Jump to content

sip trunk with TLS


laurent
 Share

Recommended Posts

Hello all,

 

I try to setup a sip trunk from snomone to an audiocode M1000 with tls.

 

we have generated a certificate for the M1000 and we have imported into the snomone the Root certificate.

We have done the same process (generation of a certificate) for the snome one

 

as you can see in the log bellow, the snomeone try to initiate the tls layer but it's not working.

 

bellow, log of the snom one (level 9) and attached the wireshark capture

tls_snomone_debug.zip

 

any idea ?

 

Laurent

 

 

[7] 2012/06/21 17:54:50:

 

UDP(IPv6): Opening socket on [::]

 

 

 

[8] 2012/06/21 17:54:50:

 

Trunk 2: sending discover message for sips.peoplefone.com

 

 

 

[5] 2012/06/21 17:54:50:

 

Set process affinity to 1

 

 

 

[9] 2012/06/21 17:54:50:

 

Resolve 1: discover 95.128.80.120

 

 

 

[8] 2012/06/21 17:54:50:

 

Trunk 2: Received reply for discover method

 

 

 

[8] 2012/06/21 17:54:50:

 

Trunk 2 (peoplefone) is associated with the following addresses: 95.128.80.120

 

 

 

[8] 2012/06/21 17:54:50:

 

Trunk peoplefone: Sending registration to sips.peoplefone.com

 

 

 

[9] 2012/06/21 17:54:50:

 

Resolve 2: url sip:sips.peoplefone.com

 

 

 

[9] 2012/06/21 17:54:50:

 

Resolve 2: naptr sips.peoplefone.com

 

 

 

[8] 2012/06/21 17:54:50:

 

DNS: Use DNS server 62.12.130.66

 

 

 

[8] 2012/06/21 17:54:50:

 

DNS: Request sips.peoplefone.com from server 62.12.130.66

 

 

 

[7] 2012/06/21 17:54:50:

 

UDP(IPv4): Opening socket on 0.0.0.0:5060

 

 

 

[8] 2012/06/21 17:54:50:

 

Joined multicast group 224.0.1.75

 

 

 

[7] 2012/06/21 17:54:50:

 

UDP(IPv6): Opening socket on [::]:5060

 

 

 

[7] 2012/06/21 17:54:50:

 

TCP(IPv4): Opening socket on 0.0.0.0:5060

 

 

 

[7] 2012/06/21 17:54:50:

 

TCP(IPv6): Opening socket on [::]:5060

 

 

 

[7] 2012/06/21 17:54:50:

 

TCP(IPv4): Opening socket on 0.0.0.0:5061

 

 

 

[7] 2012/06/21 17:54:50:

 

TCP(IPv6): Opening socket on [::]:5061

 

 

 

[8] 2012/06/21 17:54:51:

 

DNS: Add NAPTR sips.peoplefone.com (ttl=10800)

 

 

 

[9] 2012/06/21 17:54:51:

 

DNS: erasing NAPTR sips.peoplefone.com, id 1 retry count 1,

 

 

 

[9] 2012/06/21 17:54:51:

 

Resolve 2: naptr sips.peoplefone.com

 

 

 

[9] 2012/06/21 17:54:51:

 

Resolve 2: srv tls _sips._tcp.sips.peoplefone.com

 

 

 

[8] 2012/06/21 17:54:51:

 

DNS: Request _sips._tcp.sips.peoplefone.com from server 62.12.130.66

 

 

 

[8] 2012/06/21 17:54:51:

 

DNS: Add SRV _sips._tcp.sips.peoplefone.com 4 4 sips.peoplefone.com 5067

(ttl=2400)

 

 

 

[9] 2012/06/21 17:54:51:

 

DNS: erasing SRV _sips._tcp.sips.peoplefone.com, id 2 retry count 0,

 

 

 

[9] 2012/06/21 17:54:51:

 

Resolve 2: srv tls _sips._tcp.sips.peoplefone.com

 

