Verbindungsaufbau über TLS funktioniert nicht.

Toggle sidebar Toggle sidebar
Upgrade 3CX to v18 and get it hosted free!
J

jancarstenk

Neuer User
Mitglied seit
13 Jul 2007
Beiträge
10
Punkte für Reaktionen
0
Punkte
0
Hallo!

Folgendes Problem: Ich habe Asterisk als svn Version von bbryant installiert. In dieser Version ist TLS integriert. Jedoch habe ich jetzt ein Problem. Die Softphones (eyebeam 1.5) können sich zwar über tls am Asterisk Server Anmelden jedoch kann man keine Verbindung zwischen den Clients aufbauen.

Wird versucht jemand anzurufen, steht im Display des Anrufers nur Calling drin aber an der Gegenstelle kommt nichts an.

Asterisk sagt mir dann immer das:

Code: 
<--- SIP read from TLS://192.168.200.22:1104 --->
REGISTER sip:192.168.200.42;transport=tls SIP/2.0
Via: SIP/2.0/TLS 192.168.200.22:33193;branch=z9hG4bK-d87543-2260de410b065d0f-1--d87543-;rport
Max-Forwards: 70
Contact: <sip:[email protected]:33193;rinstance=44caa2ed7edab880;transport=TLS>
To: "192.168.200.42"<sip:[email protected]>
From: "192.168.200.42"<sip:[email protected]>;tag=421d651c
Call-ID: N2Y0ZmI5YmI0NDhkNTE0YzFlZThjZmJhOTBkMjFkZGM.
CSeq: 1 REGISTER
Expires: 3600
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE, SUBSCRIBE, INFO
User-Agent: eyeBeam release 1004p stamp 31962
Content-Length: 0


<------------->
--- (12 headers 0 lines) ---
Sending to 192.168.200.22 : 1104 (NAT)
as02*CLI> 
<--- Transmitting (no NAT) to 192.168.200.22:33193 --->
SIP/2.0 100 Trying
Via: SIP/2.0/TLS 192.168.200.22:33193;branch=z9hG4bK-d87543-2260de410b065d0f-1--d87543-;received=192.168.200.22;rport=1104
From: "192.168.200.42"<sip:[email protected]>;tag=421d651c
To: "192.168.200.42"<sip:[email protected]>
Call-ID: N2Y0ZmI5YmI0NDhkNTE0YzFlZThjZmJhOTBkMjFkZGM.
CSeq: 1 REGISTER
User-Agent: Asterisk PBX SVN-bbryant-sip-tcptls-r76103-/trunk
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY
Supported: replaces
Contact: <sip:[email protected]>
Content-Length: 0


<------------>
[Aug  7 13:17:43] NOTICE[2756]: chan_sip.c:2147 __sip_xmit: Trying to put 'SIP/2.0 10' onto TLS socket...
as02*CLI> 
<--- Transmitting (no NAT) to 192.168.200.22:33193 --->
SIP/2.0 401 Unauthorized
Via: SIP/2.0/TLS 192.168.200.22:33193;branch=z9hG4bK-d87543-2260de410b065d0f-1--d87543-;received=192.168.200.22;rport=1104
From: "192.168.200.42"<sip:[email protected]>;tag=421d651c
To: "192.168.200.42"<sip:[email protected]>;tag=as3e1947d2
Call-ID: N2Y0ZmI5YmI0NDhkNTE0YzFlZThjZmJhOTBkMjFkZGM.
CSeq: 1 REGISTER
User-Agent: Asterisk PBX SVN-bbryant-sip-tcptls-r76103-/trunk
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY
Supported: replaces
WWW-Authenticate: Digest algorithm=MD5, realm="asterisk", nonce="1868ec7b"
Content-Length: 0


