP SBC_IP .eu.sip-tls > 52.114.7.24.1216: Flags >>>>>>>> [P.], seq 1:1469, ack 187, win 237, length 1468 >>>>>>>> >> 11:13:12.965101 IP 52.114.7.24.1216 > SBC_IP .eu.sip-tls: Flags >>>>>>>> [.], ack 1469, win 2053, length 0 >>>>>>>> >> 11:13:12.965156 IP 52.114.7.24.1216 > SBC_IP .eu.sip-tls: Flags >>>>>>>> [F.], seq 187, ack 1469, win 2053, length 0 >>>>>>>> >> 11:13:12.965688 IP SBC_IP .eu.sip-tls > 52.114.7.24.1216: Flags >>>>>>>> [F.], seq 1469, ack 188, win 237, length 0 >>>>>>>> >> 11:13:13.220871 IP 52.114.7.24.1216 > SBC_IP .eu.sip-tls: Flags >>>>>>>> [.], ack 1470, win 2053, length 0 >>>>>>>> >> >>>>>>>> >> I can't "receive" anything. >>>>>>>> >> >>>>>>>> >> I have generated the certificates and configured in the tls.cfg >>>>>>>> of the Kamailio: >>>>>>>> >> >>>>>>>> >> [server:default] >>>>>>>> >> method = TLSv1.2 >>>>>>>> >> verify_certificate = no >>>>>>>> >> require_certificate = no >>>>>>>> >> private_key = /etc/letsencrypt/ssl/cert.key >>>>>>>> >> certificate = /etc/letsencrypt/ssl/cert.crt >>>>>>>> >> ca_list = /etc/letsencrypt/ssl/ca.crt >>>>>>>> >> >>>>>>>> >> Within Kamailio itself I have it configured to return a 200 >>>>>>>> KeepAlive to Teams when it receives an OPTIONS: >>>>>>>> >> >>>>>>>> >> event_route[tm:local-request] { >>>>>>>> >> >>>>>>>> >> if(is_method("OPTIONS") && $ru =~ "pstnhub.microsoft.com") >>>>>>>> { >>>>>>>> >> append_hf("Contact: <sip: SBC_DNS >>>>>>>> :5061;transport=tls>\r\n"); >>>>>>>> >> } >>>>>>>> >> xlog("L_INFO", "Sent out tm request: $mb\n"); >>>>>>>> >> } >>>>>>>> >> >>>>>>>> >> And I have measured the record_route for this new one: >>>>>>>> >> >>>>>>>> >> record_route_preset(" SBC_DNS :5061;transport=tls", " SBC_IP >>>>>>>> :5061"); >>>>>>>> >> >>>>>>>> >> I have created a dispatcher.list: >>>>>>>> >> >>>>>>>> >> # setid(integer) destination(sip uri) flags (integer, optional), >>>>>>>> priority(int,opt), attrs (str,optional) >>>>>>>> >> 1:1:sip:sip.pstnhub.microsoft.com;transport=tls 0 3 socket=tls: >>>>>>>> SBC_IP :5061;ping_from= sip:SBC_DNS >>>>>>>> >> 2:1:sip:sip2.pstnhub.microsoft.com;transport=tls 0 2 >>>>>>>> socket=tls: SBC_IP :5061;ping_from=sip: SBC_DNS >>>>>>>> >> 3:1:sip:sip3.pstnhub.microsoft.com;transport=tls 0 1 >>>>>>>> socket=tls: SBC_IP :5061;ping_from=sip: SBC_DNS >>>>>>>> >> 4:1:sip:sip-all.pstnhub.microsoft.com;transport=tls 0 1 >>>>>>>> socket=tls: SBC_IP :5061;ping_from=sip: SBC_DNS >>>>>>>> >> >>>>>>>> >> I think that one of the problems is that I do not send the >>>>>>>> OPTIONS to the Teams well, since it is on their panel, it indicates >>>>>>>> that >>>>>>>> the SBC is INACTIVE. >>>>>>>> >> >>>>>>>> >> I don't know if you could help me straighten this out a bit ... >>>>>>>> >> >>>>>>>> >> Thank you so much for everything.. >>>>>>>> >> >>>>>>>> >> a greeting >>>>>>>> >> _______________________________________________ >>>>>>>> >> Kamailio (SER) - Users Mailing List >>>>>>>> >> sr-users@lists.kamailio.org >>>>>>>> >> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users >>>>>>>> > >>>>>>>> > _______________________________________________ >>>>>>>> > Kamailio (SER) - Users Mailing List >>>>>>>> > sr-users@lists.kamailio.org >>>>>>>> > https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> VoIP Embedded, Inc. >>>>>>>> http://www.voipembedded.com >>>>>>>> >>>>>>>> _______________________________________________ >>>>>>>> Kamailio (SER) - Users Mailing List >>>>>>>> sr-users@lists.kamailio.org >>>>>>>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users >>>>>>>> >>>>>>> _______________________________________________ >>>>>>> Kamailio (SER) - Users Mailing List >>>>>>> sr-users@lists.kamailio.org >>>>>>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users >>>>>>> >>>>>> _______________________________________________ >>>>>> Kamailio (SER) - Users Mailing List >>>>>> sr-users@lists.kamailio.org >>>>>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users >>>>>> >>>>> _______________________________________________ >>>>> Kamailio (SER) - Users Mailing List >>>>> sr-users@lists.kamailio.org >>>>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users >>>>> >>>> _______________________________________________ >>>> Kamailio (SER) - Users Mailing List >>>> sr-users@lists.kamailio.org >>>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users >>>> >>> _______________________________________________ >>> Kamailio (SER) - Users Mailing List >>> sr-users@lists.kamailio.org >>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users >>> >> _______________________________________________ >> Kamailio (SER) - Users Mailing List >> sr-users@lists.kamailio.org >> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users >> > _______________________________________________ > Kamailio (SER) - Users Mailing List > sr-users@lists.kamailio.org > https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users >
_______________________________________________ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users