Thanks, Benny, Klaus. ? I tested with version 0.9 and what I saw is that there is first one registration and one deregistration in order to take the external port the request is coming out of on the NAT and then this port is used in the subsequent?REGISTER and next packets. I have a question about this feature: ? ?- Which port is exactly taken: ???a) the one which is returned in "rport=<the_server_sees_this_as_source_port>", which is the port from which the server sees the TCP connection coming from,?or, ???b) the port which is?before that, in?the "10.0.5.112:1865" part, which I assume is the local source port PJSIP is using/has been given by the OS?and is not changed by the server. Example: SIP/2.0 200 OK Via: SIP/2.0/tcp 10.0.5.112:1865;rport=1865;branch=z9hG4bKPj0614168df743473d8941f72c6f094cc8 ... I assume the answer?is a), but if the?client is behind NAT/PAT, the rport can be potentially different than the port in b) and the issue I am describing in my first posting can happen again. The issue is that the IP/port address in the Contact header is different than the IP/port in the Via header and while this is not an issue for the responses coming from the server (they go back through the same TCP connection the request?came from) subsequent requests coming from the server (like NOTIFY) are not sent through the same TCP connection but the server is trying to establish a new one, simply because it doesn't have an established TCP connection associated with?the endpoint advertised in the Contact header, where the port is different than the port in the Via header. It is really not a matter of having the real external IP/port but having the same IP/port as in the Via header -?that is the?local source IP/port that PJSIP is sending from. (I think in the case when TCP connection is used neither the client nor the server should be caring for the external IP/port of the client, isn't that so?). What I really need is just the local source port which PJSIP is?making the connection out?of and not the external port from which the TCP connection is going out of the NAT. The local source port should be an information PJSIP keeps somewhere and my question is?I can obtain this information and if not maybe can I tell PJSIP on which local port to bind and make the connection out of so that the application can control this? Or maybe borrowing the idea from above, I can do?the three-way registration but taking not the rport but the local source port from the Via header. Thanks, Ivan. ----- Original Message ---- From: Benny Prijono <bennylp@xxxxxxxxx> To: pjsip list <pjsip at lists.pjsip.org> Sent: Wednesday, August 27, 2008 1:38:15 AM Subject: Re: How to get/control the source port used for TCP/TLS transport On Tue, Aug 26, 2008 at 11:49 PM, Klaus Darilion <klaus.mailinglists at pernau.at> wrote: Hi! Actually the Via header of the response of the REGISTER could be used to get the received IP and rport and then use this as contact in all requests. Benny, have'nt you recently added such a feature? Yes, that's exactly what pjsip will do, and this feature should be available in 0.9. But as you said, it requires the client to register first to the server, and I'm not sure if this is the case by just looking at the SUBSCRIBE request. Cheers ?Benny ? regards klaus Ivan Genov wrote: > Hi, > I am using TLS connection to connect to an OpenSER server. The problem I experience is that the server establishes a second TLS connection to the client when it needs to send a request to the client (a NOTIFY packet). It looks like the issue is because the client originates the TCP connection from one port but advertises a different port in the Contact header, as can be seen from the packet below: > ----------------------------------------------------------------- > SUBSCRIBE sips:ivan at 10.0.5.5 SIP/2.0 > Via: SIP/2.0/tls 10.0.5.112:2013;rport;branch=z9hG4bKPj6a7bed4a838c416fa70d57c85ef98e21 > Max-Forwards: 70 > From: "Ivan" <sips:ivan@10.0.5.112>;tag=8e8c2497ec8e4edeb3fc031ad861698d > To: sips:ivan at 10.0.5.5 > Contact: "Ivan" <sips:ivan at 10.0.5.112:5061;transport=TLS> > Call-ID: 41d9d9772e89462ca9e71e225d03f596 > CSeq: 18467 SUBSCRIBE > Event: custom-event > Expires: 120 > Accept: text/plain > Allow-Events: presence, refer, custom-event > Content-Type: text/plain > Content-Length: 6 > > 010203 > ----------------------------------------------------------------- > This makes the server not reuse client's TLS connection because 10.0.5.112:5061 is different endpoint than 10.0.5.112:2013. As a result the server is establishing a connecion to 10.0.5.112:5061. > So what I need to do is ensure that the port advertised in the Contact header is the same as the one being used as source TCP port. > Is it possible PJSIP be configured to automatically put the source TCP port in the Contact header somehow, or maybe if the application can obtain the source port which is _going to_ be used before sending the packet, or if the application can control the source TCP port used and provide/set it to PJSIP? > Thanks, > Ivan. >