DTLS - No works outside LAN

brunopiras · December 5, 2021, 12:23pm

Hello, everyone,

I’ve been running my home asterisk for about a year now, and thanks to your contributions, it’s working great with lots of functionality. Now I feel the need to encrypt the communication between two soft phones (Groundwire), everything is fine if they are inside the LAN or in vpn if I put the internal ip of the asterisk server, but when I’m outside with “mobile” connections I do not hear the audio and after 30 seconds the communication drops, I’ve read a lot but everyone says it is a NAT problem that I can not really solve.
Thank you all.

I post below a debug:

SIP Debugging Enabled for IP: 101.185.121.158

<--- SIP read from TLS:101.185.121.158:30204 --->
SIP/2.0 200 OK
Via: SIP/2.0/TLS 192.168.1.10:5061;branch=z9hG4bK3d8121f5;rport=5061;received=XXX.XXX.XXX.XXX
Contact: <sips:TLSEXT@10.108.110.45:5060;transport=tcp>
From: "asterisk" <sip:asterisk@XXX.XXX.XXX.XXX>;tag=as2c5cb2c5
Call-ID: 195A5ABC3DEF79FF7E1E02AD6303353C08D084A3
CSeq: 102 NOTIFY
To: <sip:sips:TLSEXT@10.108.110.45:5060;transport=tcp>;tag=53D79E0883CEA882EF49E15C7ED86FFE
Allow: ACK, BYE, CANCEL, INFO, INVITE, NOTIFY, OPTIONS, REFER
Supported: replaces, path
User-Agent: GroundWire
Content-Length: 0

<------------->
--- (11 headers 0 lines) ---
[2021-12-05 12:59:37] NOTICE[32763]: chan_sip.c:15893 sip_reregister:    -- Re-registration for  5406457609@sip.messagenet.it
[2021-12-05 12:59:37] NOTICE[32763]: chan_sip.c:24961 handle_response_register: Outbound Registration: Expiry for sip.messagenet.it is 60 sec (Scheduling reregistration in 45 s)
[2021-12-05 12:59:40] NOTICE[32763]: chan_sip.c:15893 sip_reregister:    -- Re-registration for  287162@amsterdam1.voip.ms
[2021-12-05 12:59:40] NOTICE[32763]: chan_sip.c:24961 handle_response_register: Outbound Registration: Expiry for amsterdam1.voip.ms is 60 sec (Scheduling reregistration in 45 s)

<--- SIP read from TLS:101.185.121.158:30204 --->
INVITE sips:600@XXX.XXX.XXX.XXX:5061 SIP/2.0
Via: SIP/2.0/TLS 10.108.110.45:5060;branch=z9hG4bKQEvsghrVa24dlhCo;rport
Contact: <sips:TLSEXT@10.108.110.45:5060;transport=tcp>
Max-Forwards: 70
From: <sips:TLSEXT@XXX.XXX.XXX.XXX:5061>;tag=7AF93372B450A77F70AB51B51EB93399
Allow: ACK, BYE, CANCEL, INFO, INVITE, NOTIFY, OPTIONS, REFER
Supported: replaces, path
Accept-Language: it-IT
To: <sips:600@XXX.XXX.XXX.XXX:5061>
Content-Type: application/sdp
Call-ID: FDF50F11F9988CA3680C8535B004A670BE012F3B
CSeq: 1 INVITE
User-Agent: GroundWire
Content-Length: 1148

v=0
o=- 2123655856 50073 IN IP4 172.26.170.170
s=awyxakm
c=IN IP4 10.108.110.45
t=0 0
m=audio 10064 RTP/SAVPF 8 0 9 101
a=rtcp-mux
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-15
a=ice-ufrag:2C4346
a=ice-pwd:DAEBB8909D29FF6B6D5AD484530951A3
a=candidate:usps+6SK1M4DgMAmqRCj 1 UDP 2130706431 10.108.110.45 10064 typ host
a=candidate:4MJ/yJgQd4NL7aw+EBoj 1 UDP 2130706175 10.254.254.254 10064 typ host
a=candidate:aSo3+UiV4xc+w7szWYip 1 UDP 2130705919 FD74:6572:6D6E:7573:C:9370:B00E:98CC 10064 typ host
a=candidate:di6NuGBtBpy+l/gJ0ZuX 1 UDP 2130705663 FD74:6572:6D6E:7573:D:9370:B00E:98CC 10064 typ host
a=candidate:usps+6SK1M4DgMAmqRCj 2 UDP 2130706430 10.108.110.45 10065 typ host
a=candidate:4MJ/yJgQd4NL7aw+EBoj 2 UDP 2130706174 10.254.254.254 10065 typ host
a=candidate:aSo3+UiV4xc+w7szWYip 2 UDP 2130705918 FD74:6572:6D6E:7573:C:9370:B00E:98CC 10065 typ host
a=candidate:di6NuGBtBpy+l/gJ0ZuX 2 UDP 2130705662 FD74:6572:6D6E:7573:D:9370:B00E:98CC 10065 typ host
a=ptime:30
a=sendrecv
a=setup:actpass
a=fingerprint:sha-256 48:DB:AC:2E:52:C8:B5:1C:91:5D:B0:41:DA:71:EB:2B:33:28:65:ED:63:6D:26:01:A9:B1:1C:2F:84:5B:36:91
<------------->
--- (14 headers 23 lines) ---
Sending to 101.185.121.158:30204 (NAT)
Sending to 101.185.121.158:30204 (NAT)
Using INVITE request as basis request - FDF50F11F9988CA3680C8535B004A670BE012F3B
Found peer 'TLSEXT' for 'TLSEXT' from 101.185.121.158:30204

<--- Reliably Transmitting (NAT) to 101.185.121.158:30204 --->
SIP/2.0 401 Unauthorized
Via: SIP/2.0/TLS 10.108.110.45:5060;branch=z9hG4bKQEvsghrVa24dlhCo;received=101.185.121.158;rport=30204
From: <sips:TLSEXT@XXX.XXX.XXX.XXX:5061>;tag=7AF93372B450A77F70AB51B51EB93399
To: <sips:600@XXX.XXX.XXX.XXX:5061>;tag=as1750b639
Call-ID: FDF50F11F9988CA3680C8535B004A670BE012F3B
CSeq: 1 INVITE
Server: APU2R
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
Supported: replaces, timer
WWW-Authenticate: Digest algorithm=MD5, realm="apu2R", nonce="7bbd57f3"
Content-Length: 0


