TLS + SRTP Help

mazarian · January 8, 2021, 3:46pm

Hi all,

It’s my first time setting up TLS and I’m running into an issue that I can’t quite figure out. I followed the FreePBX Wiki Guide for TLS + SRTP and have double checked that both the PJSIP settings and extension settings match what is listed in the guide. I have purchased a wildcard domain certificate, installed it on my FreePBX machine, and set it as default. In the PJSip settings, I’ve specifically chosen that certificate to be used as well. I am running FreePBX 15.0.17.12 and Asterisk 16.15.1. PJSip UDP runs on port 5060 and TLS runs on 5061.

I am trying to place a call using a Zoiper softphone and the call immediately hangs up. In PJSip Logger, I am seeing a 401 Unauthorized even though the endpoint is registered.

Here are 2 pastebins that show the details:

Any help is greatly appreciated!

Thank you,

Michael

jcolp · January 8, 2021, 3:49pm

The endpoint in Asterisk is set to require encrypted media. The client is not offering encrypted media, so the call fails.

mazarian · January 8, 2021, 5:41pm

Ahh! That was it! How would I have seen that from the logs? Just curious so I can learn how diagnose in the future…

Stewart1 · January 8, 2021, 6:02pm

Line 236:
SIP/2.0 488 Not Acceptable Here
indicates that none of the media options offered by the SDP (lines 207-221) are acceptable to the receiver. Usually, it means no codec in common, but in this case no encryption offered by sender but required by receiver.

system · June 3, 2021, 11:03pm

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.