I have corrected the wrong port assigned in (25061) in the relay section on my configuration. I have set the value for dispatcher = 172.16.100.20 (ip of my dispatcher) -- leaving the port blank. I have already check the version both are version 2.3.4. I am still stuck in the same error: A TLS packet with unexpected length was received.
The only problem I see is that I cant establish the TCP part for the TLS connection. Again I have checked the versions of both mediaproxy relay and dispatcher to be the same 2.3.4 version. Sep 29 08:44:15 ws20 media-dispatcher[14419]: Main loop terminated. Sep 29 08:44:15 ws20 media-dispatcher[14481]: Log opened. Sep 29 08:44:15 ws20 media-dispatcher[14481]: warning: startSyslog is being deprecated and will be removed in 1.2.0. Use the start_syslog function instead. Sep 29 08:44:15 ws20 media-dispatcher[14481]: Starting MediaProxy Dispatcher 2.3.4 Sep 29 08:44:32 ws17 media-relay[4007]: Main loop terminated. Sep 29 08:44:36 ws17 media-relay[4261]: Log opened. Sep 29 08:44:36 ws17 media-relay[4261]: warning: startSyslog is being deprecated and will be removed in 1.2.0. Use the start_syslog function instead. Sep 29 08:44:36 ws17 media-relay[4261]: Starting MediaProxy Relay 2.3.4 Sep 29 08:44:37 ws17 media-relay[4261]: Set resource limit for maximum open file descriptors to 11000 Is there a command to check what version of mediaproxy i am using? Dan Pascu wrote: > > > On 25 Sep 2009, at 04:11, bay2x1 wrote: > >> >> I was able to determine that the relay is using TCP. > > The relay _never_ uses TCP. > >> I am encountering this error on the mediaproxy-relay machine >> >> Sep 24 18:38:44 media-relay[9744]: error: Connection with >> dispatcher at >> xxx.xxx.xxx:25061 was lost: TCP connection timed out. > > This only means that it could not connect on the TCP level (TLS works > on top of TCP, so it needs an established TCP connection before it > starts negotiating and establishing TLS on top of it). > In your case the first stage (establishing a TCP transport) has failed. > >> Sep 24 18:38:55 media-relay[9744]: error: Could not decode command/ >> sequence >> number pair from dispatcher: error >> Sep 24 18:39:05 media-relay[9744]: error: Could not decode command/ >> sequence >> number pair from dispatcher: error >> Sep 24 18:39:15 media-relay[9744]: error: Could not decode command/ >> sequence >> number pair from dispatcher: error >> > > make sure the relay and dispatcher version numbers match. > >> and on the mediaproxy-dispatcher >> >> Sep 24 18:31:46 media-dispatcher[19071]: error: Unknown command on >> management interface: ping >> Sep 24 18:31:56 media-dispatcher[19071]: error: Unknown command on >> management interface: ping >> Sep 24 18:32:06 media-dispatcher[19071]: error: Unknown command on >> management interface: ping > > ping was not meant to be used on the management interface. Unless you > manually send that command to the management interface for testing, I > suspect that you somehow got the 2 ports mixed. There are 2 ports used > by the dispatcher: 25060 used to listen for incoming relay connections > and communicate with the relays; 25061 is used for the management > interface, that can be used to obtain information about the dispatcher > and relays. In your case it sounds as if the relay connected to the > dispatcher management port (25061) instead of the standard relay port > (25060) > >> >> I have already set the value on the dispatcher config.ini >> >> listen_management = 0.0.0.0 >> >> ; Whether or not to use TLS on the management interface. Note that >> the same >> ; TLS credentials are used for both the relay and the management >> interface >> ; connections. >> ; >> ; Default value is yes. >> ; >> management_use_tls = yes >> >> ; Specify extra checks to be performed on the relay TLS credentials >> before >> ; considering the connection with the relay succesful. The passport is >> ; specified as a list of attribute/value pairs in the form: >> ; AN:value[, AN:value...] >> ; where the attribute name (AN) is one of the available attribute >> names from >> ; the X509 certificate subject: O, OU, CN, C, L, ST, EMAIL. The >> value is a >> ; string that has to match with the corresponding attribute value >> from the >> ; relay certificate. A wildcard (*) can be used in the value at the >> beginning >> ; or the end of the string to indicate that the corresponding >> attribute from >> ; the relay certificate must end with respectively to start with the >> given >> ; string (excluding the wildcard). >> ; For example using this passport: >> ; passport = O:AG Projects, CN:relay* >> ; means that a connection with a relay will only be accepted if the >> relay >> ; certificate subject has organization set to "AG Projects" and the >> common >> ; name starts with "relay". To specify that no additional identity >> checks >> ; need to be performed, use the keyword None. If passport is None, >> then only >> ; the certificate signature is verified agains the certificate >> authority in >> ; tls/ca.pem (signature is always verified even when passport is >> None). >> ; >> ; Default value is None. >> ; >> passport = None >> >> ; This option is similar to passport above, but applies to the >> management >> ; interface connections instead of relay connections. It specifies >> extra >> ; checks to be performed on the TLS credentials suplied by an entity >> that >> ; connects to the management interface. Please consult passport >> above for >> ; a detailed description of the possible values for this option. >> ; >> ; If management_use_tls is false, this option is ignored. >> ; >> ; Default value is None. >> ; >> management_passport = None >> >> What part did I misconfigure mediaproxy? > > Nothing in this config seems out of place. Did you specify the > dispatchers in the relay section and by any chance you used the wrong > port with them, like ip:25061 ? > > -- > Dan > > > > > _______________________________________________ > Users mailing list > [email protected] > http://lists.opensips.org/cgi-bin/mailman/listinfo/users > > ----- http://opensips.blogspot.com http://opensips.blogspot.com -- View this message in context: http://n2.nabble.com/Error-A-TLS-packet-with-unexpected-length-was-received-tp3415244p3732822.html Sent from the OpenSIPS - Users mailing list archive at Nabble.com. _______________________________________________ Users mailing list [email protected] http://lists.opensips.org/cgi-bin/mailman/listinfo/users