<------------>
Scheduling destruction of SIP dialog 'FDF50F11F9988CA3680C8535B004A670BE012F3B' in 19520 ms (Method: INVITE)

<--- SIP read from TLS:101.185.121.158:30204 --->
ACK sips:600@XXX.XXX.XXX.XXX:5061 SIP/2.0
Via: SIP/2.0/TLS 10.108.110.45:5060;branch=z9hG4bKQEvsghrVa24dlhCo;rport
Max-Forwards: 70
Call-ID: FDF50F11F9988CA3680C8535B004A670BE012F3B
From: <sips:TLSEXT@XXX.XXX.XXX.XXX:5061>;tag=7AF93372B450A77F70AB51B51EB93399
To: <sips:600@XXX.XXX.XXX.XXX:5061>;tag=as1750b639
CSeq: 1 ACK
User-Agent: GroundWire
Content-Length: 0

<------------->
--- (9 headers 0 lines) ---

<--- SIP read from TLS:101.185.121.158:30204 --->
INVITE sips:600@XXX.XXX.XXX.XXX:5061 SIP/2.0
Via: SIP/2.0/TLS 10.108.110.45:5060;branch=z9hG4bKwaokgeqljfvibctk;rport
Contact: <sips:TLSEXT@10.108.110.45:5060;transport=tcp>
Max-Forwards: 70
From: <sips:TLSEXT@XXX.XXX.XXX.XXX:5061>;tag=7AF93372B450A77F70AB51B51EB93399
Allow: ACK, BYE, CANCEL, INFO, INVITE, NOTIFY, OPTIONS, REFER
Supported: replaces, path
Accept-Language: it-IT
To: <sips:600@XXX.XXX.XXX.XXX:5061>
Content-Type: application/sdp
Call-ID: FDF50F11F9988CA3680C8535B004A670BE012F3B
CSeq: 2 INVITE
Authorization: Digest username="TLSEXT",realm="apu2R",algorithm=MD5,uri="sips:600@XXX.XXX.XXX.XXX:5061",nonce="7bbd57f3",response="228eb8fae6a947cdf990a97e19e8c4ac"
User-Agent: GroundWire
Content-Length: 1148

v=0
o=- 2123655856 50073 IN IP4 172.26.170.170
s=awyxakm
c=IN IP4 10.108.110.45
t=0 0
m=audio 10064 RTP/SAVPF 8 0 9 101
a=rtcp-mux
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-15
a=ice-ufrag:2C4346
a=ice-pwd:DAEBB8909D29FF6B6D5AD484530951A3
a=candidate:usps+6SK1M4DgMAmqRCj 1 UDP 2130706431 10.108.110.45 10064 typ host
a=candidate:4MJ/yJgQd4NL7aw+EBoj 1 UDP 2130706175 10.254.254.254 10064 typ host
a=candidate:aSo3+UiV4xc+w7szWYip 1 UDP 2130705919 FD74:6572:6D6E:7573:C:9370:B00E:98CC 10064 typ host
a=candidate:di6NuGBtBpy+l/gJ0ZuX 1 UDP 2130705663 FD74:6572:6D6E:7573:D:9370:B00E:98CC 10064 typ host
a=candidate:usps+6SK1M4DgMAmqRCj 2 UDP 2130706430 10.108.110.45 10065 typ host
a=candidate:4MJ/yJgQd4NL7aw+EBoj 2 UDP 2130706174 10.254.254.254 10065 typ host
a=candidate:aSo3+UiV4xc+w7szWYip 2 UDP 2130705918 FD74:6572:6D6E:7573:C:9370:B00E:98CC 10065 typ host
a=candidate:di6NuGBtBpy+l/gJ0ZuX 2 UDP 2130705662 FD74:6572:6D6E:7573:D:9370:B00E:98CC 10065 typ host
a=ptime:30
a=sendrecv
a=setup:actpass
a=fingerprint:sha-256 48:DB:AC:2E:52:C8:B5:1C:91:5D:B0:41:DA:71:EB:2B:33:28:65:ED:63:6D:26:01:A9:B1:1C:2F:84:5B:36:91
<------------->
--- (15 headers 23 lines) ---
Sending to 101.185.121.158:30204 (NAT)
Using INVITE request as basis request - FDF50F11F9988CA3680C8535B004A670BE012F3B
Found peer 'TLSEXT' for 'TLSEXT' from 101.185.121.158:30204
  == DTLS ECDH initialized (automatic), faster PFS enabled
  == Using SIP RTP CoS mark 5
Got SDP version 50073 and unique parts [- 2123655856 IN IP4 172.26.170.170]
Found RTP audio format 8
Found RTP audio format 0
Found RTP audio format 9
Found RTP audio format 101
Found audio description format telephone-event for ID 101
Capabilities: us - (alaw|ulaw|g722|g729|h264|vp8), peer - audio=(ulaw|alaw|g722)/video=(nothing)/text=(nothing), combined - (alaw|ulaw|g722)
Non-codec capabilities (dtmf): us - 0x1 (telephone-event|), peer - 0x1 (telephone-event|), combined - 0x1 (telephone-event|)
Peer audio RTP is at port 10.108.110.45:10064
Looking for 600 in interni (domain XXX.XXX.XXX.XXX)
sip_route_dump: route/path hop: <sips:TLSEXT@10.108.110.45:5060;transport=tcp>

<--- Transmitting (NAT) to 101.185.121.158:30204 --->
SIP/2.0 100 Trying
Via: SIP/2.0/TLS 10.108.110.45:5060;branch=z9hG4bKwaokgeqljfvibctk;received=101.185.121.158;rport=30204
From: <sips:TLSEXT@XXX.XXX.XXX.XXX:5061>;tag=7AF93372B450A77F70AB51B51EB93399
To: <sips:600@XXX.XXX.XXX.XXX:5061>
Call-ID: FDF50F11F9988CA3680C8535B004A670BE012F3B
CSeq: 2 INVITE
Server: APU2R
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
Supported: replaces, timer
Contact: <sips:600@192.168.1.10:5061;transport=tls>
Content-Length: 0


