I have configured Twilio Elastic SIP trunk with asterisk box. SIP trunk is configured to be secure with TLS and SRTP. The flow is, Twilio trunk places a call to our asterisk box and then asterisk box dials new number on outgoing twilio trunk.
Having configured secure trunk between Twilio and asterisk, I see that asterisk is receiving secure call from Twilio but when I continue the call by Dial cmd on outgoing trunk, it goes out as insecure INVITE and twilio server responds with 488 secure SIP transport is required.
This is the sip.conf
[general]
bindport=5090
tlsenable=yes
tlsbindaddr=0.0.0.0
tlscertfile=/etc/asterisk/keys/asterisk.pem
tlscafile=/etc/asterisk/keys/ca.crt
tlscipher=ALL
tlsclientmethod=tlsv1 ;none of the others seem to work with Blink as the client
tlsdontverifyserver=yes
disallow=all
allow=ulaw
allow=alaw
allow=gsm
qualify=no
directmedia=yes
directrtpsetup=yes
canreinvite=yes
externip=34.204.71.122
vsp
type=peer
context=from-vsp
host=dynamic
vsp1
host=10.0.36.133
vsp2
host=34.207.132.108
twilio-trunk
type=peer
context=from-twilio ;Which dialplan to use for incoming calls
dtmfmode=rfc2833
;canreinivite=yes
directmedia=yes
directrtpsetup=yes
insecure=port,invite
transport=tls
encryption=yes
media_encryption=sdes
twilio0
host=dev-vsp-trunk-secure.pstn.twilio.com ;Our Termination URI
remotesecret=****** ;password, if you are using credentials
defaultuser=******* ;username, if you are usingcredentials
twilio1
host=54.172.60.2
This is the extensions.conf
[from-twilio]
exten => +13095189039,1,GotoIf($["${CHANNEL(secure_signaling)}" = â1â]?:fail)
exten => +13095189039,n,GotoIf($["${CHANNEL(secure_media)}" = â1â]?:fail)
exten => +13095189039,n,Dial(SIP/+919873634798@dev-vsp-trunk-secure.pstn.twilio.com)
exten => +13095189039,n,Hangup
exten => +13095189039,n(fail),Playback(vm-goodbye)
exten => +13095189039,n,Hangup
This is the PCAP trace.
https://drive.google.com/file/d/1KithVU4odW8D5XsObZgtMRpPt7eblTGL/view?usp=sharing
Thanks in advance.
Regards
Durgesh