Hi
I’ve a setup with two nodes connected with a TLS trunk. The trunk does not have any authentication or registration. The identification is done over IP:PORT
. I’m using pjsip_wizard to generate all the required objects.
The problem I have is, that remote_hosts
contains IP:PORT
since we are using non standard ports. This will create an identify with match IP:PORT/MASK
. Since the other end uses a random source port, the match upon IP:PORT
doesn’t work and Asterisk complains about “No matching endpoint found”.
I found that I could set identify/match = X.X.X.X
without the port and then it works.
So far so good… But the issue I have is, we are running Kamailio on the same node. Kamailio uses port 5060/5061 and Asterisk is configured to use 5070/5071. So if identify/match is set only to the IP, it might be that the call is coming from Kamailio and not from the expected other Asterisk running on a different port.
I’m asking me, whether I can force the source port to be equal to the configured bind port and not random?
Maybe as a side note. I used the same configuration with a UDP transport and this works perfect as for UDP, the source port is equal to the bind port and not random.
Thanks for your help!
Mathias
pjsip_wizard.conf
[global_options](!)
type = wizard
endpoint/allow = !all
endpoint/allow = alaw
endpoint/allow = ulaw
endpoint/allow = gsm
endpoint/allow = speex
endpoint/allow = g726
endpoint/dtmf_mode = rfc4733
endpoint/fax_detect = yes
endpoint/identify_by = auth_username,ip
endpoint/language = en
endpoint/t38_udptl = yes
endpoint/t38_udptl_maxdatagram
endpoint/t38_udptl_ec = redundancy
endpoint/timers = yes
endpoint/timers_min_se = 600
endpoint/timers_sess_expires = 3600
endpoint/direct_media = no
endpoint/tos_audio = ef
...
[charact_trunk_standard](!)
type = wizard
aor/qualify_timeout = 2
aor/qualify_frequency = 60
...
[ToA](global_options,charact_trunk_standard)
transport = transport-tls
endpoint/context = sip-trunk-incoming-from-ToA
remote_hosts = A.A.A.A:5071
;identify/match = A.A.A.A
pjsip.conf
...
[transport-tls]
type = transport
protocol = tls
bind = 0.0.0.0:5071
ca_list_file =
cert_file = cert.pem
priv_key_file = key.pem
method = tlsv1_3
verify_server = no
tos = ef
...
I’m using Asterisk 20.5.0