 

 

[9] 2012/06/21 17:54:51:

 

Resolve 2: a tls sips.peoplefone.com 5067

 

 

 

[8] 2012/06/21 17:54:51:

 

DNS: Request sips.peoplefone.com from server 62.12.130.66

 

 

 

[8] 2012/06/21 17:54:51:

 

DNS: Add A sips.peoplefone.com 95.128.80.120 (ttl=2400)

 

 

 

[9] 2012/06/21 17:54:51:

 

DNS: erasing A sips.peoplefone.com, id 3 retry count 0,

 

 

 

[9] 2012/06/21 17:54:51:

 

Resolve 2: a tls sips.peoplefone.com 5067

 

 

 

[9] 2012/06/21 17:54:51:

 

Resolve 2: tls 95.128.80.120 5067

 

 

 

[8] 2012/06/21 17:54:51:

 

Received SIP connection 1 from 95.128.80.120:5067

 

 

 

[5] 2012/06/21 17:54:51:

 

SIP Tx tls:95.128.80.120:5067:

 

 

 

REGISTER sip:sips.peoplefone.com SIP/2.0

Via: SIP/2.0/TLS 192.168.1.46:15865;branch=z9hG4bK-64e099b010dd6030e1d4f0afb4a79f21;rport

From: "90543373418" <sip:90543373418@sips.peoplefone.com>;tag=13381

To: "90543373418" <sip:90543373418@sips.peoplefone.com>

Call-ID: hfx5bq0f@pbx

CSeq: 18149 REGISTER

Max-Forwards: 70

Contact: <sip:90543373418@192.168.1.46:15865;transport=tls;line=c81e728d>;+sip.instance="<urn:uuid:30f55c9a-396c-425e-9aa0-f8fe602dd1f2>"

User-Agent: snomONE/4.5.0.1075 Delta Aurigids

Supported: outbound

Expires: 3600

Content-Length: 0

 

 

 

 

 

[9] 2012/06/21 17:54:51:

 

SIP 95.128.80.120:5067: send_client_hello(03014fe343cb2fd047c4b9641603a25e2c4ee845c285ccb0d89f3a54fa6ee39ec1a0000004000400050100001c000000180016000013736970732e70656f706c65666f6e652e636f6d)

 

 

 

[1] 2012/06/21 17:54:51:

 

TCP: TOS could not be set, code 0

 

 

 

[5] 2012/06/21 17:54:51:

 

SIP 95.128.80.120:5067: Alert(2, 100)

 

 

 

[5] 2012/06/21 17:55:00:

 

Last message repeated 2 times

 

 

 

[5] 2012/06/21 17:55:00:

 

Table cdrt: Finished reading 6 rows

 

 

 

[5] 2012/06/21 17:55:00:

 

Table cdre: Finished reading 15 rows

 

 

 

[5] 2012/06/21 17:55:00:

 

Table cdri: Finished reading 6 rows

 

 

 

[5] 2012/06/21 17:55:22:

 

Registration on trunk 2 (peoplefone) failed with code 408. Retry in 60 seconds

 

 

 

[2] 2012/06/21 17:55:22:

 

Trunk status peoplefone (2) changed to "408 Request Timeout" (Registration failed, retry after 60 seconds)

 

 

 

[6] 2012/06/21 17:55:51:

 

SIP TCP/TLS timeout on 95.128.80.120:5067, closing connection

 

 

 

[9] 2012/06/21 17:55:51:

 

SIP 95.128.80.120:5067: send_alert(0100)

 

 

 

[8] 2012/06/21 17:55:51:

 

Release SIP thread 1

 

 

 

[0] 2012/06/21 17:55:58:

 

Administrator logged in from IP address 127.0.0.1, session 59wqvzj3mbs3wgkbqitx

 

 

 

[9] 2012/06/21 17:55:59:

 

Remote site 127.0.0.1 closed the connection

 

 

 

