Oh you mean public cert on the TLS public side and a self signed cert on the inside? Meaning Kamailio would still be serving a n TLS? Record-route problem… that’s cool. I’ll try that. Thanks!
On Tue, 15 Aug 2023 at 20:49, Karsten Horsmann <[email protected]> wrote: > Hi, > > an benefit from using the AWS loadbalancer is the included DDOS > prevention. Jonas Swiatek gave that as tipp to me. > > He simple setup self-signed certs on the Kamailio behind the NLB > loadbalancer. > So it's > > Internet -> TLS NLB/AWS loadbalancer -> TLS self-signed Kamailio. > > Should solve your problems. > > Kind regards > Karsten Horsmann > > Henning Westerholt <[email protected]> schrieb am Sa., 12. Aug. 2023, 11:09: > >> Hello David, >> >> >> >> the simplest way is of course to just not use the AWS load-balancer. 😉 >> Do you have performance concerns using Kamailio for that purpose? >> >> >> >> As you probably know, SIP as a protocol is not really suited for this >> kind of cloud balancing infrastructure, which targets more HTTP and other >> protocols. And Kamailio in a load-balancer scenario is usually the first >> TLS/TCP/UDP endpoint to reach from the client point of view. >> >> >> >> Cheers, >> >> >> >> Henning >> >> >> >> -- >> >> Henning Westerholt – https://skalatan.de/blog/ >> >> Kamailio services – https://gilawa.com >> >> >> >> *From:* David Villasmil <[email protected]> >> *Sent:* Samstag, 12. August 2023 02:55 >> *To:* Kamailio (SER) - Users Mailing List <[email protected]> >> *Subject:* [SR-Users] Kamailio behind TLS-TCP load balancer >> >> >> >> Hello all, >> >> >> >> I’m having lots of problems when trying to configure Kamailio behind an >> AWS tls load balancer to offload tls and receive on tcp on Kamailio. >> Everything else inside is UDP. >> >> I found I need to manually add record-route presets every time and invite >> comes in. And when trying to forward an ACK to the client via tls/tcp load >> balancer Kamailio complaint the socket is not TLS so it fails. >> >> >> >> Is there a simpler way of doing this via some parameters I don’t know? >> >> >> >> Thanks for helping me with this! >> >> >> >> David >> >> -- >> >> Regards, >> >> >> >> David Villasmil >> >> email: [email protected] >> >> phone: +34669448337 >> > __________________________________________________________ > > >> Kamailio - Users Mailing List - Non Commercial Discussions >> To unsubscribe send an email to [email protected] >> Important: keep the mailing list in the recipients, do not reply only to >> the sender! >> Edit mailing list options or unsubscribe: >> > __________________________________________________________ > Kamailio - Users Mailing List - Non Commercial Discussions > To unsubscribe send an email to [email protected] > Important: keep the mailing list in the recipients, do not reply only to > the sender! > Edit mailing list options or unsubscribe: > -- Regards, David Villasmil email: [email protected] phone: +34669448337
__________________________________________________________ Kamailio - Users Mailing List - Non Commercial Discussions To unsubscribe send an email to [email protected] Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe:
