This document explains how to set up custom interconnection with operator Bayern
Created: October 2022
Permalink: https://wildix.atlassian.net/wiki/x/AQD7Aw
To make interconnection with Bayern operator, follow the steps below:
Upload the following CA certificates to the PBX, to the /etc/ssl/certs:
Execute the below CLI command to add these certificates to the system:
update-ca-certificates
From the operator, get the certificate file (e.g. ssl_sometext.bayern.de.p12) and upload it to the PBX
On the PBX, make .key and .pem files from the .p12:
openssl pkcs12 -in ./ssl_something.bayern.de.p12 -out /etc/kamailio/ssl/ssl_something.bayern.de.key -nocerts -nodes openssl pkcs12 -in ./ssl_something.bayern.de.p12 -out /etc/kamailio/ssl/ssl_something.bayern.de.pem -clcerts -nokeys
Copy the current tls config file for SIP proxy:
cp /etc/kamailio/tls.cfg /etc/kamailio/tls_custom.cfg
- At the end of the file /etc/kamailio/tls_custom.cfg add the following block:
[client:any]
method = TLSv1.2
verify_certificate = yes
require_certificate = yes
ca_path = /etc/ssl/certs
server_name = esbc1.bybn.de
private_key = /etc/kamailio/ssl/ssl_sometext.bayern.de.key
certificate = /etc/kamailio/ssl/ssl_sometext.bayern.de.pem[server:10.48.130.165:5061]
method = TLSv1.2
verify_certificate = yes
require_certificate = yes
ca_path = /etc/ssl/certs
private_key = /etc/kamailio/ssl/ssl_sometext.bayern.de.key
certificate = /etc/kamailio/ssl/ssl_sometext.bayern.de.pem
where:
- esbc1.bybn.de = server name, which should be provided to you by the operator
- 10.48.130.165 = an IP address of your interface for connection to the operator
7. Add the below row to the file /etc/kamailio/cfg.d/host_specific_custom.cfg:
modparam("tls", "config", "/etc/kamailio/tls_custom.cfg")
8. Restart the SIP proxy service:
systemctl restart kamailio.service
9. Set up trunk on the wms-interface with:
- Transport TLS
- Port 5061
- Enabled SDES-SRTP checkbox