[asterisk-users] tls on asterisk 13
Joshua Colp
jcolp at digium.com
Wed Jul 8 14:11:33 CDT 2015
ricky gutierrez wrote:
> Hi list , I'm doing some tests with asterisk 13.4 and tls, and failed
> to make it work, all my terminals spa Cisco 5XX
>
> look my cli
>
> [Jul 8 11:09:16] ERROR[14733]: pjsip:0<?>: tlsc0x7f539801 TLS
> connect() error: Connection refused [code=120111]
> [Jul 8 11:09:16] WARNING[14733]: pjsip:0<?>: tsx0x7f53a8008 Failed
> to send Request msg OPTIONS/cseq=48024 (tdta0x7f53c000dcb0)!
> err=120111 (Connection refused)
> [Jul 8 11:09:46] ERROR[14733]: pjsip:0<?>: tlsc0x7f539801 TLS
> connect() error: Connection refused [code=120111]
> [Jul 8 11:09:46] WARNING[14733]: pjsip:0<?>: tsx0x7f53a8008 Failed
> to send Request msg OPTIONS/cseq=31917 (tdta0x7f53c000dcb0)!
> err=120111 (Connection refused)
>
> someone has had good results with tls
>
> my config
> [transport-tls]
> type=transport
> protocol=tls
> bind=0.0.0.0:5061
> cert_file=/etc/asterisk/keys/asterisk.crt
> priv_key_file=/etc/asterisk/keys/asterisk.key
> method=tlsv1
>
> [XXXX]
> type=endpoint
> context=XX-Xip
> disallow=all
> allow=ulaw
> allow=alaw
> transport=transport-tls
> direct_media=no
> force_rport=yes
> rtp_symmetric=yes
> mailboxes=XXXX at default
> auth=XXXX
> aors=XXXX
> media_encryption=sdes
> dtmfmode=rfc4733
You probably want to add "rewrite_contact=yes" to your endpoint. This
will cause it to reuse the existing connection established from the
phone. Generally the port provided by the phone is not reachable.
--
Joshua Colp
Digium, Inc. | Senior Software Developer
445 Jan Davis Drive NW - Huntsville, AL 35806 - US
Check us out at: www.digium.com & www.asterisk.org
More information about the asterisk-users
mailing list