<------------>
    -- Executing [600@interni:1] NoOp("SIP/TLSEXT-00000006", "===TEST ECHO===") in new stack
    -- Executing [600@interni:2] Gosub("SIP/TLSEXT-00000006", "channelset,s,1") in new stack
    -- Executing [s@channelset:1] GotoIf("SIP/TLSEXT-00000006", "0?end") in new stack
    -- Executing [s@channelset:2] ExecIf("SIP/TLSEXT-00000006", "1?Set(CDR(sec_dati)=1):Set(CDR(sec_dati)=0)") in new stack
    -- Executing [s@channelset:3] ExecIf("SIP/TLSEXT-00000006", "1?Set(CDR(sec_audio)=1):Set(CDR(sec_audio)=0)") in new stack
    -- Executing [s@channelset:4] GotoIf("SIP/TLSEXT-00000006", "0?end") in new stack
    -- Executing [s@channelset:5] Set("SIP/TLSEXT-00000006", "FM_IP=101.185.121.158") in new stack
    -- Executing [s@channelset:6] Set("SIP/TLSEXT-00000006", "TO_IP=101.185.121.158") in new stack
    -- Executing [s@channelset:7] Set("SIP/TLSEXT-00000006", "U_AG=GroundWire") in new stack
    -- Executing [s@channelset:8] Set("SIP/TLSEXT-00000006", "P_NAME=TLSEXT") in new stack
    -- Executing [s@channelset:9] Set("SIP/TLSEXT-00000006", "FROM=sips:TLSEXT@XXX.XXX.XXX.XXX:5061") in new stack
    -- Executing [s@channelset:10] Set("SIP/TLSEXT-00000006", "URI=sips:TLSEXT@10.108.110.45:5060") in new stack
    -- Executing [s@channelset:11] Set("SIP/TLSEXT-00000006", "C_TYPE=SIP") in new stack
    -- Executing [s@channelset:12] Set("SIP/TLSEXT-00000006", "CDR(ip)=101.185.121.158") in new stack
    -- Executing [s@channelset:13] Set("SIP/TLSEXT-00000006", "CDR(ip_to)=101.185.121.158") in new stack
    -- Executing [s@channelset:14] Set("SIP/TLSEXT-00000006", "CDR(peernome)=TLSEXT") in new stack
    -- Executing [s@channelset:15] Set("SIP/TLSEXT-00000006", "CDR(useragent)=GroundWire") in new stack
    -- Executing [s@channelset:16] Set("SIP/TLSEXT-00000006", "CDR(uri)=sips:TLSEXT@10.108.110.45:5060") in new stack
    -- Executing [s@channelset:17] Set("SIP/TLSEXT-00000006", "CDR(fm)=sips:TLSEXT@XXX.XXX.XXX.XXX:5061") in new stack
    -- Executing [s@channelset:18] Set("SIP/TLSEXT-00000006", "CHANNEL(language)=it") in new stack
    -- Executing [s@channelset:19] Set("SIP/TLSEXT-00000006", "CHANNEL(tonezone)=it") in new stack
    -- Executing [s@channelset:20] Set("SIP/TLSEXT-00000006", "CDR(codec)=(alaw)") in new stack
    -- Executing [s@channelset:21] Set("SIP/TLSEXT-00000006", "CDR(tone)=it") in new stack
    -- Executing [s@channelset:22] Set("SIP/TLSEXT-00000006", "CDR(called)=s") in new stack
    -- Executing [s@channelset:23] Set("SIP/TLSEXT-00000006", "CHANNEL(max_forwards)=2") in new stack
    -- Executing [s@channelset:24] Return("SIP/TLSEXT-00000006", "") in new stack
    -- Executing [600@interni:3] Set("SIP/TLSEXT-00000006", "PROV=ASTERISK") in new stack
    -- Executing [600@interni:4] Set("SIP/TLSEXT-00000006", "CDR(provider)=ASTERISK") in new stack
    -- Executing [600@interni:5] Answer("SIP/TLSEXT-00000006", "") in new stack
Audio is at 10072
Adding codec alaw to SDP
Adding codec ulaw to SDP
Adding codec g722 to SDP
Adding non-codec 0x1 (telephone-event) to SDP

<--- Reliably Transmitting (NAT) to 101.185.121.158:30204 --->
SIP/2.0 200 OK
Via: SIP/2.0/TLS 10.108.110.45:5060;branch=z9hG4bKwaokgeqljfvibctk;received=101.185.121.158;rport=30204
From: <sips:TLSEXT@XXX.XXX.XXX.XXX:5061>;tag=7AF93372B450A77F70AB51B51EB93399
To: <sips:600@XXX.XXX.XXX.XXX:5061>;tag=as7d7de3d7
Call-ID: FDF50F11F9988CA3680C8535B004A670BE012F3B
CSeq: 2 INVITE
Server: APU2R
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
Supported: replaces, timer
Contact: <sips:600@192.168.1.10:5061;transport=tls>
Content-Type: application/sdp
Content-Length: 895

v=0
o=root 1322504896 1322504896 IN IP4 192.168.1.10
s=Asterisk PBX GIT-16-f98eed1M
c=IN IP4 192.168.1.10
t=0 0
m=audio 10072 RTP/SAVPF 8 0 9 101
a=rtpmap:8 PCMA/8000
a=rtpmap:0 PCMU/8000
a=rtpmap:9 G722/8000
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-16
a=maxptime:150
a=ice-ufrag:7bef7d22605e0bd86c722638093c62b4
a=ice-pwd:10e1033457265b6d076abea753fcc314
a=candidate:Hc0a8010a 1 UDP 2130706431 192.168.1.10 10072 typ host
a=candidate:Sd9856ee8 1 UDP 1694498815 XXX.XXX.XXX.XXX 10072 typ srflx raddr 192.168.1.10 rport 10072
a=candidate:Hc0a8010a 2 UDP 2130706430 192.168.1.10 10073 typ host
a=candidate:Sd9856ee8 2 UDP 1694498814 XXX.XXX.XXX.XXX 10073 typ srflx raddr 192.168.1.10 rport 10072
a=connection:new
a=setup:active
a=fingerprint:SHA-256 02:AB:0C:46:F8:F3:FE:9A:AE:84:7A:DF:54:C3:2C:4A:5E:C8:F5:57:3C:03:AF:B4:36:CE:A6:28:90:CC:0E:D7
a=rtcp-mux
a=sendrecv

