search for: verify_server

...(over TLS), but always says ?No matching endpoint found? in the asterisk log. pjsip.conf [transport-tls] type = transport protocol = tls bind = 0.0.0.0:5061 cert_file=cert_file priv_key_file=key_file method=tlsv1 external_media_address=X.Y.Z.D external_signaling_address=X.Y.Z.D verify_client=no verify_server=no allow_reload=yes [twilio](!) type=endpoint transport=transport-tls context=from-twilio disallow=all allow=ulaw dtmf_mode=inband media_encryption=sdes rtp_symmetric=yes rewrite_contact=yes force_rport=yes canreinvite=no tlsdontverifyserver=yes [auth-out](!) type=auth auth_type=userpass [twili...

Hello Steve, use the following configuration for the transport and bind this transport to the trunk: [transport_name] type=transport protocol=tls bind=192.168.13.24 ; your bind IP ca_list_file=/etc/pki/tls/certs/ca-bundle.crt ; method=tlsv1_2 verify_server=yes allow_reload=no ;tos=0xb8 ;cos=3 external_media_address=your.ext.host.name ; hostname pointing to your ext. IP external_signaling_address=your.ext.host.name ; hostname pointing to your ext. IP local_net=192.168.0.0/24 # your local net Regards Michael On 07.04.23 at 17:25 Steve Matzura wrot...

...Hello Steve, > > use the following configuration for the transport and bind this > transport to the trunk: > > [transport_name] > type=transport > protocol=tls > bind=192.168.13.24 ; your bind IP > ca_list_file=/etc/pki/tls/certs/ca-bundle.crt > ; method=tlsv1_2 > verify_server=yes > allow_reload=no > ;tos=0xb8 > ;cos=3 > external_media_address=your.ext.host.name ; hostname pointing to your > ext. IP > external_signaling_address=your.ext.host.name ; hostname pointing to > your ext. IP > local_net=192.168.0.0/24 # your local net > > > Reg...

I want to configure communication with my phone provider using TLS for all the obvious reasons. Since I'm behind a firewall, I'll be needing to do it with NAT. There are examples of UDP plus NAT in pjsip.conf, but none for TLS plus NAT. Would it be correct to set up the TLS transport stanza to look like the [transport-udp-nat] stanza example, replacing UDP with TLS in lines like

...xternal_signaling_port : 0 local_net : method : tlsv1 password : priv_key_file : protocol : tls require_client_cert : No tos : CS0 verify_client : No verify_server : No And this is the relevant SIP data exchange (with public IP hidden): *CLI> <--- Received SIP request (2420 bytes) from WS:10.10.5.106:54411 ---> INVITE sip:204 at 10.10.5.49 SIP/2.0 Via: SIP/2.0/WS df7jal23ls0d.invalid;branch=z9hG4bKiBw81ooU7ybSRbRqr8TOqWkMPQRdkMXo;rpo...