<------------>
[Aug  7 13:17:44] NOTICE[2756]: chan_sip.c:2147 __sip_xmit: Trying to put 'SIP/2.0 40' onto TLS socket...
Scheduling destruction of SIP dialog 'N2Y0ZmI5YmI0NDhkNTE0YzFlZThjZmJhOTBkMjFkZGM.' in 32000 ms (Method: REGISTER)
as02*CLI> 
<--- SIP read from TLS://192.168.200.22:1104 --->
REGISTER sip:192.168.200.42;transport=tls SIP/2.0
Via: SIP/2.0/TLS 192.168.200.22:33193;branch=z9hG4bK-d87543-817caa491008f777-1--d87543-;rport
Max-Forwards: 70
Contact: <sip:[email protected]:33193;rinstance=44caa2ed7edab880;transport=TLS>
To: "192.168.200.42"<sip:[email protected]>
From: "192.168.200.42"<sip:[email protected]>;tag=421d651c
Call-ID: N2Y0ZmI5YmI0NDhkNTE0YzFlZThjZmJhOTBkMjFkZGM.
CSeq: 2 REGISTER
Expires: 3600
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE, SUBSCRIBE, INFO
User-Agent: eyeBeam release 1004p stamp 31962
Authorization: Digest username="2000",realm="asterisk",nonce="1868ec7b",uri="sip:192.168.200.42;transport=tls",response="3c4cbaad34767408818171663ad7d697",algorithm=MD5
Content-Length: 0


<------------->
--- (13 headers 0 lines) ---
Sending to 192.168.200.22 : 1104 (NAT)
as02*CLI> 
<--- Transmitting (no NAT) to 192.168.200.22:33193 --->
SIP/2.0 100 Trying
Via: SIP/2.0/TLS 192.168.200.22:33193;branch=z9hG4bK-d87543-817caa491008f777-1--d87543-;received=192.168.200.22;rport=1104
From: "192.168.200.42"<sip:[email protected]>;tag=421d651c
To: "192.168.200.42"<sip:[email protected]>
Call-ID: N2Y0ZmI5YmI0NDhkNTE0YzFlZThjZmJhOTBkMjFkZGM.
CSeq: 2 REGISTER
User-Agent: Asterisk PBX SVN-bbryant-sip-tcptls-r76103-/trunk
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY
Supported: replaces
Contact: <sip:[email protected]>
Content-Length: 0


<------------>
[Aug  7 13:17:44] NOTICE[2756]: chan_sip.c:2147 __sip_xmit: Trying to put 'SIP/2.0 10' onto TLS socket...
[Aug  7 13:17:44] NOTICE[2756]: chan_sip.c:2748 parse_uri: Missing scheme 'sips:' in 'sip:[email protected]:33193;rinstance=44caa2ed7edab880;transport=TLS'
[Aug  7 13:17:44] NOTICE[2756]: chan_sip.c:8738 parse_register_contact: Not a valid SIP contact (missing sips:) trying to use anyway
as02*CLI> 
<--- Transmitting (no NAT) to 192.168.200.22:33193 --->
SIP/2.0 200 OK
Via: SIP/2.0/TLS 192.168.200.22:33193;branch=z9hG4bK-d87543-817caa491008f777-1--d87543-;received=192.168.200.22;rport=1104
From: "192.168.200.42"<sip:[email protected]>;tag=421d651c
To: "192.168.200.42"<sip:[email protected]>;tag=as3e1947d2
Call-ID: N2Y0ZmI5YmI0NDhkNTE0YzFlZThjZmJhOTBkMjFkZGM.
CSeq: 2 REGISTER
User-Agent: Asterisk PBX SVN-bbryant-sip-tcptls-r76103-/trunk
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY
Supported: replaces
Expires: 3600
Contact: <sip:[email protected]:33193;rinstance=44caa2ed7edab880;transport=TLS>;expires=3600
Date: Tue, 07 Aug 2007 11:17:44 GMT
Content-Length: 0


<------------>
[Aug  7 13:17:44] NOTICE[2756]: chan_sip.c:2147 __sip_xmit: Trying to put 'SIP/2.0 20' onto TLS socket...
Scheduling destruction of SIP dialog 'N2Y0ZmI5YmI0NDhkNTE0YzFlZThjZmJhOTBkMjFkZGM.' in 32000 ms (Method: REGISTER)
as02*CLI> 
<--- SIP read from TLS://192.168.200.22:1104 --->
REGISTER sip:192.168.200.42;transport=tls SIP/2.0
Via: SIP/2.0/TLS 192.168.200.22:33193;branch=z9hG4bK-d87543-8d52eb6c4d532620-1--d87543-;rport
Max-Forwards: 70
Contact: <sip:[email protected]:33193;rinstance=44caa2ed7edab880;transport=TLS>;expires=0
To: "192.168.200.42"<sip:[email protected]>
From: "192.168.200.42"<sip:[email protected]>;tag=421d651c
Call-ID: N2Y0ZmI5YmI0NDhkNTE0YzFlZThjZmJhOTBkMjFkZGM.
CSeq: 3 REGISTER
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE, SUBSCRIBE, INFO
User-Agent: eyeBeam release 1004p stamp 31962
Authorization: Digest username="2000",realm="asterisk",nonce="1868ec7b",uri="sip:192.168.200.42;transport=tls",response="3c4cbaad34767408818171663ad7d697",algorithm=MD5
Content-Length: 0