<------------>
    -- Executing [600@interni:6] Playback("SIP/TLSEXT-00000006", "silence/1&demo-echotest") in new stack
    -- <SIP/TLSEXT-00000006> Playing 'silence/1.alaw' (language 'it')
    -- <SIP/TLSEXT-00000006> Playing 'demo-echotest.alaw' (language 'it')

<--- SIP read from TLS:101.185.121.158:30204 --->
REGISTER sips:XXX.XXX.XXX.XXX:5061 SIP/2.0
Via: SIP/2.0/TLS 10.108.110.45:5060;branch=z9hG4bKTP2R17YHCadlCNnN;rport
Contact: <sips:TLSEXT@10.108.110.45:5060;rinstance=AFE7108B;transport=tcp>;expires=600;video
Max-Forwards: 70
From: <sips:TLSEXT@XXX.XXX.XXX.XXX:5061>;tag=DBAF1F153973197BB079FA86166B838D
Allow: ACK, BYE, CANCEL, INFO, INVITE, NOTIFY, OPTIONS, REFER
Supported: replaces, path
Accept-Language: it-IT
To: <sips:TLSEXT@XXX.XXX.XXX.XXX:5061>
Expires: 600
Call-ID: 0E422D1413D4D1999E2C065B08E7B808E4D0B8F6
CSeq: 4809 REGISTER
User-Agent: GroundWire
Content-Length: 0

<------------->
--- (14 headers 0 lines) ---
Sending to 101.185.121.158:30204 (NAT)

<--- Transmitting (NAT) to 101.185.121.158:30204 --->
SIP/2.0 401 Unauthorized
Via: SIP/2.0/TLS 10.108.110.45:5060;branch=z9hG4bKTP2R17YHCadlCNnN;received=101.185.121.158;rport=30204
From: <sips:TLSEXT@XXX.XXX.XXX.XXX:5061>;tag=DBAF1F153973197BB079FA86166B838D
To: <sips:TLSEXT@XXX.XXX.XXX.XXX:5061>;tag=as10cec7d0
Call-ID: 0E422D1413D4D1999E2C065B08E7B808E4D0B8F6
CSeq: 4809 REGISTER
Server: APU2R
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
Supported: replaces, timer
WWW-Authenticate: Digest algorithm=MD5, realm="apu2R", nonce="0e07b882"
Content-Length: 0


<------------>
Scheduling destruction of SIP dialog '0E422D1413D4D1999E2C065B08E7B808E4D0B8F6' in 32000 ms (Method: REGISTER)

<--- SIP read from TLS:101.185.121.158:30204 --->
REGISTER sips:XXX.XXX.XXX.XXX:5061 SIP/2.0
Via: SIP/2.0/TLS 10.108.110.45:5060;branch=z9hG4bKEcww6gCa8rfAGybu;rport
Contact: <sips:TLSEXT@10.108.110.45:5060;rinstance=AFE7108B;transport=tcp>;expires=600;video
Max-Forwards: 70
From: <sips:TLSEXT@XXX.XXX.XXX.XXX:5061>;tag=DBAF1F153973197BB079FA86166B838D
Allow: ACK, BYE, CANCEL, INFO, INVITE, NOTIFY, OPTIONS, REFER
Supported: replaces, path
Accept-Language: it-IT
To: <sips:TLSEXT@XXX.XXX.XXX.XXX:5061>
Expires: 600
Call-ID: 0E422D1413D4D1999E2C065B08E7B808E4D0B8F6
CSeq: 4810 REGISTER
Authorization: Digest username="TLSEXT",realm="apu2R",algorithm=MD5,uri="sips:XXX.XXX.XXX.XXX:5061",nonce="0e07b882",response="33436a5383a4254fc9e2da2abe44bd93"
User-Agent: GroundWire
Content-Length: 0

<------------->
--- (15 headers 0 lines) ---
Sending to 101.185.121.158:30204 (NAT)
Reliably Transmitting (NAT) to 101.185.121.158:30204:
OPTIONS sips:TLSEXT@10.108.110.45:5060;rinstance=AFE7108B;transport=tcp SIP/2.0
Via: SIP/2.0/TLS 192.168.1.10:5061;branch=z9hG4bK3d88137b;rport
Max-Forwards: 70
From: "asterisk" <sip:asterisk@XXX.XXX.XXX.XXX>;tag=as1de6c8bb
To: <sips:TLSEXT@10.108.110.45:5060;rinstance=AFE7108B;transport=tcp>
Contact: <sip:asterisk@192.168.1.10:5061;transport=tls>
Call-ID: 0c1456ee0a2f777d5d4697eb2d21da41@XXX.XXX.XXX.XXX
CSeq: 102 OPTIONS
User-Agent: APU2R
Date: Sun, 05 Dec 2021 11:59:48 GMT
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
Supported: replaces, timer
Content-Length: 0


---

<--- Transmitting (NAT) to 101.185.121.158:30204 --->
SIP/2.0 200 OK
Via: SIP/2.0/TLS 10.108.110.45:5060;branch=z9hG4bKEcww6gCa8rfAGybu;received=101.185.121.158;rport=30204
From: <sips:TLSEXT@XXX.XXX.XXX.XXX:5061>;tag=DBAF1F153973197BB079FA86166B838D
To: <sips:TLSEXT@XXX.XXX.XXX.XXX:5061>;tag=as10cec7d0
Call-ID: 0E422D1413D4D1999E2C065B08E7B808E4D0B8F6
CSeq: 4810 REGISTER
Server: APU2R
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
Supported: replaces, timer
Expires: 600
Contact: <sips:TLSEXT@10.108.110.45:5060;rinstance=AFE7108B;transport=tcp>;expires=600
Date: Sun, 05 Dec 2021 11:59:48 GMT
Content-Length: 0


