problem with tls in minisip

Krzysiek cris7 at o2.pl
Wed May 14 23:43:56 CEST 2008 

Hi

I try to setup TLS SIP signalling between Freeswitch voip server  and 
Minisip softphone, but it doesn't work.
I think I did everythnig ok in freeswitch configuration. Minisip softphones 
registered properly(First I had to import a CA
certificate). Problem appears when I try to setup a call between them (the 
same subnet). When one softphone try to setup a call, the second won't ring.
I posted this message at the Freeswitch forum and they write back that 
minisip must decide wheather to use tcp or tls during call setup, because in 
INVITE message it uses something like this: transport=tcp, while I chose to 
use tls. I configure minisip to use tls (in sip accounts settings-> sip 
proxy) and I add CA certificate to CA database.
Here is a SIP trace:
#######################################
freeswitch at trixswitch03> recv 669 bytes from tls/[192.168.1.3]:1072 at
20:33:52.506179:
   ------------------------------------------------------------------------
   INVITE sip:1001 at 192.168.1.2 SIP/2.0
   Via: SIP/2.0/TLS 192.168.1.3:1072;rport;branch=z9hG4bK28253
   Route: <sips:192.168.1.2:5061;lr=true;transport=tcp>
   From: <sip:1002 at 192.168.1.2>;tag=30769
   To: <sip:1001 at 192.168.1.2>
   Call-ID: 5206 at 192.168.1.3
   CSeq: 501 INVITE
   Max-Forwards: 70
   Contact: <sip:1002 at 192.168.1.3:1072;transport=tcp>;expires=1000
   User-Agent: Minisip
   Supported: 100rel,sdp-anat
   Content-Type: application/sdp
   Content-Length: 218

   v=0
   o=- 3344 3344 IN IP4 192.168.1.3
   s=Minisip Session
   t=0 0
   m=audio 32616 RTP/AVP 0 8 101
   c=IN IP4 192.168.1.3
   a=rtpmap:0 PCMU/8000/1
   a=rtpmap:8 PCMA/8000/1
   a=rtpmap:101 telephone-event/8000
   a=fmtp:101 0-15
   ------------------------------------------------------------------------
send 268 bytes to tls/[192.168.1.3]:1072 at 20:33:52.509158:
   ------------------------------------------------------------------------
   SIP/2.0 100 Trying
   Via: SIP/2.0/TLS 192.168.1.3:1072;rport=1072;branch=z9hG4bK28253
   From: <sip:1002 at 192.168.1.2>;tag=30769
   To: <sip:1001 at 192.168.1.2>
   Call-ID: 5206 at 192.168.1.3
   CSeq: 501 INVITE
   User-Agent: FreeSWITCH-mod_sofia/1.0.pre4-8086
   Content-Length: 0

   ------------------------------------------------------------------------
send 728 bytes to tls/[192.168.1.3]:1072 at 20:33:52.520721:
   ------------------------------------------------------------------------
   SIP/2.0 407 Proxy Authentication Required
   Via: SIP/2.0/TLS 192.168.1.3:1072;rport=1072;branch=z9hG4bK28253
   From: <sip:1002 at 192.168.1.2>;tag=30769
   To: <sip:1001 at 192.168.1.2>;tag=127yN23jBU4HF
   Call-ID: 5206 at 192.168.1.3
   CSeq: 501 INVITE
   User-Agent: FreeSWITCH-mod_sofia/1.0.pre4-8086
   Accept: application/sdp
   Allow: INVITE, ACK, BYE, CANCEL, OPTIONS, PRACK, MESSAGE, SUBSCRIBE,
NOTIFY, REFER, UPDATE, REGISTER, INFO, PUBLISH
   Supported: 100rel, precondition, timer
   Allow-Events: talk, presence, dialog, call-info, sla,
include-session-description, presence.winfo, message-summary
   Proxy-Authenticate: Digest realm="192.168.1.2",
nonce="fef2ab8e-483f-45d6-8b13-59f383bd75fb", algorithm=MD5, qop="auth"
   Content-Length: 0

   ------------------------------------------------------------------------
recv 316 bytes from tls/[192.168.1.3]:1072 at 20:33:52.528439:
   ------------------------------------------------------------------------
   ACK sip:1001 at 192.168.1.2 SIP/2.0
   Via: SIP/2.0/TLS 192.168.1.3:1072;rport;branch=z9hG4bK28253
   Max-Forwards: 70
   Route: <sips:192.168.1.2:5061;lr=true;transport=tcp>
   From: <sip:1002 at 192.168.1.2>;tag=30769
   Call-ID: 5206 at 192.168.1.3
   CSeq: 501 ACK
   To: <sip:1001 at 192.168.1.2>;tag=127yN23jBU4HF
   Content-Length: 0

