[asterisk-users] Asterisk registers with TLS, but sends out calls via UDP

Sebastian Damm damm at sipgate.de
Wed May 4 06:25:53 CDT 2016


Hi,

I have an Asterisk 13.8.2, which is supposed to be only a client to an
encrypted SIP service. All local phones are connected via UDP.

Since I can't use PJSIP (see my mailing list post from yesterday), I
tried configuring chan_sip to work that way. My settings are:

[general]
context=public
allowoverlap=no
udpbindaddr=0.0.0.
tlsbindaddr=0.0.0.0
tcpenable=yes
tcpbindaddr=0.0.0.0
tlsenable=yes
transport=udp
srvlookup=yes
tlscafile=/usr/local/etc/asterisk/keys/4cfd3c78.0
tlscapath=/usr/local/etc/asterisk/keys
tlsclientmethod=tlsv1
sipdebug = yes

register => tls://1234567@example.org:foobar@dev.example.org

[devtrunk]
type=peer
host=example.org
defaultuser=1234567
fromuser=1234567
remotesecret=foobar
transport=tls
outboundproxy=dev.example.org
context=carrier-in
encryption=yes

When I start up, I see my Asterisk doing a _sips._tcp SRV lookup, but
that's just for the registration, I guess. I also see it doing
_sip._udp SRV queries. I wouldn't know why it would have to do that.

The REGISTER packets are sent out via TLS, as I would expect.

When I issue a "sip show peer devtrunk" command, it tells me this:

  Prim.Transp. : TLS
  Allowed.Trsp : TLS

Looks okay to me. But when I place a call, Asterisk does this:

Reliably Transmitting (no NAT) to 2.3.4.5:5060:
INVITE sip:0123456789 at example.org SIP/2.0
Via: SIP/2.0/UDP 9.8.7.6:0;branch=z9hG4bK2974d534

It sends the packet out via UDP, and to the wrong host, since it
doesn't use the correct SRV entry and instead sends it to the UDP
server.

I did not generate a certificate for my Asterisk, because it only acts
as a client. I think, this shouldn't be needed.

Can anyone point me to where I misconfigured something? Or did I
stumble upon a bug? What would I have to do to make Asterisk use the
open TLS connection used for registering for outbound calls, too?

Best Regards,
Sebastian



More information about the asterisk-users mailing list