<------------>
Reliably Transmitting (NAT) to 101.185.121.158:30204:
NOTIFY sips:TLSEXT@10.108.110.45:5060;transport=tcp SIP/2.0
Via: SIP/2.0/TLS 192.168.1.10:5061;branch=z9hG4bK3d8121f5;rport
Max-Forwards: 70
Route: <sips:TLSEXT@10.108.110.45:5060;transport=tcp>
From: "asterisk" <sip:asterisk@XXX.XXX.XXX.XXX>;tag=as2c5cb2c5
To: <sip:sips:TLSEXT@10.108.110.45:5060;transport=tcp>;tag=53D79E0883CEA882EF49E15C7ED86FFE
Contact: <sips:asterisk@192.168.1.10:5061;transport=tls>
Call-ID: 195A5ABC3DEF79FF7E1E02AD6303353C08D084A3
CSeq: 103 NOTIFY
User-Agent: APU2R
Event: message-summary
Content-Type: application/simple-message-summary
Subscription-State: active
Content-Length: 108

Messages-Waiting: no
Message-Account: sip:vm-demo@XXX.XXX.XXX.XXX;transport=TLS
Voice-Message: 0/0 (0/0)

---
Scheduling destruction of SIP dialog '0E422D1413D4D1999E2C065B08E7B808E4D0B8F6' in 32000 ms (Method: REGISTER)

<--- SIP read from TLS:101.185.121.158:30204 --->
SIP/2.0 200 OK
Via: SIP/2.0/TLS 192.168.1.10:5061;branch=z9hG4bK3d88137b;rport=5061;received=XXX.XXX.XXX.XXX
Contact: <sips:TLSEXT@10.108.110.45:5060;transport=tcp>
From: "asterisk" <sip:asterisk@XXX.XXX.XXX.XXX>;tag=as1de6c8bb
Call-ID: 0c1456ee0a2f777d5d4697eb2d21da41@XXX.XXX.XXX.XXX
CSeq: 102 OPTIONS
To: <sips:TLSEXT@10.108.110.45:5060;rinstance=AFE7108B;transport=tcp>
Allow: ACK, BYE, CANCEL, INFO, INVITE, NOTIFY, OPTIONS, REFER
Supported: replaces, path
Accept: application/sdp
User-Agent: GroundWire
Content-Length: 0

<------------->
--- (12 headers 0 lines) ---

<--- SIP read from TLS:101.185.121.158:30204 --->
SIP/2.0 200 OK
Via: SIP/2.0/TLS 192.168.1.10:5061;branch=z9hG4bK3d8121f5;rport=5061;received=XXX.XXX.XXX.XXX
Contact: <sips:TLSEXT@10.108.110.45:5060;transport=tcp>
From: "asterisk" <sip:asterisk@XXX.XXX.XXX.XXX>;tag=as2c5cb2c5
Call-ID: 195A5ABC3DEF79FF7E1E02AD6303353C08D084A3
CSeq: 103 NOTIFY
To: <sip:sips:TLSEXT@10.108.110.45:5060;transport=tcp>;tag=53D79E0883CEA882EF49E15C7ED86FFE
Allow: ACK, BYE, CANCEL, INFO, INVITE, NOTIFY, OPTIONS, REFER
Supported: replaces, path
User-Agent: GroundWire
Content-Length: 0

<------------->
--- (11 headers 0 lines) ---
Really destroying SIP dialog '0c1456ee0a2f777d5d4697eb2d21da41@XXX.XXX.XXX.XXX' Method: OPTIONS

<--- SIP read from TLS:101.185.121.158:30204 --->
REGISTER sips:XXX.XXX.XXX.XXX:5061 SIP/2.0
Via: SIP/2.0/TLS 10.108.110.45:5060;branch=z9hG4bKsfqAzj5en44aC9uq;rport
Contact: <sips:TLSEXT@10.108.110.45:5060;rinstance=AFE7108B;transport=tcp>;expires=600;video
Max-Forwards: 70
From: <sips:TLSEXT@XXX.XXX.XXX.XXX:5061>;tag=C116B6F4D7506E2B6B4286BBC8AC17DD
Allow: ACK, BYE, CANCEL, INFO, INVITE, NOTIFY, OPTIONS, REFER
Supported: replaces, path
Accept-Language: it-IT
To: <sips:TLSEXT@XXX.XXX.XXX.XXX:5061>
Expires: 600
Call-ID: 0E422D1413D4D1999E2C065B08E7B808E4D0B8F6
CSeq: 4811 REGISTER
User-Agent: GroundWire
Content-Length: 0

<------------->
--- (14 headers 0 lines) ---
Sending to 101.185.121.158:30204 (NAT)

<--- Transmitting (NAT) to 101.185.121.158:30204 --->
SIP/2.0 401 Unauthorized
Via: SIP/2.0/TLS 10.108.110.45:5060;branch=z9hG4bKsfqAzj5en44aC9uq;received=101.185.121.158;rport=30204
From: <sips:TLSEXT@XXX.XXX.XXX.XXX:5061>;tag=C116B6F4D7506E2B6B4286BBC8AC17DD
To: <sips:TLSEXT@XXX.XXX.XXX.XXX:5061>;tag=as10cec7d0
Call-ID: 0E422D1413D4D1999E2C065B08E7B808E4D0B8F6
CSeq: 4811 REGISTER
Server: APU2R
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
Supported: replaces, timer
WWW-Authenticate: Digest algorithm=MD5, realm="apu2R", nonce="1a7aea0e"
Content-Length: 0


<------------>
Scheduling destruction of SIP dialog '0E422D1413D4D1999E2C065B08E7B808E4D0B8F6' in 32000 ms (Method: REGISTER)