<------------->
--- (12 headers 0 lines) ---
Sending to 192.168.200.22 : 1104 (NAT)
as02*CLI> 
<--- Transmitting (no NAT) to 192.168.200.22:33193 --->
SIP/2.0 100 Trying
Via: SIP/2.0/TLS 192.168.200.22:33193;branch=z9hG4bK-d87543-8d52eb6c4d532620-1--d87543-;received=192.168.200.22;rport=1104
From: "192.168.200.42"<sip:[email protected]>;tag=421d651c
To: "192.168.200.42"<sip:[email protected]>
Call-ID: N2Y0ZmI5YmI0NDhkNTE0YzFlZThjZmJhOTBkMjFkZGM.
CSeq: 3 REGISTER
User-Agent: Asterisk PBX SVN-bbryant-sip-tcptls-r76103-/trunk
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY
Supported: replaces
Contact: <sip:[email protected]>
Content-Length: 0


<------------>
[Aug  7 13:17:44] NOTICE[2756]: chan_sip.c:2147 __sip_xmit: Trying to put 'SIP/2.0 10' onto TLS socket...
as02*CLI> 
<--- Transmitting (no NAT) to 192.168.200.22:33193 --->
SIP/2.0 200 OK
Via: SIP/2.0/TLS 192.168.200.22:33193;branch=z9hG4bK-d87543-8d52eb6c4d532620-1--d87543-;received=192.168.200.22;rport=1104
From: "192.168.200.42"<sip:[email protected]>;tag=421d651c
To: "192.168.200.42"<sip:[email protected]>;tag=as3e1947d2
Call-ID: N2Y0ZmI5YmI0NDhkNTE0YzFlZThjZmJhOTBkMjFkZGM.
CSeq: 3 REGISTER
User-Agent: Asterisk PBX SVN-bbryant-sip-tcptls-r76103-/trunk
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY
Supported: replaces
Expires: 3600
Contact: <sip:[email protected]>;expires=3600
Date: Tue, 07 Aug 2007 11:17:44 GMT
Content-Length: 0


<------------>
[Aug  7 13:17:44] NOTICE[2756]: chan_sip.c:2147 __sip_xmit: Trying to put 'SIP/2.0 20' onto TLS socket...
Scheduling destruction of SIP dialog 'N2Y0ZmI5YmI0NDhkNTE0YzFlZThjZmJhOTBkMjFkZGM.' in 32000 ms (Method: REGISTER)
as02*CLI> 
<--- SIP read from TLS://192.168.200.22:1104 --->
REGISTER sip:192.168.200.42;transport=tls SIP/2.0
Via: SIP/2.0/TLS 192.168.200.22:33193;branch=z9hG4bK-d87543-d84f852ce938bc41-1--d87543-;rport
Max-Forwards: 70
Contact: <sip:[email protected]:1104;transport=TLS;rinstance=9c3a08f024b1f45b>
To: "192.168.200.42"<sip:[email protected]>
From: "192.168.200.42"<sip:[email protected]>;tag=421d651c
Call-ID: N2Y0ZmI5YmI0NDhkNTE0YzFlZThjZmJhOTBkMjFkZGM.
CSeq: 4 REGISTER
Expires: 3600
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE, SUBSCRIBE, INFO
User-Agent: eyeBeam release 1004p stamp 31962
Authorization: Digest username="2000",realm="asterisk",nonce="1868ec7b",uri="sip:192.168.200.42;transport=tls",response="3c4cbaad34767408818171663ad7d697",algorithm=MD5
Content-Length: 0