[9] 2012/06/21 17:56:06:

 

Last message repeated 3 times

 

 

 

[5] 2012/06/21 17:56:06:

 

Could not send 32960 bytes to 127.0.0.1, error code 10054

 

 

 

[9] 2012/06/21 17:56:06:

 

Remote site 127.0.0.1 closed the connection

 

 

 

[9] 2012/06/21 17:56:22:

 

Last message repeated 2 times

 

 

 

[8] 2012/06/21 17:56:22:

 

Trunk 2: Preparing for re-registration

 

 

 

[8] 2012/06/21 17:56:22:

 

Trunk 2: sending discover message for sips.peoplefone.com

 

 

 

[9] 2012/06/21 17:56:22:

 

Resolve 3: discover 95.128.80.120

 

 

 

[8] 2012/06/21 17:56:22:

 

Trunk 2: Received reply for discover method

 

 

 

[8] 2012/06/21 17:56:22:

 

Trunk 2 (peoplefone) is associated with the following addresses: 95.128.80.120

 

 

 

[8] 2012/06/21 17:56:22:

 

Trunk peoplefone: Sending registration to sips.peoplefone.com

 

 

 

[9] 2012/06/21 17:56:22:

 

Resolve 4: url sip:sips.peoplefone.com

 

 

 

[9] 2012/06/21 17:56:22:

 

Resolve 4: naptr sips.peoplefone.com

 

 

 

[9] 2012/06/21 17:56:22:

 

Resolve 4: srv tls _sips._tcp.sips.peoplefone.com

 

 

 

[9] 2012/06/21 17:56:22:

 

Resolve 4: a tls sips.peoplefone.com 5067

 

 

 

[9] 2012/06/21 17:56:22:

 

Resolve 4: tls 95.128.80.120 5067

 

 

 

[8] 2012/06/21 17:56:22:

 

Received SIP connection 2 from 95.128.80.120:5067

 

 

 

[5] 2012/06/21 17:56:22:

 

SIP Tx tls:95.128.80.120:5067:

 

 

 

REGISTER sip:sips.peoplefone.com SIP/2.0

Via: SIP/2.0/TLS 192.168.1.46:24771;branch=z9hG4bK-cbfe8b3e1d290c5c811789a9ff69417f;rport

From: "90543373418" <sip:90543373418@sips.peoplefone.com>;tag=13381

To: "90543373418" <sip:90543373418@sips.peoplefone.com>

Call-ID: hfx5bq0f@pbx

CSeq: 18150 REGISTER

Max-Forwards: 70

Contact: <sip:90543373418@192.168.1.46:24771;transport=tls;line=c81e728d>;+sip.instance="<urn:uuid:30f55c9a-396c-425e-9aa0-f8fe602dd1f2>"

User-Agent: snomONE/4.5.0.1075 Delta Aurigids

Supported: outbound

Expires: 3600

Content-Length: 0

 

 

 

 

 

[9] 2012/06/21 17:56:22:

 

SIP 95.128.80.120:5067: send_client_hello(03014fe34426679aea4ba212708e2e8e2442776eeff79e216839c50ba6a37ac6e8a4000004000400050100001c000000180016000013736970732e70656f706c65666f6e652e636f6d)

 

 

 

[1] 2012/06/21 17:56:22:

 

TCP: TOS could not be set, code 0

 

 

 

[5] 2012/06/21 17:56:22:

 

SIP 95.128.80.120:5067: Alert(2, 100)

 

 

 

[5] 2012/06/21 17:56:27:

 

Last message repeated 2 times

 

 

 

[9] 2012/06/21 17:56:27:

 

Remote site 127.0.0.1 closed the connection

 

 

 

[9] 2012/06/21 17:56:54:

 

Last message repeated 2 times

 

 

 

[5] 2012/06/21 17:56:54:

 

Registration on trunk 2 (peoplefone) failed with code 408. Retry in 60 seconds

 

 

 

[6] 2012/06/21 17:57:22:

 

SIP TCP/TLS timeout on 95.128.80.120:5067, closing connection

 

 

 

[9] 2012/06/21 17:57:22:

 

SIP 95.128.80.120:5067: send_alert(0100)

 

 

 

[8] 2012/06/21 17:57:22:

 

Release SIP thread 2

 

 

 

[8] 2012/06/21 17:57:54:

 

Trunk 2: Preparing for re-registration

 

 

 

[8] 2012/06/21 17:57:54:

 

Trunk 2: sending discover message for sips.peoplefone.com

 

 

 

[9] 2012/06/21 17:57:54:

 

Resolve 5: discover 95.128.80.120

 

 

 

[8] 2012/06/21 17:57:54:

 

Trunk 2: Received reply for discover method

 

 

 

[8] 2012/06/21 17:57:54:

 

Trunk 2 (peoplefone) is associated with the following addresses: 95.128.80.120

 

 

 

[8] 2012/06/21 17:57:54:

 

Trunk peoplefone: Sending registration to sips.peoplefone.com

 

 

 

[9] 2012/06/21 17:57:54:

 

Resolve 6: url sip:sips.peoplefone.com

 

 

 

[9] 2012/06/21 17:57:54:

 

Resolve 6: naptr sips.peoplefone.com

 

 

 

[9] 2012/06/21 17:57:54:

 

Resolve 6: srv tls _sips._tcp.sips.peoplefone.com

 

 

 

[9] 2012/06/21 17:57:54:

 

Resolve 6: a tls sips.peoplefone.com 5067

 

 

 

[9] 2012/06/21 17:57:54:

 

Resolve 6: tls 95.128.80.120 5067

 

 

 

[8] 2012/06/21 17:57:54:

 

Received SIP connection 3 from 95.128.80.120:5067

 

 

 

[5] 2012/06/21 17:57:54:

 

SIP Tx tls:95.128.80.120:5067:

 

 

 

REGISTER sip:sips.peoplefone.com SIP/2.0

Via: SIP/2.0/TLS 192.168.1.46:33753;branch=z9hG4bK-d4ee6ce7c65657f6ba23064c0b4d378b;rport

From: "90543373418" <sip:90543373418@sips.peoplefone.com>;tag=13381

To: "90543373418" <sip:90543373418@sips.peoplefone.com>

Call-ID: hfx5bq0f@pbx

CSeq: 18151 REGISTER

Max-Forwards: 70

Contact: <sip:90543373418@192.168.1.46:33753;transport=tls;line=c81e728d>;+sip.instance="<urn:uuid:30f55c9a-396c-425e-9aa0-f8fe602dd1f2>"

User-Agent: snomONE/4.5.0.1075 Delta Aurigids

Supported: outbound

Expires: 3600

Content-Length: 0

 

 

 

 

 

[9] 2012/06/21 17:57:54:

 

SIP 95.128.80.120:5067: send_client_hello(03014fe34482230c38b414df1934914e2c735fd3f3f9a821212f217fcf08deff4d3a000004000400050100001c000000180016000013736970732e70656f706c65666f6e652e636f6d)

 

 

 

[1] 2012/06/21 17:57:54:

 

TCP: TOS could not be set, code 0

 

 

 

[5] 2012/06/21 17:57:54:

 

SIP 95.128.80.120:5067: Alert(2, 100)

 

 

 

[5] 2012/06/21 17:58:26:

 

Last message repeated 2 times

 

 

 

[5] 2012/06/21 17:58:26:

 

Registration on trunk 2 (peoplefone) failed with code 408. Retry in 60 seconds

 

 

 

[6] 2012/06/21 17:58:54:

 

SIP TCP/TLS timeout on 95.128.80.120:5067, closing connection

 

 

 

[9] 2012/06/21 17:58:54:

 

SIP 95.128.80.120:5067: send_alert(0100)

 

 

 

[8] 2012/06/21 17:58:54:

 