   ------------------------------------------------------------------------
recv 863 bytes from tls/[192.168.1.3]:1072 at 20:33:52.568375:
   ------------------------------------------------------------------------
   INVITE sip:1001 at 192.168.1.2 SIP/2.0
   Via: SIP/2.0/TLS 192.168.1.3:1072;rport;branch=z9hG4bK6868
   Route: <sips:192.168.1.2:5061;lr=true;transport=tcp>
   From: <sip:1002 at 192.168.1.2>;tag=30769
   To: <sip:1001 at 192.168.1.2>
   Call-ID: 5206 at 192.168.1.3
   CSeq: 502 INVITE
   Max-Forwards: 70
   Contact: <sip:1002 at 192.168.1.3:1072;transport=tcp>;expires=1000
   User-Agent: Minisip
   Supported: 100rel,sdp-anat
   Proxy-Authorization: Digest
algorithm=MD5,username="1002",realm="192.168.1.2",nonce="fef2ab8e-483f-45d6-8b13-59f383bd75fb",uri="sip:1001 at 192.168.1.2",response="cdf7016d5fe00d8c715047a9edc094e8"
   Content-Type: application/sdp
   Content-Length: 218

   v=0
   o=- 3344 3344 IN IP4 192.168.1.3
   s=Minisip Session
   t=0 0
   m=audio 32616 RTP/AVP 0 8 101
   c=IN IP4 192.168.1.3
   a=rtpmap:0 PCMU/8000/1
   a=rtpmap:8 PCMA/8000/1
   a=rtpmap:101 telephone-event/8000
   a=fmtp:101 0-15
   ------------------------------------------------------------------------
send 267 bytes to tls/[192.168.1.3]:1072 at 20:33:52.570791:
   ------------------------------------------------------------------------
   SIP/2.0 100 Trying
   Via: SIP/2.0/TLS 192.168.1.3:1072;rport=1072;branch=z9hG4bK6868
   From: <sip:1002 at 192.168.1.2>;tag=30769
   To: <sip:1001 at 192.168.1.2>
   Call-ID: 5206 at 192.168.1.3
   CSeq: 502 INVITE
   User-Agent: FreeSWITCH-mod_sofia/1.0.pre4-8086
   Content-Length: 0
#######################################

and few seconds later something like this appears:

#######################################
send 656 bytes to tls/[192.168.1.3]:1072 at 20:34:22.011100:
   ------------------------------------------------------------------------
   SIP/2.0 500 No session set by user
   Via: SIP/2.0/TLS 192.168.1.3:1072;rport=1072;branch=z9hG4bK6868
   From: <sip:1002 at 192.168.1.2>;tag=30769
   To: <sip:1001 at 192.168.1.2>;tag=2B1QQXmp83t4a
   Call-ID: 5206 at 192.168.1.3
   CSeq: 502 INVITE
   Contact: <sip:mod_sofia at 192.168.1.2:5060;transport=tcp>
   User-Agent: FreeSWITCH-mod_sofia/1.0.pre4-8086
   Accept: application/sdp
   Allow: INVITE, ACK, BYE, CANCEL, OPTIONS, PRACK, MESSAGE, SUBSCRIBE,
NOTIFY, REFER, UPDATE, REGISTER, INFO, PUBLISH
   Supported: 100rel, precondition, timer
   Allow-Events: talk, presence, dialog, call-info, sla,
include-session-description, presence.winfo, message-summary
   Content-Length: 0

   ------------------------------------------------------------------------
recv 510 bytes from tls/[192.168.1.3]:1072 at 20:34:22.021547:
   ------------------------------------------------------------------------
   ACK sip:1001 at 192.168.1.2 SIP/2.0
   Via: SIP/2.0/TLS 192.168.1.3:1072;rport;branch=z9hG4bK6868
   Max-Forwards: 70
   Route: <sips:192.168.1.2:5061;lr=true;transport=tcp>
   From: <sip:1002 at 192.168.1.2>;tag=30769
   Call-ID: 5206 at 192.168.1.3
   CSeq: 502 ACK
   Proxy-Authorization: Digest
algorithm=MD5,username="1002",realm="192.168.1.2",nonce="fef2ab8e-483f-45d6-8b13-59f383bd75fb",uri="sip:1001 at 192.168.1.2",response="cdf7016d5fe00d8c715047a9edc094e8"
   To: <sip:1001 at 192.168.1.2>;tag=2B1QQXmp83t4a
   Content-Length: 0
######################################


Thanks for help
Chris

More information about the Minisip-users mailing list