On Tue, Sep 3, 2013 at 8:58 AM, Thorsten Göllner <[email protected]> wrote: > Hi, > > I use Asterisk 11.5.1 and it works fine. :) > > Now I want to use TLS and media encryption. I followed this guide: > https://wiki.asterisk.org/wiki/display/AST/Secure+Calling+Tutorial > > When I place a call via Blink-Client (0.5.0) I get connected and Blink shows > 2 locks. The blue lock shows "Signaling is encrypted using TLS" and the > orange lock shows "Media is encrypted using sRTP". BUT i hear no audio. > After ~60 seconds I get the following message: > NOTICE[21005]: chan_sip.c:28800 check_rtp_timeout: Disconnecting call > 'SIP/tgoellner-0000002c' for lack of RTP activity in 62 seconds > > "sip show peers" shows me, that my Blink-Client is registered on port 60071. > All other SIP-Clients (no TLS an no media encryption) are registered at port > 5060. > > I tried to open the tcp and udp port range from 10000 to 61000 (in > iptables). But with no success. > > I am not sure, but I think it's a firewall/NAT problem?! (Yes, my client is > behind a router > NAT) > > Any idea?
It would help to wireshark or tcpdump on the system and see if you can verify what is happening on the wire (both on the client side and Asterisk side). Then turn on RTP debug in Asterisk and compare that to what you see on the wire. You could always try putting a separate, isolated machine temporarily in a DMZ, then try the same configuration there. If it works there, you can capture the successful traffic and see what ports and things you need open on the firewalled system. -- Rusty Newton Digium, Inc. | Community Support Manager 445 Jan Davis Drive NW - Huntsville, AL 35806 - US direct: +1 256 428 6200 Check us out at: http://digium.com & http://asterisk.org -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