Release SIP thread 3

 

 

 

[8] 2012/06/21 17:59:26:

 

Trunk 2: Preparing for re-registration

 

 

 

[8] 2012/06/21 17:59:26:

 

Trunk 2: sending discover message for sips.peoplefone.com

 

 

 

[9] 2012/06/21 17:59:26:

 

Resolve 7: discover 95.128.80.120

 

 

 

[8] 2012/06/21 17:59:26:

 

Trunk 2: Received reply for discover method

 

 

 

[8] 2012/06/21 17:59:26:

 

Trunk 2 (peoplefone) is associated with the following addresses: 95.128.80.120

 

 

 

[8] 2012/06/21 17:59:26:

 

Trunk peoplefone: Sending registration to sips.peoplefone.com

 

 

 

[9] 2012/06/21 17:59:26:

 

Resolve 8: url sip:sips.peoplefone.com

 

 

 

[9] 2012/06/21 17:59:26:

 

Resolve 8: naptr sips.peoplefone.com

 

 

 

[9] 2012/06/21 17:59:26:

 

Resolve 8: srv tls _sips._tcp.sips.peoplefone.com

 

 

 

[9] 2012/06/21 17:59:26:

 

Resolve 8: a tls sips.peoplefone.com 5067

 

 

 

[9] 2012/06/21 17:59:26:

 

Resolve 8: tls 95.128.80.120 5067

 

 

 

[8] 2012/06/21 17:59:26:

 

Received SIP connection 4 from 95.128.80.120:5067

 

 

 

[5] 2012/06/21 17:59:26:

 

SIP Tx tls:95.128.80.120:5067:

 

 

 

REGISTER sip:sips.peoplefone.com SIP/2.0

Via: SIP/2.0/TLS 192.168.1.46:42695;branch=z9hG4bK-5d88db26b7512642f482708035915439;rport

From: "90543373418" <sip:90543373418@sips.peoplefone.com>;tag=13381

To: "90543373418" <sip:90543373418@sips.peoplefone.com>

Call-ID: hfx5bq0f@pbx

CSeq: 18152 REGISTER

Max-Forwards: 70

Contact: <sip:90543373418@192.168.1.46:42695;transport=tls;line=c81e728d>;+sip.instance="<urn:uuid:30f55c9a-396c-425e-9aa0-f8fe602dd1f2>"

User-Agent: snomONE/4.5.0.1075 Delta Aurigids

Supported: outbound

Expires: 3600

Content-Length: 0

 

 

 

 

 

[9] 2012/06/21 17:59:26:

 

SIP 95.128.80.120:5067: send_client_hello(03014fe344de27b514a9f3895056db8d11d13c764c489f406e511a62fc89b447541c000004000400050100001c000000180016000013736970732e70656f706c65666f6e652e636f6d)

 

 

 

[1] 2012/06/21 17:59:26:

 

TCP: TOS could not be set, code 0

 

 

 

[5] 2012/06/21 17:59:26:

 

SIP 95.128.80.120:5067: Alert(2, 100)

 

 

 

[5] 2012/06/21 17:59:58:

 

Last message repeated 2 times

 

 

 

[5] 2012/06/21 17:59:58:

 

Registration on trunk 2 (peoplefone) failed with code 408. Retry in 60 seconds

 

 

 

[6] 2012/06/21 18:00:26:

 

SIP TCP/TLS timeout on 95.128.80.120:5067, closing connection

 

 

 

[9] 2012/06/21 18:00:26:

 

SIP 95.128.80.120:5067: send_alert(0100)

 

 

 

[8] 2012/06/21 18:00:26:

 

Release SIP thread 4

 

 

 

[8] 2012/06/21 18:00:58:

 

Trunk 2: Preparing for re-registration

 

 

 

[8] 2012/06/21 18:00:58:

 

Trunk 2: sending discover message for sips.peoplefone.com

 

 

 

[9] 2012/06/21 18:00:58:

 

Resolve 9: discover 95.128.80.120

 

 

 

[8] 2012/06/21 18:00:58:

 

Trunk 2: Received reply for discover method

 

 

 

[8] 2012/06/21 18:00:58:

 

Trunk 2 (peoplefone) is associated with the following addresses: 95.128.80.120

 

 

 

[8] 2012/06/21 18:00:58:

 

Trunk peoplefone: Sending registration to sips.peoplefone.com

 

 

 

[9] 2012/06/21 18:00:58:

 

Resolve 10: url sip:sips.peoplefone.com

 

 

 

[9] 2012/06/21 18:00:58:

 

Resolve 10: naptr sips.peoplefone.com

 

 

 

[9] 2012/06/21 18:00:58:

 

Resolve 10: srv tls _sips._tcp.sips.peoplefone.com

 

 

 

[9] 2012/06/21 18:00:58:

 

Resolve 10: a tls sips.peoplefone.com 5067

 

 

 

[9] 2012/06/21 18:00:58:

 

Resolve 10: tls 95.128.80.120 5067

 

 

 

[8] 2012/06/21 18:00:58:

 

Received SIP connection 5 from 95.128.80.120:5067

 

 

 

[5] 2012/06/21 18:00:58:

 

SIP Tx tls:95.128.80.120:5067:

 

 

 

REGISTER sip:sips.peoplefone.com SIP/2.0

Via: SIP/2.0/TLS 192.168.1.46:51681;branch=z9hG4bK-3c0fd8624723f2b9cbce15cb06177aef;rport

From: "90543373418" <sip:90543373418@sips.peoplefone.com>;tag=13381

To: "90543373418" <sip:90543373418@sips.peoplefone.com>

Call-ID: hfx5bq0f@pbx

CSeq: 18153 REGISTER

Max-Forwards: 70

Contact: <sip:90543373418@192.168.1.46:51681;transport=tls;line=c81e728d>;+sip.instance="<urn:uuid:30f55c9a-396c-425e-9aa0-f8fe602dd1f2>"

User-Agent: snomONE/4.5.0.1075 Delta Aurigids

Supported: outbound

Expires: 3600

Content-Length: 0

 

 

 

 

 

[9] 2012/06/21 18:00:58:

 

SIP 95.128.80.120:5067: send_client_hello(03014fe3453aacb4e33a8202ffa7687d14c384e52a30f0b6495e7f4a001b1c41a054000004000400050100001c000000180016000013736970732e70656f706c65666f6e652e636f6d)

 

 

 

[1] 2012/06/21 18:00:58:

 

TCP: TOS could not be set, code 0

 

 

 

[5] 2012/06/21 18:00:58:

 

SIP 95.128.80.120:5067: Alert(2, 100)

 

 

 

[5] 2012/06/21 18:01:17:

 

Last message repeated 2 times

 

 

 

[9] 2012/06/21 18:01:17:

 

Remote site 127.0.0.1 closed the connection

 

 

 

[5] 2012/06/21 18:01:30:

 

Registration on trunk 2 (peoplefone) failed with code 408. Retry in 60 seconds

 

 

 

[6] 2012/06/21 18:01:58:

 

SIP TCP/TLS timeout on 95.128.80.120:5067, closing connection

 

 

 

[9] 2012/06/21 18:01:58:

 

SIP 95.128.80.120:5067: send_alert(0100)

 

 

 

[8] 2012/06/21 18:01:58:

 

Release SIP thread 5

 

 

 

[8] 2012/06/21 18:02:30:

 

Trunk 2: Preparing for re-registration

 

 

 

[8] 2012/06/21 18:02:30:

 

Trunk 2: sending discover message for sips.peoplefone.com

 

 

 

[9] 2012/06/21 18:02:30:

 

Resolve 11: discover 95.128.80.120

 

 

 

[8] 2012/06/21 18:02:30:

 

Trunk 2: Received reply for discover method

 

 

 

