<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
On 07-10-14 12:32, Jonas Kellens wrote:<br>
<blockquote cite="mid:5433C158.8050501@telenet.be" type="cite">
<meta http-equiv="content-type" content="text/html;
charset=ISO-8859-1">
<font face="Helvetica, Arial, sans-serif">Hello,<br>
<br>
I am trying to setup a Grandstream GXP2160 IP-phone with secure
calling (SRTP).<br>
<br>
Secure signaling SSIP for registration is working great !<br>
<br>
I follow this guide : <a moz-do-not-send="true"
class="moz-txt-link-freetext"
href="https://wiki.asterisk.org/wiki/display/AST/Secure+Calling+Tutorial">https://wiki.asterisk.org/wiki/display/AST/Secure+Calling+Tutorial</a><br>
<br>
But when I try to make a call with SRTP, I get stuck. There is
an initial INVITE which is anwered with a 401. There should
follow a new INVITE with a nonce, but this does not happen. Any
idea why ? Is it the Grandstream IP-phone ??<br>
<br>
<br>
<br>
<--- SIP read from TLS:my.pub.lic.ip:53416 ---><br>
INVITE <a moz-do-not-send="true"
class="moz-txt-link-abbreviated"
href="mailto:sip:0123123123@ast.ser.ver.ip:5061">sip:0123123123@ast.ser.ver.ip:5061</a>
SIP/2.0<br>
Via: SIP/2.0/TLS
192.168.1.104:5068;branch=z9hG4bK60724585;rport;alias<br>
From: <a moz-do-not-send="true" class="moz-txt-link-rfc2396E"
href="mailto:sip:testacc77005@ast.ser.ver.ip:5061"><sip:testacc77005@ast.ser.ver.ip:5061></a>;tag=263162018<br>
To: <a moz-do-not-send="true" class="moz-txt-link-rfc2396E"
href="mailto:sip:0123123123@ast.ser.ver.ip:5061"><sip:0123123123@ast.ser.ver.ip:5061></a><br>
Call-ID: <a moz-do-not-send="true"
class="moz-txt-link-abbreviated"
href="mailto:1695864968-5068-8@BJC.BGI.B.BAE">1695864968-5068-8@BJC.BGI.B.BAE</a><br>
CSeq: 50 INVITE<br>
Contact: <a moz-do-not-send="true"
class="moz-txt-link-rfc2396E"
href="mailto:sips:testacc77005@192.168.1.104:5068;transport=tls"><sips:testacc77005@192.168.1.104:5068;transport=tls></a><br>
X-Grandstream-PBX: true<br>
Max-Forwards: 70<br>
User-Agent: Grandstream GXP2160 1.0.2.9<br>
Privacy: none<br>
P-Preferred-Identity: <a moz-do-not-send="true"
class="moz-txt-link-rfc2396E"
href="mailto:sip:testacc77005@ast.ser.ver.ip:5061"><sip:testacc77005@ast.ser.ver.ip:5061></a><br>
Supported: replaces, path, timer<br>
Allow: INVITE, ACK, OPTIONS, CANCEL, BYE, SUBSCRIBE, NOTIFY,
INFO, REFER, UPDATE, MESSAGE<br>
Content-Type: application/sdp<br>
Accept: application/sdp, application/dtmf-relay<br>
Content-Length: 522<br>
<br>
v=0<br>
o=testacc77005 8004 8000 IN IP4 192.168.1.104<br>
s=SIP Call<br>
c=IN IP4 192.168.1.104<br>
t=0 0<br>
m=audio 5020 RTP/SAVP 0 8 18 9 2 101<br>
a=sendrecv<br>
a=rtpmap:0 PCMU/8000<br>
a=ptime:20<br>
a=rtpmap:8 PCMA/8000<br>
a=rtpmap:18 G729/8000<br>
a=fmtp:18 annexb=no<br>
a=rtpmap:9 G722/8000<br>
a=rtpmap:2 G726-32/8000<br>
a=rtpmap:101 telephone-event/8000<br>
a=fmtp:101 0-15<br>
a=crypto:1 AES_CM_128_HMAC_SHA1_80
inline:8m7ZfG+0t3KBFGK40IfDO11SZ6D54glKKIwdgo00|2^32<br>
a=crypto:2 AES_CM_128_HMAC_SHA1_32
