tls is not wss, and a moderately smart firewall will block tls on 443 wss is less likely to be blocked (need a deep packet inspection)
-giovanni On Thu, Oct 3, 2019 at 8:23 AM Tito Cumpen <[email protected]> wrote: > Thanks for the reply Giovanni, > > The restrictive firewall concern is the reason why I have tls sip running > on 443 already. Therefore I cannot account for the same destination > listening port within the same server. > > > On Wed, Oct 2, 2019, 11:17 PM Giovanni Maruzzelli <[email protected]> > wrote: > >> wss is a form of http(s) that goes "upgraded", has nothing to do with >> "usual" tls... >> usually you want to have wss on port 443, so clients on restrictive >> firewall can reach you (because firewall "thinks" is https) >> (for those restricted clients you then need a turn server able to listen >> tls on port 443 of another machine, so they can get srtp via another "like >> https") >> if you don't care about restrictive firewalls, then you can put wss on >> any port >> >> On Thu, Oct 3, 2019 at 4:06 AM Tito Cumpen <[email protected]> wrote: >> >>> Hello, >>> >>> I was wondering if sip tls and wss can use the same port to listen for >>> incoming connections? If not is a viable option to create two separate >>> servers and federate them for sip tls and wss? >>> >>> Thanks, >>> Tito >>> _______________________________________________ >>> Users mailing list >>> [email protected] >>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users >>> >> >> >> -- >> Sincerely, >> >> Giovanni Maruzzelli >> OpenTelecom.IT >> cell: +39 347 266 56 18 >> >> _______________________________________________ >> Users mailing list >> [email protected] >> http://lists.opensips.org/cgi-bin/mailman/listinfo/users >> > -- Sincerely, Giovanni Maruzzelli OpenTelecom.IT cell: +39 347 266 56 18
_______________________________________________ Users mailing list [email protected] http://lists.opensips.org/cgi-bin/mailman/listinfo/users
