"So, tls is required for wss?"

Yes, as of the last rfc.  It can work without it if the client software 
(browser) will accept it though by now most will treat it as insecure.  I 
forget whether sipML5 will but my guess would be no. 




-------- Original message --------
From: "Wilkins, Steve" <swwilk...@mitre.org> 
Date: 11/24/2017  9:57 AM  (GMT-08:00) 
To: "Kamailio (SER) - Users Mailing List" <sr-users@lists.kamailio.org> 
Subject: Re: [SR-Users] sipML5 through kamailio 
 
Hello SamyGo,
 
So, tls is required for wss?  I thought that when I set a listen to 
Kamailio-Server-IPAddress:10443 and I sent a request through that IP and Port, 
that Kamailio would at least see the request and attempt to do something with 
it.  I will go add tls and try again.  Thank you!
 
From: sr-users [mailto:sr-users-boun...@lists.kamailio.org] On Behalf Of SamyGo
Sent: Thursday, November 23, 2017 12:40 PM
To: Kamailio (SER) - Users Mailing List <sr-users@lists.kamailio.org>
Subject: Re: [SR-Users] sipML5 through kamailio
 
Can you clarify the IP addressing scheme as you've mentioned. There is no TLS 
interface?
Advertised address for 5060 but not for WSS interface. Both listen and 
advertise are public IPs ?
Also,you're handling WSS requests. Do you've xlog ines in the 
route[xhttp:request] to view when a request lands.!
 
My config has this:
 
#!substdef "!MY_IP_ADDR!123.134.156.167!g"
#!substdef "!MY_WS_PORT!6010!g"
#!substdef "!MY_WSS_PORT!6011!g"
 
listen=tcp:MY_IP_ADDR:MY_WS_PORT
listen=tls:MY_IP_ADDR:MY_WSS_PORT
 
Then the xhttp event route:
 
```
event_route[xhttp:request] {
        set_reply_close();
        set_reply_no_connect();
 
        #Deny any HTTP requests on any port other than WS/WSS ports.
        if ($Rp != MY_WS_PORT && $Rp != MY_WSS_PORT ) {
                xlog("L_WARN", "HTTP request received on $Rp\n");
                xhttp_reply("403", "Forbidden", "", "");
                exit;
        }
 
        #Handle HTTP(s) onwards.
        xlog("L_INFO", "HTTP Request Received\n");
```
 
 
On Thu, Nov 23, 2017 at 12:18 PM, Wilkins, Steve <swwilk...@mitre.org> wrote:
Hi Sammy,
 
First of all, thank you for taking the time to respond.
 
Yes, port 10443 is opened.  I have used this port before as asterisk’s WebRTC 
port and iptables shows it as open.  No, I can’t even get a registration using 
the configuration I listed.  I have an xdbg log statement right after the 
request_route, and I see nothing.  I do know that my xdbg logs are working 
though because, if I register or make a call using any sip tool, I see all my 
logging and everything works correctly.
 
-Steve
 
From: sr-users [mailto:sr-users-boun...@lists.kamailio.org] On Behalf Of SamyGo
Sent: Thursday, November 23, 2017 12:00 PM
To: Kamailio (SER) - Users Mailing List <sr-users@lists.kamailio.org>
Subject: Re: [SR-Users] sipML5 through kamailio
 
Hi Steve,
Can you confirm that port 10443 is reachable behind the NAT to Kamailio server, 
validate iptables too Does your SIPml5 demo client register successfully to 
Kamailio? are there enough xlog lines to print out if anything lands in 
Kamailio.
 
Regards,
Sammy
 
 
 
On Thu, Nov 23, 2017 at 11:34 AM, Wilkins, Steve <swwilk...@mitre.org> wrote:
Hello,
 
I am attempting to use sipML5 to test WebRTC.  I have not been successful in 
getting messages through to Kamailio though. I am running Kamailio 5.0.3 on 
Cento 7.
 
My listen’s in the kamailio configuration file are =>
listen=tcp:112.22.3.108:5060 advertise 34.226.187.61:5060
listen=udp:112.22.3.108:5060 advertise 34.226.187.61:5060
listen=tcp:112.22.3.108:10443 (which I will use in the sipML5 Expert mode)
 
My sipML5 settings are =>
Public Identity - sip:user1@112.22.3.108
Realm - 112.22.3.108
 
Export mode setting are =>
WebSocket Server URL - wss://112.22.3.108:10443 (I have also tried 
wss://112.22.3.108:10443/ws)
SIP outbound Proxy URL - udp://112.22.3.108:5060 (I have also left this blank)
 
When I make a call I see no Kamailio activity (I have logging at the start of 
request_route) so I am not sure where the configuration error is.  If I change 
the sipML5 configuration IP Address to use the asterisk IP Address, sipML5 
works.  My goal is to go WebRTC Client => Kamailio => Asterisk and eventually 
through some sort of media proxy.
 
Thank you,
-Steve
 
 

_______________________________________________
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

 

_______________________________________________
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

 
_______________________________________________
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Reply via email to