<--- SIP read from TLS:101.185.121.158:30204 --->
REGISTER sips:XXX.XXX.XXX.XXX:5061 SIP/2.0
Via: SIP/2.0/TLS 10.108.110.45:5060;branch=z9hG4bKkLPAUK0elS0p2d7p;rport
Contact: <sips:TLSEXT@10.108.110.45:5060;rinstance=AFE7108B;transport=tcp>;expires=600;video
Max-Forwards: 70
From: <sips:TLSEXT@XXX.XXX.XXX.XXX:5061>;tag=C116B6F4D7506E2B6B4286BBC8AC17DD
Allow: ACK, BYE, CANCEL, INFO, INVITE, NOTIFY, OPTIONS, REFER
Supported: replaces, path
Accept-Language: it-IT
To: <sips:TLSEXT@XXX.XXX.XXX.XXX:5061>
Expires: 600
Call-ID: 0E422D1413D4D1999E2C065B08E7B808E4D0B8F6
CSeq: 4812 REGISTER
Authorization: Digest username="TLSEXT",realm="apu2R",algorithm=MD5,uri="sips:XXX.XXX.XXX.XXX:5061",nonce="1a7aea0e",response="1b58c809288292b582e1593437ca0afa"
User-Agent: GroundWire
Content-Length: 0

<------------->
--- (15 headers 0 lines) ---
Sending to 101.185.121.158:30204 (NAT)
Reliably Transmitting (NAT) to 101.185.121.158:30204:
OPTIONS sips:TLSEXT@10.108.110.45:5060;rinstance=AFE7108B;transport=tcp SIP/2.0
Via: SIP/2.0/TLS 192.168.1.10:5061;branch=z9hG4bK5944de93;rport
Max-Forwards: 70
From: "asterisk" <sip:asterisk@XXX.XXX.XXX.XXX>;tag=as0313dbd4
To: <sips:TLSEXT@10.108.110.45:5060;rinstance=AFE7108B;transport=tcp>
Contact: <sip:asterisk@192.168.1.10:5061;transport=tls>
Call-ID: 731c006c3d67bf2c74996e3b6d6d6154@XXX.XXX.XXX.XXX
CSeq: 102 OPTIONS
User-Agent: APU2R
Date: Sun, 05 Dec 2021 11:59:52 GMT
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
Supported: replaces, timer
Content-Length: 0


---

<--- Transmitting (NAT) to 101.185.121.158:30204 --->
SIP/2.0 200 OK
Via: SIP/2.0/TLS 10.108.110.45:5060;branch=z9hG4bKkLPAUK0elS0p2d7p;received=101.185.121.158;rport=30204
From: <sips:TLSEXT@XXX.XXX.XXX.XXX:5061>;tag=C116B6F4D7506E2B6B4286BBC8AC17DD
To: <sips:TLSEXT@XXX.XXX.XXX.XXX:5061>;tag=as10cec7d0
Call-ID: 0E422D1413D4D1999E2C065B08E7B808E4D0B8F6
CSeq: 4812 REGISTER
Server: APU2R
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
Supported: replaces, timer
Expires: 600
Contact: <sips:TLSEXT@10.108.110.45:5060;rinstance=AFE7108B;transport=tcp>;expires=600
Date: Sun, 05 Dec 2021 11:59:52 GMT
Content-Length: 0


<------------>
Reliably Transmitting (NAT) to 101.185.121.158:30204:
NOTIFY sips:TLSEXT@10.108.110.45:5060;transport=tcp SIP/2.0
Via: SIP/2.0/TLS 192.168.1.10:5061;branch=z9hG4bK3d8121f5;rport
Max-Forwards: 70
Route: <sips:TLSEXT@10.108.110.45:5060;transport=tcp>
From: "asterisk" <sip:asterisk@XXX.XXX.XXX.XXX>;tag=as2c5cb2c5
To: <sip:sips:TLSEXT@10.108.110.45:5060;transport=tcp>;tag=53D79E0883CEA882EF49E15C7ED86FFE
Contact: <sips:asterisk@192.168.1.10:5061;transport=tls>
Call-ID: 195A5ABC3DEF79FF7E1E02AD6303353C08D084A3
CSeq: 104 NOTIFY
User-Agent: APU2R
Event: message-summary
Content-Type: application/simple-message-summary
Subscription-State: active
Content-Length: 108

Messages-Waiting: no
Message-Account: sip:vm-demo@XXX.XXX.XXX.XXX;transport=TLS
Voice-Message: 0/0 (0/0)

---
Scheduling destruction of SIP dialog '0E422D1413D4D1999E2C065B08E7B808E4D0B8F6' in 32000 ms (Method: REGISTER)

<--- SIP read from TLS:101.185.121.158:30204 --->
SIP/2.0 200 OK
Via: SIP/2.0/TLS 192.168.1.10:5061;branch=z9hG4bK5944de93;rport=5061;received=XXX.XXX.XXX.XXX
Contact: <sips:TLSEXT@10.108.110.45:5060;transport=tcp>
From: "asterisk" <sip:asterisk@XXX.XXX.XXX.XXX>;tag=as0313dbd4
Call-ID: 731c006c3d67bf2c74996e3b6d6d6154@XXX.XXX.XXX.XXX
CSeq: 102 OPTIONS
To: <sips:TLSEXT@10.108.110.45:5060;rinstance=AFE7108B;transport=tcp>
Allow: ACK, BYE, CANCEL, INFO, INVITE, NOTIFY, OPTIONS, REFER
Supported: replaces, path
Accept: application/sdp
User-Agent: GroundWire
Content-Length: 0

<------------->
--- (12 headers 0 lines) ---

<--- SIP read from TLS:101.185.121.158:30204 --->
SIP/2.0 200 OK
Via: SIP/2.0/TLS 192.168.1.10:5061;branch=z9hG4bK3d8121f5;rport=5061;received=XXX.XXX.XXX.XXX
Contact: <sips:TLSEXT@10.108.110.45:5060;transport=tcp>
From: "asterisk" <sip:asterisk@XXX.XXX.XXX.XXX>;tag=as2c5cb2c5
Call-ID: 195A5ABC3DEF79FF7E1E02AD6303353C08D084A3
CSeq: 104 NOTIFY
To: <sip:sips:TLSEXT@10.108.110.45:5060;transport=tcp>;tag=53D79E0883CEA882EF49E15C7ED86FFE
Allow: ACK, BYE, CANCEL, INFO, INVITE, NOTIFY, OPTIONS, REFER
Supported: replaces, path
User-Agent: GroundWire
Content-Length: 0