inline:nn+id/sSK7OErMfnZZduKNPLejpscxx1vUQB2seO|2^32<br>
<br>
<br>
<--- Reliably Transmitting (NAT) to my.pub.lic.ip:53416
---><br>
SIP/2.0 401 Unauthorized<br>
Via: SIP/2.0/TLS
192.168.1.104:5068;branch=z9hG4bK60724585;alias;received=my.pub.lic.ip;rport=53416<br>
From: <a moz-do-not-send="true" class="moz-txt-link-rfc2396E"
href="mailto:sip:testacc77005@ast.ser.ver.ip:5061"><sip:testacc77005@ast.ser.ver.ip:5061></a>;tag=263162018<br>
To: <a moz-do-not-send="true" class="moz-txt-link-rfc2396E"
href="mailto:sip:0123123123@ast.ser.ver.ip:5061"><sip:0123123123@ast.ser.ver.ip:5061></a>;tag=as1e527556<br>
Call-ID: <a moz-do-not-send="true"
class="moz-txt-link-abbreviated"
href="mailto:1695864968-5068-8@BJC.BGI.B.BAE">1695864968-5068-8@BJC.BGI.B.BAE</a><br>
CSeq: 50 INVITE<br>
Server: mydomain<br>
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE,
NOTIFY, INFO, PUBLISH<br>
Supported: replaces, timer<br>
WWW-Authenticate: Digest algorithm=MD5, realm="mydomain.be",
nonce="13b47342"<br>
Content-Length: 0<br>
<br>
<br>
<--- SIP read from TLS:my.pub.lic.ip:53416 ---><br>
ACK <a moz-do-not-send="true" class="moz-txt-link-abbreviated"
href="mailto:sip:0123123123@ast.ser.ver.ip:5061">sip:0123123123@ast.ser.ver.ip:5061</a>
SIP/2.0<br>
Via: SIP/2.0/TLS
192.168.1.104:5068;branch=z9hG4bK60724585;rport;alias<br>
From: <a moz-do-not-send="true" class="moz-txt-link-rfc2396E"
href="mailto:sip:testacc77005@ast.ser.ver.ip:5061"><sip:testacc77005@ast.ser.ver.ip:5061></a>;tag=263162018<br>
To: <a moz-do-not-send="true" class="moz-txt-link-rfc2396E"
href="mailto:sip:0123123123@ast.ser.ver.ip:5061"><sip:0123123123@ast.ser.ver.ip:5061></a>;tag=as1e527556<br>
Call-ID: <a moz-do-not-send="true"
class="moz-txt-link-abbreviated"
href="mailto:1695864968-5068-8@BJC.BGI.B.BAE">1695864968-5068-8@BJC.BGI.B.BAE</a><br>
CSeq: 50 ACK<br>
Content-Length: 0</font><br>
</blockquote>
<font face="Helvetica, Arial, sans-serif"><br>
<br>
Hello,<br>
<br>
I seem to have the same problem with Snom 370 IP-phone.
Registration works fine ! But I can not make calls with encrypted
rtp.<br>
<br>
<br>
<--- SIP read from TLS:my.pub.lic.ip:1068 ---><br>
INVITE <a class="moz-txt-link-abbreviated" href="mailto:sip:0123123123@ast.ser.ver.ip;user=phone">sip:0123123123@ast.ser.ver.ip;user=phone</a> SIP/2.0<br>
Via: SIP/2.0/TLS
192.168.1.107:1068;branch=z9hG4bK-gxm8w1q7l2co;rport<br>
From: <a class="moz-txt-link-rfc2396E" href="mailto:sip:testacc77003@ast.ser.ver.ip"><sip:testacc77003@ast.ser.ver.ip></a>;tag=zdwiwg10qx<br>
To: <a class="moz-txt-link-rfc2396E" href="mailto:sip:0123123123@ast.ser.ver.ip;user=phone"><sip:0123123123@ast.ser.ver.ip;user=phone></a><br>
Call-ID: 3c2679977b67-9j0euqvseh5v<br>
CSeq: 1 INVITE<br>
Max-Forwards: 70<br>
Contact:
<a class="moz-txt-link-rfc2396E" href="mailto:sip:testacc77003@192.168.1.107:1068;transport=tls"><sip:testacc77003@192.168.1.107:1068;transport=tls></a>;reg-id=1<br>
X-Serialnumber: 0004132E2809<br>
P-Key-Flags: resolution="31x13", keys="4"<br>
