News:

On Tuesday September 6th the forum will be down for maintenance from 9:30 PM to 11:59 PM PDT

Main Menu

TLS between Obi200 and Simonics GVGW

Started by Yess, April 20, 2018, 04:01:59 PM

Previous topic - Next topic

Yess

I have an OBI200 configured to access Google Voice via the Simonics GVGW.  Everything is working fine as configured, but...

The Simonics website indicates that the GVGW supports TLS for encrypted signaling between phone and the gateway (https://simonics.com/services/), and I see indications in this forum that some people have successfully configured their Obi devices to use TLS with the Simonics GVGW (http://www.obitalk.com/forum/index.php?topic=13254.0).

However, I have not been successful in my attempts to configure TLS.  I sent email to Bill Simon, and he indicated that since he does not have an Obi device, he can't provide full guidance.  He suggested that I seek help in this forum.

I tried to make the changes described by yehob150 in the above referenced thread, but the Obi Expert interface would not allow me to even enter changes, let alone save them.  Next I tried to make the yehob150 suggested changes via the local admin interface to the obi200, which resulted in my not being able to register with gvgw.simonics.com (possibly because some of the changes did not survive rebooting the Obi).  Finally I tried editing SP1 via obitalk.com basic interface to change server ports to 5061, which again resulted in my not being able to register with gvgw.simonics.com (I did not actually expect this particular attempt to work, but I tried anyway).  I continue to be able to connect successfully to GVGW if I revert back to config as it was before making changes.

If there is anybody reading this who has successfully configured their OBI200 (or similar) device to use TLS when accessing the Simonics GVGW, would you please post instructions on how?

Thanks in advance for your help.

ProfTech

#1
I use Simonics but with Asterisk and an Obi 110. I tried in earnest last weekend to get tls working with Asterisk and Simonics on my Obi 110 so might be able to shed some light. First, from your post it looks like you were using the portal when you tried to make changes the first time. If you're going to use the portal you must use the expert mode and clear both check boxes to the right of any change you are trying to make first,  before you make a change in the field. Then after you make the desired change, click submit at the bottom and wait at least 60 seconds for the Obi to reboot before doing anything else.
2nd. The Obi 200 contains a field in the SIP section "X_OutboundProxyTransport". Make sure you either set it to FollowProxyServerTransport [and make sure the proxy server is set for tls] or set both to tls. That field doesn't exist in the 110 and I think may have been what kept me from getting tls to work with my 110. I don't know what port Simonics uses for tls. Bill should be able to give you that info.

Good luck

billsimon

TLS is on the standard port 5061/tcp. Also, there are SRV records in place for the service, so you should not need to specify a port. Select TLS and let it do the proper SRV lookup.

Yess

Thank you very much ProfTech and billsimon.

The thing I was doing wrong prior to my original post was not unchecking both boxes.  I was under the mistaken impression that, since the "Device Default" box is checked by the act of unchecking the "ObiTalk Settings" box, that one or the other of the boxes had to be checked.

Gvgw.simonics.com is set up on SP1.  I tried both of the following configurations and was able to successfully connect and make outgoing and incoming calls with each.  Currently Config2 is in place.  Hopefully if I did something really wrong, I would not be able to connect.

Are there any changes that I should also make to Voice Services for SP1?  For example, should I change X_KeepAliveServerPort from 5060 to 5061?

Config1:
TLS for ProxyServerTransport and the X_OutboundProxyTransport
X_UserAgentContactFollowProxyServerTransport not checked (not intentionally)
Port 5061 explicitly specified for ProxyServerPort, RegistrarServerPort, OutboundProxyPort, and X_EchoServerPort.

Config2
TLS for ProxyServerTransport and the X_OutboundProxyTransport
X_UserAgentContactFollowProxyServerTransport checked
No port specified for ProxyServerPort, RegistrarServerPort, OutboundProxyPort, and X_EchoServerPort.