<------------->
--- (11 headers 0 lines) ---
Really destroying SIP dialog '731c006c3d67bf2c74996e3b6d6d6154@XXX.XXX.XXX.XXX' Method: OPTIONS
[2021-12-05 13:00:03] WARNING[32763]: chan_sip.c:4142 retrans_pkt: Retransmission timeout reached on transmission FDF50F11F9988CA3680C8535B004A670BE012F3B for seqno 2 (Critical Response) -- See https://wiki.asterisk.org/wiki/display/AST/SIP+Retransmissions
Packet timed out after 19519ms with no response
[2021-12-05 13:00:03] WARNING[32763]: chan_sip.c:4166 retrans_pkt: Hanging up call FDF50F11F9988CA3680C8535B004A670BE012F3B - no reply to our critical packet (see https://wiki.asterisk.org/wiki/display/AST/SIP+Retransmissions).
    -- Executing [h@interni:1] NoOp("SIP/TLSEXT-00000006", "===Eseguo estensione h in @interni===") in new stack
    -- Executing [h@interni:2] Set("SIP/TLSEXT-00000006", "_WINOLTRO=0") in new stack
Scheduling destruction of SIP dialog 'FDF50F11F9988CA3680C8535B004A670BE012F3B' in 19520 ms (Method: INVITE)
Reliably Transmitting (NAT) to 101.185.121.158:30204:
BYE sips:TLSEXT@10.108.110.45:5060;transport=tcp SIP/2.0
Via: SIP/2.0/TLS 192.168.1.10:5061;branch=z9hG4bK619e9789;rport
Max-Forwards: 70
From: <sips:600@XXX.XXX.XXX.XXX:5061>;tag=as7d7de3d7
To: <sips:TLSEXT@XXX.XXX.XXX.XXX:5061>;tag=7AF93372B450A77F70AB51B51EB93399
Call-ID: FDF50F11F9988CA3680C8535B004A670BE012F3B
CSeq: 102 BYE
User-Agent: APU2R
Proxy-Authorization: Digest username="TLSEXT", realm="apu2R", algorithm=MD5, uri="sips:XXX.XXX.XXX.XXX", nonce="7bbd57f3", response="76092c6a45364bb52e3feeed32a5a9d1"
X-Asterisk-HangupCause: No user responding
X-Asterisk-HangupCauseCode: 18
Content-Length: 0


---

<--- SIP read from TLS:101.185.121.158:30204 --->
SIP/2.0 200 OK
Via: SIP/2.0/TLS 192.168.1.10:5061;branch=z9hG4bK619e9789;rport=5061;received=XXX.XXX.XXX.XXX
Contact: <sips:TLSEXT@10.108.110.45:5060;transport=tcp>
From: <sips:600@XXX.XXX.XXX.XXX:5061>;tag=as7d7de3d7
Call-ID: FDF50F11F9988CA3680C8535B004A670BE012F3B
CSeq: 102 BYE
To: <sips:TLSEXT@XXX.XXX.XXX.XXX:5061>;tag=7AF93372B450A77F70AB51B51EB93399
Allow: ACK, BYE, CANCEL, INFO, INVITE, NOTIFY, OPTIONS, REFER
Supported: replaces, path
User-Agent: GroundWire
Content-Length: 0

<------------->
--- (11 headers 0 lines) ---
SIP Response message for INCOMING dialog BYE arrived

<--- SIP read from TLS:101.185.121.158:30204 --->
REGISTER sips:XXX.XXX.XXX.XXX:5061 SIP/2.0
Via: SIP/2.0/TLS 10.108.110.45:5060;branch=z9hG4bKkVlALnyVvG6wv8bS;rport
Contact: <sips:TLSEXT@10.108.110.45:5060;rinstance=AFE7108B;transport=tcp>;expires=0;video
Max-Forwards: 70
From: <sips:TLSEXT@XXX.XXX.XXX.XXX:5061>;tag=F9C99D70C9B9C241A8B1A410F1AC2E53
Allow: ACK, BYE, CANCEL, INFO, INVITE, NOTIFY, OPTIONS, REFER
Supported: replaces, path
Accept-Language: it-IT
To: <sips:TLSEXT@XXX.XXX.XXX.XXX:5061>
Expires: 0
Call-ID: 0E422D1413D4D1999E2C065B08E7B808E4D0B8F6
CSeq: 4813 REGISTER
User-Agent: GroundWire
Content-Length: 0

<------------->
--- (14 headers 0 lines) ---
Sending to 101.185.121.158:30204 (NAT)

<--- Transmitting (NAT) to 101.185.121.158:30204 --->
SIP/2.0 401 Unauthorized
Via: SIP/2.0/TLS 10.108.110.45:5060;branch=z9hG4bKkVlALnyVvG6wv8bS;received=101.185.121.158;rport=30204
From: <sips:TLSEXT@XXX.XXX.XXX.XXX:5061>;tag=F9C99D70C9B9C241A8B1A410F1AC2E53
To: <sips:TLSEXT@XXX.XXX.XXX.XXX:5061>;tag=as10cec7d0
Call-ID: 0E422D1413D4D1999E2C065B08E7B808E4D0B8F6
CSeq: 4813 REGISTER
Server: APU2R
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
Supported: replaces, timer
WWW-Authenticate: Digest algorithm=MD5, realm="apu2R", nonce="6993cc40"
Content-Length: 0


<------------>
Scheduling destruction of SIP dialog '0E422D1413D4D1999E2C065B08E7B808E4D0B8F6' in 32000 ms (Method: REGISTER)
Really destroying SIP dialog 'FDF50F11F9988CA3680C8535B004A670BE012F3B' Method: INVITE

