TIPS Voip.ms Announces Encryption. Anybody got it to work?

tbrummell

Guru
Joined
Jan 8, 2011
Messages
643
Reaction score
72
So, I've tried using the instructions in this post:
https://www.dslreports.com/forum/r32328534-

And I had no luck.

Code:
                                                Incredible PBX 13.17.1 for Scientific Linux

                                                Asterisk: UP      Apache: UP    MySQL: UP
                                                SendMail: UP    IPtables: UP      SSH: UP
                                                LAN port: UP    Fail2Ban: UP   Webmin: UP
                                                GV OAUTH: UP   PortKnock: UP   NR VPN: UP
                                                FaxGetty: UP   IAX Modem: UP  HylaFax: UP

                                                RAM:19MB Scientific Linux 6.7  Disk:4.1GB

                                                Asterisk 13.17.1    Incredible GUI 12.0.39
Anyone have advice?

Might spin up a new server to attempt this with, this one's been running for a couple of years so I think it's time for a refresh anyway.
 

tbrummell

Guru
Joined
Jan 8, 2011
Messages
643
Reaction score
72
Code:
[2019-03-19 07:25:25] VERBOSE[5609][C-00000000] app_dial.c: Called SIP/voipms/4443
[2019-03-19 07:25:25] WARNING[5454][C-00000000] sdp_srtp.c: Could not set SRTP policies
[2019-03-19 07:25:25] WARNING[5454][C-00000000] chan_sip.c: Rejecting secure audio stream without encryption details: audio 18714 RTP/SAVP 0 $
[2019-03-19 07:25:25] VERBOSE[5609][C-00000000] app_dial.c: Everyone is busy/congested at this time (1:0/0/1)
 

tbrummell

Guru
Joined
Jan 8, 2011
Messages
643
Reaction score
72
Thanks Ward, you may have noticed I linked that in my post. It didn't work for me. Curious if it's just me, or something else.
 

wardmundy

Nerd Uno
Joined
Oct 12, 2007
Messages
15,246
Reaction score
2,670
Oops. Sorry. Haven't tried it yet, but it's on my list.
 

tbrummell

Guru
Joined
Jan 8, 2011
Messages
643
Reaction score
72
So I spun up a new server:
Code:
                                                              Incredible PBX/FAX 13-13.10 for CentOS 6

                                                              Asterisk: UP      Apache: UP    MySQL: UP
                                                              SendMail: UP    IPtables: UP      SSH: UP
                                                              LAN port: UP    Fail2Ban: UP   Webmin: UP
                                                              GV OAUTH: UP   PortKnock: UP   NR VPN: UP
                                                              FaxGetty: UP   IAX Modem: UP  HylaFax: UP

                                                              RAM:339MB CentOS release 6.10  Disk:17GB

                                                              Asterisk 13.25.0    Incredible 13.0.122.60
And following the post on DSL Reports, it appears to be successful. I did have to set the system to SSLv1 though, but that was easy to see.

Haven't done extensive testing, but I can call the echo test.
 
  • Like
Reactions: wardmundy

tbrummell

Guru
Joined
Jan 8, 2011
Messages
643
Reaction score
72
Short lived. No incoming with this set up. The call doesn't appear to hit the server, at all. IPTables off and all. If I set it all to un-encrypted the call works.
 

tbrummell

Guru
Joined
Jan 8, 2011
Messages
643
Reaction score
72
I think I'll just wait until Ward produces a nice magic document that has been tested and proven. Or at least something that is known to work, somewhat. Then I'll be an early adopter and give it a whirl. But you are right @markrmcs , it could be a cert issue on my server.
 

kyle95wm

Phone Genius Owner
Joined
Apr 16, 2016
Messages
522
Reaction score
90
Location
Midhurst, ON, Canada
I tried setting things up as per the instructions on DSLReports, and I get this message spamming my console

Code:
[2019-03-21 20:41:27] NOTICE[31385]: chan_sip.c:15920 sip_reg_timeout:    -- Registration for '[email protected]' timed out, trying again (Attempt #3)
[2019-03-21 20:41:27] WARNING[9277]: tcptls.c:900 __ssl_setup: Usage of SSLv2 is discouraged due to known vulnerabilities. Please use 'tlsv1' or leave the TLS method unspecified!
[2019-03-21 20:41:27] ERROR[9277]: tcptls.c:695 handle_tcptls_connection: Problem setting up ssl connection: error:00000006:lib(0):func(0):EVP lib, Unknown
[2019-03-21 20:41:27] WARNING[9277]: tcptls.c:782 handle_tcptls_connection: FILE * open failed!
 

kyle95wm

Phone Genius Owner
Joined
Apr 16, 2016
Messages
522
Reaction score
90
Location
Midhurst, ON, Canada
So I have some good news. After flipping the switch to turn on TLS and selecting the default cert, making sure to set the TLS bind to 5061, changing PJSIP to 5062, performing a reboot, then making sure the settings stuck, inbound calls work.
 

tbrummell

Guru
Joined
Jan 8, 2011
Messages
643
Reaction score
72
I guess you hit on the magic solution. I attempted this again, with a brand new install. I for the life of me cannot make it work. Out works, but nothing in. Must get back to the job that pays the bills now so time to destroy the VM.
 

Members online

PIAF 5 - Powered by 3CX

Forum statistics

Threads
22,456
Messages
138,072
Members
14,620
Latest member
Brads#Bell