I’m having trouble with Sangoma talk app. It keeps trying to register but fails with “effective transport unspecified”. Has anyone solved this? I have a Fortinet firewall with port 5061UDP and RTP10000-20000 open, but RTP ports are closed when scanned. Any suggestions?
Here are the logs:
2023-07-31T20:40:08.441Z (1690836008441522)
Sip::Registration::onTransportError
Correlation Id: SiphoneUserAgent[104865000]SipUserAgent[104866200]
State: Registering
Retry: No
Error: GENERIC(3): Subcomponent Failure
In ali_net_connection2.cpp:457
ALI-SOCKET(4): Cannot Connect
In ali_net_tls_socket_impl2.cpp:802
Note: Remote Address: xxxxxxxxxxxxxx
TLS-ALERT(40): Handshake Failure (40)
In ali_protocol_tls_client.cpp:1684
2023-07-31T20:40:08.441Z (1690836008441552)
Sip::Registration::setState
Correlation Id: SiphoneUserAgent[104865000]SipUserAgent[104866200]
Current State: Registering
Next State: Error
getCurrentState: return state: Error
REGSTATECHANGED, current=Error
isCommunicationAllowed: network=Cellular
isCommunicationAllowed: effective transport Unspecified
2023-07-31T20:40:08.442Z (1690836008442703)
DialogSubscriptionAgentSeparate::resetDialogEvents_Basic
Reset Type: Soft
Active Subscription Count: 0
Pending Subscription Count: 0
Active:
Pending:
AgentWithRegistration::scheduling reconnect with timeout of 4000 ms
getCurrentRealState: return state: Error
getCurrentState: return state: Error
2023-07-31T20:40:08.442Z
onRegistrationStateChanged, accountId=0GMlnAlCFhX6jnsV
getCurrentState: return state: Error
getCurrentState: return state: Error
isCommunicationAllowed: network=Cellular
isCommunicationAllowed: effective transport Unspecified
getCurrentState: return state: Error
getCurrentState: return state: Error
isCommunicationAllowed: network=Cellular
isCommunicationAllowed: effective transport Unspecified
getCurrentState: return state: Error
getCurrentState: return state: Error
isCommunicationAllowed: network=Cellular
isCommunicationAllowed: effective transport Unspecified
Solved! Go to Solution.
Hi @truevalueit
Thank you for posting your query here.
From the attached logs we are observing error "TLS-ALERT(40): Handshake Failure (40)
In ali_protocol_tls_client.cpp:1684" followed by "effective transport Unspecified".
In the detail, you mentioned you are using port 5061 UDP for the call registration. However, the error is pointing toward the TCP handshake. Could you please confirm the port and protocol used for the call registration?
Could you please try using the UDP SIP 5060 or TCP 5060 for call registration and confirm?
If still you face issues in call registration then please collect the below sniffer log from the FGT and share it with us:-
diag sniffer packet any 'host x.x.x.x' 6 0 l -----where x.x.x.x is the source IP of the phone you are making a call from
Regards
Priyanka
- Have you found a solution? Then give your helper a "Kudos" and mark the solution.
Hi @truevalueit
Thank you for posting your query here.
From the attached logs we are observing error "TLS-ALERT(40): Handshake Failure (40)
In ali_protocol_tls_client.cpp:1684" followed by "effective transport Unspecified".
In the detail, you mentioned you are using port 5061 UDP for the call registration. However, the error is pointing toward the TCP handshake. Could you please confirm the port and protocol used for the call registration?
Could you please try using the UDP SIP 5060 or TCP 5060 for call registration and confirm?
If still you face issues in call registration then please collect the below sniffer log from the FGT and share it with us:-
diag sniffer packet any 'host x.x.x.x' 6 0 l -----where x.x.x.x is the source IP of the phone you are making a call from
Regards
Priyanka
- Have you found a solution? Then give your helper a "Kudos" and mark the solution.
After some digging, I was able to address the issue by switching the transport from tls to udp and it now works. I applied some hardening to the policy. Thank you for your help.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.