[asterisk-users] TLS/SRTP calls go to circuit busy.
mitch Johnson
mitch.johnson7 at gmail.com
Mon Feb 28 19:19:03 CST 2011
I'm in the process of testing a TLS/SRTP install. My experience is
improving with each new challenge, but this one is a great test of my 2
month experience with Asterisk.
When I dial 6003 from 6001, it takes 35 seconds until I get the error
message that 6003 is circuit-busy.
Any help would greatly be appreciated. Below is the error message and the
extensions and sip.conf files.
*CLI> == Using SIP RTP CoS mark 5
-- Executing [6003 at myphones:1] Set("SIP/6001-0000000c",
"_SIPSRTP_CRYPTO=enable") in new stack
-- Executing [6003 at myphones:2] Dial("SIP/6001-0000000c", "SIP/6003") in
new stack
== Using SIP RTP CoS mark 5
-- Called 6003
-- SIP/6003-0000000d is circuit-busy
== Everyone is busy/congested at this time (1:0/1/0)
-- Auto fallthrough, channel 'SIP/6001-0000000c' status is 'CONGESTION'
extensions.conf
[myphones]
;exten => 6001,1,Dial(SIP/6001)
;exten => 6001,2,Hangup()
exten => 6001,1,Set(_SIPSRTP_CRYPTO=enable)
exten => 6001,2,Dial(SIP/${EXTEN})
;exten => 6002,1,Dial(SIP/6002)
;exten => 6002,2,Hangup()
exten => 6002,1,Set(_SIPSRTP_CRYPTO=enable)
exten => 6002,2,Dial(SIP/${EXTEN})
;exten => 6003,1,Dial(SIP/6003)
;exten => 6003,2,Hangup()
exten => 6003,1,Set(_SIPSRTP_CRYPTO=enable)
exten => 6003,2,Dial(SIP/${EXTEN})
;exten => 6004,1,Dial(SIP/6004)
;exten => 6004,2,Hangup()
exten => 6004,1,Set(_SIPSRTP_CRYPTO=enable)
exten => 6004,2,Dial(SIP/${EXTEN})
exten => 6005,1,Dial(SIP/6005)
exten => 6005,2,Hangup()
;exten => 6005,1,Set(_SIPSRTP_CRYPTO=enable)
;exten => 6005,2,Dial(SIP/${EXTEN})
exten => 6006,1,Dial(SIP/6005)
exten => 6006,2,Hangup()
;exten => 6006,1,Set(_SIPSRTP_CRYPTO=enable)
;exten => 6006,2,Dial(SIP/${EXTEN})
exten => 600,1,NoOp( start)
exten => 600,n,NOOp( SECURE SIGNALING ${CHANNEL(secure_signaling)} )
exten => 600,n,NOOp( SECURE media ${CHANNEL(secure_media)} )
exten => 600,n,Answer()
exten => 600,n,Playback(demo-echotest)
exten => 600,n,Echo()
exten => _X.,1,Dial(SIP/CM8/${EXTEN:0},30,rt)
[general]
tlsenable=yes
tlsbindaddr=172.16.200.60
;tlsprivatekey=/usr/local/ssl/misc/asteriskkey.pem
;tlscertfile=/usr/local/ssl/misc/asteriskcert.pem
tlscertfile=/etc/asterisk/keys/asterisk.pem
tlscafile=/etc/asterisk/keys/ca.crt
tlscipher=ALL
;tlscafile=/usr/local/ssl/misc/demoCA/cacert.pem
tlsclientmethod=tlsv1
[6001]
type=friend
secret=erasmus123
callerid="Mitch-MacBook" <6001>
;nat=yes
host=dynamic
;canreinvite=no
context=myphones
allow=ulaw
allow=gsm
allow=g726
;transport=udp
transport=tls
encryption=yes
port=5061
regexten=6001
[6002]
type=friend
secret=erasmus123
callerid="Tami" <6002>
host=dynamic
canreinvite=no
context=myphones
allow=ulaw
allow=gsm
allow=g726
;transport=udp
transport=tls
encryption=yes
port=5061
regexten=6002
[6003]
type=friend
secret=erasmus123
callerid="iPad" <6003>
host=dynamic
;canreinvite=no
;nat=yes
context=myphones
allow=ulaw
allow=gsm
allow=g726
;transport=udp
transport=tls
encryption=yes
port=5061
regexten=6003
[6004]
type=friend
secret=erasmus123
callerid="iPhone-Mitch" <6004>
;nat=yes
host=dynamic
;canreinvite=no
context=myphones
allow=ulaw
allow=gsm
allow=g726
;transport=udp
transport=tls
encryption=yes
port=5061
regexten=6004
[6005]
type=friend
secret=erasmus123
callerid="SNOM" <6005>
host=dynamic
;canreinvite=no
context=myphones
allow=ulaw
allow=gsm
allow=g726
transport=udp
;transport=tls
;encryption=yes
;port=5061
regexten=6005
[6006]
type=friend
secret=erasmus123
callerid=" <6006>
host=dynamic
;canreinvite=no
context=myphones
allow=ulaw
allow=gsm
allow=g726
transport=udp
;transport=tls
;encryption=yes
;port=5061
regex
[CM8]
type=friend
host=172.16.200.100
;canreinvite=yes
;disallow=all
allow=ulaw
allow=ulaw
;qualify=yes
;nat=no
context=myphones
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20110228/ee25064a/attachment.htm>
More information about the asterisk-users
mailing list