User-Agent: snom370/8.4.35<br>
Accept: application/sdp<br>
Allow: INVITE, ACK, CANCEL, BYE, REFER, OPTIONS, NOTIFY,
SUBSCRIBE, PRACK, MESSAGE, INFO, UPDATE<br>
Allow-Events: talk, hold, refer, call-info<br>
Supported: timer, 100rel, replaces, from-change<br>
Call-Info: <sip:ast.ser.ver.ip>;appearance-index=1<br>
Session-Expires: 3600;refresher=uas<br>
Min-SE: 90<br>
Content-Type: application/sdp<br>
Content-Length: 632<br>
<br>
v=0<br>
o=root 1052895538 1052895538 IN IP4 192.168.1.107<br>
s=call<br>
c=IN IP4 192.168.1.107<br>
t=0 0<br>
m=audio 65418 RTP/SAVP 8 3 18 99 101<br>
a=crypto:1 AES_CM_128_HMAC_SHA1_80
inline:KiXn5H+mKwavoDNa1PfnBqPoODTnxK6hOlWSNJM7<br>
a=rtpmap:8 PCMA/8000<br>
a=rtpmap:3 GSM/8000<br>
a=rtpmap:18 G729/8000<br>
a=fmtp:18 annexb=no<br>
a=rtpmap:99 G726-32/8000<br>
a=rtpmap:101 telephone-event/8000<br>
a=fmtp:101 0-16<br>
a=ptime:20<br>
a=sendrecv<br>
m=audio 65418 RTP/AVP 8 3 18 99 101<br>
a=rtpmap:8 PCMA/8000<br>
a=rtpmap:3 GSM/8000<br>
a=rtpmap:18 G729/8000<br>
a=fmtp:18 annexb=no<br>
a=rtpmap:99 G726-32/8000<br>
a=rtpmap:101 telephone-event/8000<br>
a=fmtp:101 0-16<br>
a=ptime:20<br>
a=sendrecv<br>
<-------------><br>
<br>
<br>
<br>
<--- Reliably Transmitting (NAT) to my.pub.lic.ip:1068 ---><br>
SIP/2.0 401 Unauthorized<br>
Via: SIP/2.0/TLS
192.168.1.107:1068;branch=z9hG4bK-gxm8w1q7l2co;received=my.pub.lic.ip;rport=1068<br>
From: <a class="moz-txt-link-rfc2396E" href="mailto:sip:testacc77003@ast.ser.ver.ip"><sip:testacc77003@ast.ser.ver.ip></a>;tag=zdwiwg10qx<br>
To:
<a class="moz-txt-link-rfc2396E" href="mailto:sip:0123123123@ast.ser.ver.ip;user=phone"><sip:0123123123@ast.ser.ver.ip;user=phone></a>;tag=as1cd819c5<br>
Call-ID: 3c2679977b67-9j0euqvseh5v<br>
CSeq: 1 INVITE<br>
Server: mydomain<br>
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE,
NOTIFY, INFO, PUBLISH<br>
Supported: replaces, timer<br>
WWW-Authenticate: Digest algorithm=MD5, realm="mydomain.be",
nonce="323823f6"<br>
Content-Length: 0<br>
<br>
<br>
<------------><br>
<br>
<--- SIP read from TLS:my.pub.lic.ip:1068 ---><br>
ACK <a class="moz-txt-link-abbreviated" href="mailto:sip:0123123123@ast.ser.ver.ip;user=phone">sip:0123123123@ast.ser.ver.ip;user=phone</a> SIP/2.0<br>
Via: SIP/2.0/TLS
192.168.1.107:1068;branch=z9hG4bK-gxm8w1q7l2co;rport<br>
From: <a class="moz-txt-link-rfc2396E" href="mailto:sip:testacc77003@ast.ser.ver.ip"><sip:testacc77003@ast.ser.ver.ip></a>;tag=zdwiwg10qx<br>
To:
<a class="moz-txt-link-rfc2396E" href="mailto:sip:0123123123@ast.ser.ver.ip;user=phone"><sip:0123123123@ast.ser.ver.ip;user=phone></a>;tag=as1cd819c5<br>
Call-ID: 3c2679977b67-9j0euqvseh5v<br>
CSeq: 1 ACK<br>
Max-Forwards: 70<br>
Contact:
<a class="moz-txt-link-rfc2396E" href="mailto:sip:testacc77003@192.168.1.107:1068;transport=tls"><sip:testacc77003@192.168.1.107:1068;transport=tls></a>;reg-id=1<br>
Content-Length: 0<br>
<br>
<-------------><br>
<br>
<br>
<br>
Any feedback is welcome.<br>
<br>
<br>
Jonas<br>
<br>
<br>
</font><br>
</body>
</html>