[8] 2012/06/21 18:02:30:

 

Trunk 2 (peoplefone) is associated with the following addresses: 95.128.80.120

 

 

 

[8] 2012/06/21 18:02:30:

 

Trunk peoplefone: Sending registration to sips.peoplefone.com

 

 

 

[9] 2012/06/21 18:02:30:

 

Resolve 12: url sip:sips.peoplefone.com

 

 

 

[9] 2012/06/21 18:02:30:

 

Resolve 12: naptr sips.peoplefone.com

 

 

 

[9] 2012/06/21 18:02:30:

 

Resolve 12: srv tls _sips._tcp.sips.peoplefone.com

 

 

 

[9] 2012/06/21 18:02:30:

 

Resolve 12: a tls sips.peoplefone.com 5067

 

 

 

[9] 2012/06/21 18:02:30:

 

Resolve 12: tls 95.128.80.120 5067

 

 

 

[8] 2012/06/21 18:02:30:

 

Received SIP connection 6 from 95.128.80.120:5067

 

 

 

[5] 2012/06/21 18:02:30:

 

SIP Tx tls:95.128.80.120:5067:

 

 

 

REGISTER sip:sips.peoplefone.com SIP/2.0

Via: SIP/2.0/TLS 192.168.1.46:60645;branch=z9hG4bK-f5504575306277380e1e52c7e4d31347;rport

From: "90543373418" <sip:90543373418@sips.peoplefone.com>;tag=13381

To: "90543373418" <sip:90543373418@sips.peoplefone.com>

Call-ID: hfx5bq0f@pbx

CSeq: 18154 REGISTER

Max-Forwards: 70

Contact: <sip:90543373418@192.168.1.46:60645;transport=tls;line=c81e728d>;+sip.instance="<urn:uuid:30f55c9a-396c-425e-9aa0-f8fe602dd1f2>"

User-Agent: snomONE/4.5.0.1075 Delta Aurigids

Supported: outbound

Expires: 3600

Content-Length: 0

 

 

 

 

 

[9] 2012/06/21 18:02:30:

 

SIP 95.128.80.120:5067: send_client_hello(03014fe3459692c679951bb16d23f97146dc84949290fc41df14782440f84c4eb86d000004000400050100001c000000180016000013736970732e70656f706c65666f6e652e636f6d)

 

 

 

[1] 2012/06/21 18:02:30:

 

TCP: TOS could not be set, code 0

 

 

 

[5] 2012/06/21 18:02:30:

 

SIP 95.128.80.120:5067: Alert(2, 100)

 

 

 

[5] 2012/06/21 18:03:02:

 

Last message repeated 2 times

 

 

 

[5] 2012/06/21 18:03:02:

 

Registration on trunk 2 (peoplefone) failed with code 408. Retry in 60 seconds

Link to comment
Share on other sites

Hi, From the log you posted we send a TLS hello and we get nothing from the gateway so you get the error 100

 

Sent by the client in response to a hello request or by the

server in response to a client hello after initial handshaking.

Either of these would normally lead to renegotiation; when that

is not appropriate, the recipient should respond with this alert;

at that point, the original requester can decide whether to

proceed with the connection. One case where this would be

appropriate would be where a server has spawned a process to

satisfy a request; the process might receive security parameters

(key length, authentication, etc.) at startup and it might be

difficult to communicate changes to these parameters after that

point. This message is always a warning.

 

The gateway basicly dissalows the connection so it may not be accepting registrations as Mr X pointed out.

Link to comment
Share on other sites

Hello,

 

Yes I see that the TLS connection can not be started so the GW dont get the SIP message.

 

I have laready tryed to change the trunk type but same problem.

 

how can I debug the TLS negotiation ?

 

Laurent

 

Have you tried entering the M1000 certificate on the pbx in this order?

 

Trusted Root CA for server authentication

Trusted Root CA for client authentication

Domain certificate chain + private key

Server certificate chain + private key

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...