<------------->
--- (13 headers 0 lines) ---
Sending to 192.168.200.22 : 1104 (NAT)
as02*CLI> 
<--- Transmitting (no NAT) to 192.168.200.22:33193 --->
SIP/2.0 100 Trying
Via: SIP/2.0/TLS 192.168.200.22:33193;branch=z9hG4bK-d87543-d84f852ce938bc41-1--d87543-;received=192.168.200.22;rport=1104
From: "192.168.200.42"<sip:[email protected]>;tag=421d651c
To: "192.168.200.42"<sip:[email protected]>
Call-ID: N2Y0ZmI5YmI0NDhkNTE0YzFlZThjZmJhOTBkMjFkZGM.
CSeq: 4 REGISTER
User-Agent: Asterisk PBX SVN-bbryant-sip-tcptls-r76103-/trunk
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY
Supported: replaces
Contact: <sip:[email protected]>
Content-Length: 0


<------------>
[Aug  7 13:17:45] NOTICE[2756]: chan_sip.c:2147 __sip_xmit: Trying to put 'SIP/2.0 10' onto TLS socket...
[Aug  7 13:17:45] NOTICE[2756]: chan_sip.c:2748 parse_uri: Missing scheme 'sips:' in 'sip:[email protected]:1104;transport=TLS;rinstance=9c3a08f024b1f45b'
[Aug  7 13:17:45] NOTICE[2756]: chan_sip.c:8738 parse_register_contact: Not a valid SIP contact (missing sips:) trying to use anyway
as02*CLI> 
<--- Transmitting (no NAT) to 192.168.200.22:33193 --->
SIP/2.0 200 OK
Via: SIP/2.0/TLS 192.168.200.22:33193;branch=z9hG4bK-d87543-d84f852ce938bc41-1--d87543-;received=192.168.200.22;rport=1104
From: "192.168.200.42"<sip:[email protected]>;tag=421d651c
To: "192.168.200.42"<sip:[email protected]>;tag=as3e1947d2
Call-ID: N2Y0ZmI5YmI0NDhkNTE0YzFlZThjZmJhOTBkMjFkZGM.
CSeq: 4 REGISTER
User-Agent: Asterisk PBX SVN-bbryant-sip-tcptls-r76103-/trunk
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY
Supported: replaces
Expires: 3600
Contact: <sip:[email protected]:1104;transport=TLS;rinstance=9c3a08f024b1f45b>;expires=3600
Date: Tue, 07 Aug 2007 11:17:45 GMT
Content-Length: 0


<------------>
[Aug  7 13:17:45] NOTICE[2756]: chan_sip.c:2147 __sip_xmit: Trying to put 'SIP/2.0 20' onto TLS socket...
Scheduling destruction of SIP dialog 'N2Y0ZmI5YmI0NDhkNTE0YzFlZThjZmJhOTBkMjFkZGM.' in 32000 ms (Method: REGISTER)
as02*CLI> 
<--- SIP read from TLS://192.168.200.22:1104 --->
SUBSCRIBE sip:[email protected];transport=tls SIP/2.0
Via: SIP/2.0/TLS 192.168.200.22:33193;branch=z9hG4bK-d87543-7b5d91216814d704-1--d87543-;rport
Max-Forwards: 70
Contact: <sip:[email protected]:1104;transport=TLS>
To: "192.168.200.42"<sip:[email protected]>
From: "192.168.200.42"<sip:[email protected]>;tag=270a956d
Call-ID: ZThiMWE0ZWQ2ZWMxYTBlMjA5ZDBiNzA3OGI4YjVlZDM.
CSeq: 1 SUBSCRIBE
Expires: 300
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE, SUBSCRIBE, INFO
User-Agent: eyeBeam release 1004p stamp 31962
Event: message-summary
Content-Length: 0


