hi all,
i’m new to asterisk server. i tried to enable srtp on astersisk and end up with following errors while reloading sip.
[Aug 12 00:06:16] ERROR[3666]: netsock2.c:269 ast_sockaddr_resolve: getaddrinfo(“voip.lk ”, “(null)”, …): Name or service not known
[Aug 12 00:06:16] WARNING[3666]: acl.c:833 resolve_first: Unable to lookup ‘voip.lk ’
[Aug 12 00:06:36] ERROR[3666]: netsock2.c:269 ast_sockaddr_resolve: getaddrinfo(“A.ROOT-SERVERS.NET ”, “(null)”, …): Name or service not known
[Aug 12 00:06:36] WARNING[3666]: acl.c:833 resolve_first: Unable to lookup ‘A.ROOT-SERVERS.NET ’
== Using SIP CoS mark 4
== Parsing ‘/etc/asterisk/sip_notify.conf’: Found
Reloading SIP
my sample sip.conf is showed below:
[demo1]
type=friend
host=dynamic
secret=123
context=users
deny=0.0.0.0/0
permit=192.168.0.0/255.255.0.0
encryption=yes
[demo2]
type=friend
host=dynamic
secret=123
context=users
deny=0.0.0.0/0
permit=192.168.0.0/255.255.0.0
encryption=yes
any ideas what might be the cause??
please help…
thanks…
Add your hostname to your /etc/hosts in order to resolve the VoIP.lk
thnax…it solved the problem.
but when i tried to make a call it fails and give this error…
== Using SIP RTP CoS mark 5
[Aug 12 03:01:10] ERROR[17503][C-00000006]: chan_sip.c:33043 setup_srtp: No SRTP module loaded, can’t setup SRTP session.
[Aug 12 03:01:10] ERROR[17503][C-00000006]: chan_sip.c:33043 setup_srtp: No SRTP module loaded, can’t setup SRTP session.
[Aug 12 03:01:10] WARNING[17503][C-00000006]: chan_sip.c:10454 process_sdp: Rejecting secure audio stream without encryption details: audio 50000 RTP/SAVP 108 99 98 9 0 8 96
output for SRTP check
[root@voip Desktop]# ldd /usr/sbin/asterisk | egrep 'ssl|srtp’
libasteriskssl.so.1 => /usr/lib/libasteriskssl.so.1 (0x0000003fc1a00000)
libssl.so.10 => /usr/lib64/libssl.so.10 (0x00000030af800000)
[root@voip Desktop]# ls -l /usr/lib64/asterisk/modules/res_srtp.so
-rwxr-xr-x 1 root root 284069 Aug 12 00:03 /usr/lib64/asterisk/modules/res_srtp.so
Try loading the module from the asterisk cli: module load res_srtp.so
when i try to call from 192.168.196.1 to 192.168.196.159 i get the following error.
[Aug 15 01:03:16] ERROR[26064]: tcptls.c:243 handle_tcptls_connection: Certificate common name did not match (192.168.196.159)
i have created two pem files for both softphones.
6001.pem
6002.pem
this is my sip.conf
[general]
tlsenable=yes
tlsbindaddr=0.0.0.0
tlscertfile=/etc/asterisk/keys/asterisk.pem
tlscafile=/etc/asterisk/keys/ca.crt
tlscipher=ALL
tlsclientmethod=tlsv1
[6001]
type=friend
host=dynamic
secret=123456
context=users
deny=0.0.0.0/0
permit=192.168.0.0/255.255.0.0
transport=tls
encryption=yes
[6002]
type=friend
host=dynamic
secret=123456
context=users
deny=0.0.0.0/0
permit=192.168.0.0/255.255.0.0
transport=tls
encryption=yes
and my extensions.conf
[users]
exten=>6001,1,Dial(SIP/6001,20)
exten=>6002,1,Dial(SIP/6002,20)
i used this method to create CAs
./ast_tls_cert -C pbx.mycompany.com -O “My Super Company” -d /etc/asterisk/keys
./ast_tls_cert -m client -c /etc/asterisk/keys/ca.crt -k /etc/asterisk/keys/ca.key -C phone1.mycompany.com -O “My Super Company” -d /etc/asterisk/keys -o 6001
system
September 20, 2013, 4:03am
6
Most likely you are getting this error when you have not installed the patch which comes with your corresponding asterisk source. Download the source and patch form the same place. I was working with the latest asterisk source
wget downloads.asterisk.org/pub/telep … 1.5.tar.gz
wget downloads.asterisk.org/pub/telep … 1-patch.gz
untar and unzip your asterisk source
patch it with its corresponding version
./configure
make clean
make menuselect
make
make install
amportal restart
Had a similar issue and error which got resolved after I patched my asterisk installation.
david55
September 20, 2013, 9:05am
7
The complaint is that the -C parameter on the client certificate generation doesn’t actually match the address being used by the client.