<--- SIP read from TLS:101.185.121.158:30204 --->
REGISTER sips:XXX.XXX.XXX.XXX:5061 SIP/2.0
Via: SIP/2.0/TLS 10.108.110.45:5060;branch=z9hG4bKgRrUfBdJacpfbpec;rport
Contact: <sips:TLSEXT@10.108.110.45:5060;rinstance=AFE7108B;transport=tcp>;expires=0;video
Max-Forwards: 70
From: <sips:TLSEXT@XXX.XXX.XXX.XXX:5061>;tag=F9C99D70C9B9C241A8B1A410F1AC2E53
Allow: ACK, BYE, CANCEL, INFO, INVITE, NOTIFY, OPTIONS, REFER
Supported: replaces, path
Accept-Language: it-IT
To: <sips:TLSEXT@XXX.XXX.XXX.XXX:5061>
Expires: 0
Call-ID: 0E422D1413D4D1999E2C065B08E7B808E4D0B8F6
CSeq: 4814 REGISTER
Authorization: Digest username="TLSEXT",realm="apu2R",algorithm=MD5,uri="sips:XXX.XXX.XXX.XXX:5061",nonce="6993cc40",response="fc797315d83ea9406b7666cd87318603"
User-Agent: GroundWire
Content-Length: 0

<------------->
--- (15 headers 0 lines) ---
Sending to 101.185.121.158:30204 (NAT)
    -- Unregistered SIP 'TLSEXT'

<--- Transmitting (NAT) to 101.185.121.158:30204 --->
SIP/2.0 200 OK
Via: SIP/2.0/TLS 10.108.110.45:5060;branch=z9hG4bKgRrUfBdJacpfbpec;received=101.185.121.158;rport=30204
From: <sips:TLSEXT@XXX.XXX.XXX.XXX:5061>;tag=F9C99D70C9B9C241A8B1A410F1AC2E53
To: <sips:TLSEXT@XXX.XXX.XXX.XXX:5061>;tag=as10cec7d0
Call-ID: 0E422D1413D4D1999E2C065B08E7B808E4D0B8F6
CSeq: 4814 REGISTER
Server: APU2R
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
Supported: replaces, timer
Expires: 0
Date: Sun, 05 Dec 2021 12:00:04 GMT
Content-Length: 0


<------------>
Scheduling destruction of SIP dialog '0E422D1413D4D1999E2C065B08E7B808E4D0B8F6' in 32000 ms (Method: REGISTER)
apu2R*CLI> sip set debug off
SIP Debugging Disabled

jcolp · December 5, 2021, 1:57pm

Have you configured chan_sip to know it is behind NAT?

brunopiras · December 5, 2021, 3:30pm

Thank for your reply,

yes off course, the others peers (not dtls) are been working, I’m starting to use encryption, created one peer more and try to use with TLS transport:

;Sip general
tlsenable=yes
tlsbindaddr=0.0.0.0:5061
tlscertfile=/etc/asterisk/keys/asterisk.pem
tlscafile=/etc/asterisk/keys/ca.crt
tlsclientmethod=ALL
tlscipher=ALL

;Peer TLS conf
[XxX]
callerid=“BrunoCrypto”
description=Iphone Bruno DTLS
defaultuser=XxX
hasvoicemail=yes ;dopo inserito funziona MWI su softphone
secret=$$XXXXXxxxxTTT$$
mailbox=xxxxxx@vm-demo
accountcode=xxxxxx
type=peer
nat=force_rport,comedia
disallow=all
allow=alaw
allow=ulaw
allow=g722
allow=g729
allow=h264
allow=vp8
host=dynamic
qualify=yes
subscribecontext=default ;aggiunto il 1 nov 2021
allowsubscribe=yes ;aggiunto il 1 nov 2021
busylevel=1 ;aggiunto il 1 nov 2021
;===aggiunto 26 nov 2021 tls===
transport=tls,ws,wss ; Asterisk will allow this peer to register on UDP and TLS transports
rtcp_mux=yes
encryption=yes ;BrunoTLS
dtlsenable=yes
dtlsverify=no
dtlscertfile=/etc/asterisk/keys/asterisk.pem ; Tell Asterisk where your DTLS cert file is
dtlscafile=/etc/asterisk/keys/ca.crt
;dtlsprivatekey=/etc/asterisk/keys/asterisk.pem ; Tell Asterisk where your DTLS private key is
;dtlssetup=actpass
avpf=yes
icesupport=yes
directmedia=no
force_avp=yes

If I use the softphone inside the LAN and put register IP lan 192.168.x.x all works correctly;

If I use the softphone with VPN and put register IP lan 192.168.x.x all works correctly;

If I use the softphone in mobile connection and put the public IP address register, no audio way…

jcolp · December 5, 2021, 4:10pm

The NAT settings in chan_sip for when it is behind NAT are configured using “externip” and “localnet”. Are those set?

ambiorixg12 · December 5, 2021, 4:24pm

On more recent versions of Asterisk, the public IP is set using the externaddr parameter.
Anyway you can verify if the NAT external IP is correctly set using sip show settings

david551 · December 5, 2021, 4:25pm

If possible, you should also configure the phone to correctly compensate for being behind a different NAT.

My guess is the lack of audio is the result of relying on routers to look inside the SDP to work out which port to use. They won’t be able to do this when you encrypt.

david551 · December 5, 2021, 4:29pm

EIther it or localnets is set wrongly as Asterisk is sending private addresses in Contact headers.

brunopiras · December 6, 2021, 6:37pm

Hello there, localnet are set, all the networks in the LAN, but externip no, because if I set on a provider it does not works properly. Now I’ve set ON(with the static public IP) and DTLS works fine outside the lan I needed to setup OFF Sip ALG, Rtsp ALG and h323 ALG in the router and I’m testing, seem it working fine but I’ll wait a bit more time to do it permanent. Simple sms it does not works and presence state too. Thanks for you helped me… Now I’ll search a solution for presence state and sms.

system · January 5, 2022, 6:38pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
One way audio issue Asterisk SIP	7	783	April 18, 2017
Having trouble with externalip Asterisk Support	2	184	January 10, 2014
Difficult Geting SIP To work outside of LAN Asterisk Support	2	328	February 28, 2008
No voice when connecte from outside the LAN Asterisk Support	7	288	December 7, 2022
SIP Transport: TCP (LAN:OK; Outside:OK) / TLS (LAN:OK; Outside: NOTOK) Asterisk SIP	2	478	January 1, 2020

DTLS - No works outside LAN

Related topics