<------------->
--- (13 headers 0 lines) ---
Creating new subscription
Sending to 192.168.200.22 : 1104 (NAT)
[Aug  7 13:17:45] NOTICE[2756]: chan_sip.c:2748 parse_uri: Missing scheme 'sips:' in 'sip:[email protected]'
[Aug  7 13:17:45] NOTICE[2756]: chan_sip.c:10298 check_user_full: From address missing 'sips:', using it anyway
No matching peer for 'sip' from '192.168.200.22:1104'
Looking for 2000 in sip-general (domain 192.168.200.42)
as02*CLI> 
<--- Transmitting (NAT) to 192.168.200.22:1104 --->
SIP/2.0 404 Not Found
Via: SIP/2.0/TLS 192.168.200.22:33193;branch=z9hG4bK-d87543-7b5d91216814d704-1--d87543-;received=192.168.200.22;rport=1104
From: "192.168.200.42"<sip:[email protected]>;tag=270a956d
To: "192.168.200.42"<sip:[email protected]>;tag=as6542be3a
Call-ID: ZThiMWE0ZWQ2ZWMxYTBlMjA5ZDBiNzA3OGI4YjVlZDM.
CSeq: 1 SUBSCRIBE
User-Agent: Asterisk PBX SVN-bbryant-sip-tcptls-r76103-/trunk
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY
Supported: replaces
Content-Length: 0


<------------>
[Aug  7 13:17:45] NOTICE[2756]: chan_sip.c:2147 __sip_xmit: Trying to put 'SIP/2.0 40' onto TLS socket...
Really destroying SIP dialog 'ZThiMWE0ZWQ2ZWMxYTBlMjA5ZDBiNzA3OGI4YjVlZDM.' Method: SUBSCRIBE
Really destroying SIP dialog 'ODEzZDA2NjEyZGI0OTE5YzNjMTMxNjY1ZGY5MmMxNjE.' Method: REGISTER
.
.
.
.
.
.
.
.
.
[Aug  7 13:09:36] NOTICE[2756]: chan_sip.c:2147 __sip_xmit: Trying to put 'SIP/2.0 10' onto TLS socket...
[Aug  7 13:09:36] NOTICE[2756]: chan_sip.c:2748 parse_uri: Missing scheme 'sips:' in 'sip:[email protected]:1098;transport=TLS;rinstance=96d024db7dfe0777'
[Aug  7 13:09:36] NOTICE[2756]: chan_sip.c:8738 parse_register_contact: Not a valid SIP contact (missing sips:) trying to use anyway

SIP.conf

Code: 
[general]
port=5600
context=sip-general
disallow=all
allow=alaw
allow=ulaw
allow=gsm
language=en
canreinvite=no
tcpenable=yes
tlsenable=yes
tlscertfile=/asterisk.pem.cer

[2000]
type=friend
context=default
secret=1234
callerid=testuser2 <2000>
host=dynamic

[2001]
type=friend
context=default
secret=1234
callerid=testuser3 <2001>
host=dynamic

extensions.conf
Code: 
....
[default]
exten => _2XXX,1,Dial(SIP/${EXTEN})
.......


Könnte das an den Softphones liegen ??

Gruß, Jan

EDIT: Meine endgültige Bewertung: Asterisk mit TLS Support ist zu Zeit nicht zu gebrauchen. Die Anmeldung über TLS funktioniert zwar (glaube ich zumindest) aber ein Verbindungsaufbau zwischen zwei Telefonen findet nicht statt.
 
Zuletzt bearbeitet:
Um antworten zu können musst du eingeloggt sein.
Kostenlos!
Jetzt holen

Neueste Beiträge

Kategorien

Wissenswertes

Zurzeit aktive Besucher

Gesamt: 488 (Mitglieder: 21, Gäste: 467)

Statistik des Forums

Themen
248,520
Beiträge
2,293,418
Mitglieder
378,021
Neuestes Mitglied
secret-13

3CX jetzt einen Monat kostenlos testen

Die Verbindung, Zusammenarbeit und Kommunikation mit Ihrem Team und Ihren Kunden war noch nie so einfach. Nutzen Sie unsere kostenlose 30-Tage-Testversion und entdecken Sie die richtige Lösung für Ihr Unternehmen.

3CX start your free trial guy
Für diese E-Mail-Adresse besteht bereits ein 3CX-Konto. Sie werden zum Kundenportal weitergeleitet, wo Sie sich anmelden oder Ihr Passwort zurücksetzen können, falls Sie dieses vergessen haben.
| Style by ThemeHouse
XenPorta 2 PRO © Jason Axelrod of 8WAYRUN
Oben Unten