linphone-developers
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Linphone-developers] NAT broken-Interop Issue with Cisco MSE 8710 T

From: Kendall Williams
Subject: Re: [Linphone-developers] NAT broken-Interop Issue with Cisco MSE 8710 Telepresence bridges Need Assistance
Date: Mon, 17 Nov 2014 11:23:25 -0800
Hello Jehan,

Verizon has deployed Cisco Video Communication Control and Expressway Servers.  We do not require or allow our customers to register to our Cisco Video Communication Servers, which provides video call and session control, registrations, and enhanced security for Cisco TelePresence conferences.  Cisco VCS Expressway is required alongside Cisco VCS Control because Verizon is a service provider of the telepresence server. Cisco VCS Expressway allows video traffic to traverse the firewall securely, enabling rich video communications with partners, customers, suppliers, and mobile and teleworkers.  Verizon internal and external customers must traverse public and private VCS's in order to get to the telepresence bridges.  

There is an internal VCS that will allow me register to it but I get the same issue.  When I attempt to register and test from the sip.linphone.org site, I get a security certificate error when I visit this site.  See below.  However, I welcome you to test for yourself by dial address@hidden and see what you get.  Please let me know if you experience the same issue.

Error:

The security certificate presented by this website is not secure.

Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server.
 

We recommend that you close this webpage and do not continue to this website.

 

Recommended iconClick here to close this webpage.


From: Jehan Monnier <address@hidden>
To: Kendall Williams <address@hidden>
Cc: "address@hidden" <address@hidden>
Sent: Wednesday, November 12, 2014 1:53 AM
Subject: Re: [Linphone-developers] NAT broken-Interop Issue with Cisco MSE 8710 Telepresence bridges Need Assistance

Hi Kendal,

I had a quick look on traces.
If I understand correctly what Cisco said, the "TPS" cannot re-invite Linphone because its contact address is private  (I.E 10.0.0.4:56171)?
In such case, I recommend you to first register to a sip proxy like sip.linphone.org to have Contact address fixed. Next, INVITEs sent by linphone should have a public address  in Contact header.

Best regards


Le 11 nov. 2014 à 19:48, Kendall Williams <address@hidden> a écrit :

Hello Jehan,

Have you had an opportunity to look into the issue I described?  Please let me know if we can test together using the Cisco 8710 bridge.  I can set this up fairly quickly and you will be able to see for yourself within 1 minute of connecting to the bridge.

Is there anyone else who can assist if Jehan is unavailable?  I really need to make some type of progress on this matter.

Thanks in advance for your support,

Kendall 

From: Kendall Williams <address@hidden>
To: "address@hidden" <address@hidden>
Cc: "address@hidden" <address@hidden>
Sent: Friday, October 31, 2014 9:57 AM
Subject: Re: [Linphone-developers] NAT broken-Interop Issue with Cisco MSE 8710 Telepresence bridges Need Assistance

Jehan,

Let me know if you would like to dial into my bridge to test from your end.  This way you can see the issue first hand.



From: Kendall Williams <address@hidden>
To: "address@hidden" <address@hidden>
Cc: "address@hidden" <address@hidden>
Sent: Wednesday, October 29, 2014 10:58 AM
Subject: Fw: [Linphone-developers] NAT broken-Interop Issue with Cisco MSE 8710 Telepresence bridges Need Assistance

Jehan,

My apologies for any duplication. I am resending because I received a strange email from this distribution saying there were too many bounced messages to my email account so my account was disabled.  I have re-enabled my account.  Hopefully you will receive my emails without issue.



----- Forwarded Message -----
From: Kendall Williams <address@hidden>
To: Jehan Monnier <address@hidden>
Cc: "address@hidden" <address@hidden>
Sent: Tuesday, October 28, 2014 11:42 AM
Subject: Re: [Linphone-developers] NAT broken-Interop Issue with Cisco MSE 8710 Telepresence bridges Need Assistance

Jehan,

Here are updated debug files.  I, as well as my colleagues, experience the same issue on both VPN and Internet when attempting to access the Cisco MSE 8710 Telepresence bridges in our environment.

Thanks,

Kendall



From: Jehan Monnier <address@hidden>
To: Kendall Williams <address@hidden>
Cc: "address@hidden" <address@hidden>
Sent: Friday, October 24, 2014 8:10 AM
Subject: Re: [Linphone-developers] NAT broken-Interop Issue with Cisco MSE 8710 Telepresence bridges Need Assistance

Hi,

I don't see any call attempt in "connect_via_internet.txt"
Also can you confirm, it works properly when connected via your vpn ?

Cheers



Le 23 oct. 2014 à 18:11, Kendall Williams <address@hidden> a écrit :



Hi,

Yes I have debug files from my VPN connected and Internet connected laptops.  See attached.  Please let me know if you require additional information.

Kendall

From: Jehan Monnier <address@hidden>
To: Kendall Williams <address@hidden>
Cc: address@hidden
Sent: Thursday, October 23, 2014 4:21 AM
Subject: Re: [Linphone-developers] NAT broken-Interop Issue with Cisco MSE 8710 Telepresence bridges Need Assistance

Hi,

Do you have Linphone debug traces showing the issue ?

Thanks


Le 22 oct. 2014 à 19:10, Kendall Williams <address@hidden> a écrit :



I have not received a response yet from the the Developer Community yet.

Can someone please provide a response or assistance?

From: Kendall Williams <address@hidden>
To: "address@hidden" <address@hidden>
Sent: Monday, September 29, 2014 12:47 PM
Subject: NAT broken

Linphone developers and user community,

I am using Linphone to connect to a Open Video Communication/Telepresence (OVC/TPS) bridge from Cisco.  This bridge houseTPS  MSE 8710 blade v3.x.  In this environment I want to make sure that we are able to interop with various SIP clients.  I downloaded Linphone v3.7.0 and configured the client to use TCP/5060 and NAT.  The client is able to connect to the bridge for approximately 50 secs. and then disconnects.  Using UDP/5060 and a STUN server is not an option. Adjusting NAT is also not an option.  I am configured as TCP 5060, behind a NAT firewall.

The bridges sit behind Cisco Video Communication Servers (X7.2.3) which face the internet and use traversal licenses. Linphone had worked prior to the blades being upgraded to v3.x but has since stopped working.  NAT is definitely issue in this case. According to Cisco, when the TPS re-invites for DTLS negotiation (added in 3.x or higher of TPS) this is going to the wrong address because LinPhone is populating incorrectly.  In older versions of TPS we had  a bug where the Contact Header was not properly updating per RFC spec.  Cisco fixed that bug and now Linphone no longer works with OVC correctly.

I am being directed to Linphone for a fix or resolution to this issue.  Is there something I can do here get the Linphone functioning once again?

Thanks,
Kendall



_______________________________________________
Linphone-developers mailing list
address@hidden
https://lists.nongnu.org/mailman/listinfo/linphone-developers



<connect_via_vpn.txt><connect_via_Internet.txt>












reply via email to
[Prev in Thread] Current Thread [Next in Thread]