Yealink Forums

I've noticed on my T32 that with TLS enabled, the phone seemingly fails to process calls every now and then. The phone sends an INVITE out and the switch responds with a 401 Unauthorized (normal). The phone responds with an ACK. From here it tries another INVITE, but apparently the TLS port is closed. It correctly tries to REGISTER again and succeeds, but it doesn't retry the INVITE. I would expect the phone to retry the INVITE after the REGISTER succeeds. I'm using SRTP as well for what it's worth.


Below is a trace from the Yealink log. I wiped out some items that I didn't want to be public.

453701 Mar 20 16:13:21 192.168.1.184 syslog[407]: INVITE sip:7796798@blah:MYPORT SIP/2.0
453702 Mar 20 16:13:21 192.168.1.184 syslog[407]: Via: SIP/2.0/TLS 192.168.1.184:37114;branch=z9hG4bK45311475
453703 Mar 20 16:13:21 192.168.1.184 syslog[407]: From: "Jim Beckner III" <sip:001565408257@blah:MYPORT>;tag=246342062
453704 Mar 20 16:13:21 192.168.1.184 syslog[407]: To: <sip:7796798@blah:MYPORT>
453705 Mar 20 16:13:21 192.168.1.184 syslog[407]: Call-ID: 943985186@192.168.1.184
453706 Mar 20 16:13:21 192.168.1.184 syslog[407]: CSeq: 1 INVITE
453707 Mar 20 16:13:21 192.168.1.184 syslog[407]: Contact: <sip:001565408257@192.168.1.184:37114;transport=TLS>
453708 Mar 20 16:13:21 192.168.1.184 syslog[407]: Content-Type: application/sdp
453709 Mar 20 16:13:21 192.168.1.184 syslog[407]: Allow: INVITE, INFO, PRACK, ACK, BYE, CANCEL, OPTIONS, NOTIFY, REG ISTER, SUBSCRIBE, REFER, PUBLISH, UPDATE, MESSAGE
453710 Mar 20 16:13:21 192.168.1.184 syslog[407]: Max-Forwards: 70
453711 Mar 20 16:13:21 192.168.1.184 syslog[407]: User-Agent: Yealink SIP-T32G 32.70.1.33
453712 Mar 20 16:13:21 192.168.1.184 syslog[407]: Supported: replaces
453713 Mar 20 16:13:21 192.168.1.184 syslog[407]: Allow-Events: talk,hold,conference,refer,check-sync
453714 Mar 20 16:13:21 192.168.1.184 syslog[407]: Content-Length: 486
453715 Mar 20 16:13:21 192.168.1.184 syslog[407]:
453716 Mar 20 16:13:21 192.168.1.184 syslog[407]: v=0
453717 Mar 20 16:13:21 192.168.1.184 syslog[407]: o=- 20016 20016 IN IP4 192.168.1.184
453718 Mar 20 16:13:21 192.168.1.184 syslog[407]: s=SDP data
453719 Mar 20 16:13:21 192.168.1.184 syslog[407]: c=IN IP4 192.168.1.184
453720 Mar 20 16:13:21 192.168.1.184 syslog[407]: t=0 0
453721 Mar 20 16:13:22 192.168.1.184 syslog[407]: m=audio 11796 RTP/SAVP 9 0 101
453725 Mar 20 16:13:22 192.168.1.184 syslog[407]: a=rtpmap:9 G722/8000
453726 Mar 20 16:13:22 192.168.1.184 syslog[407]: a=rtpmap:0 PCMU/8000
453727 Mar 20 16:13:22 192.168.1.184 syslog[407]: a=fmtp:101 0-15
453728 Mar 20 16:13:22 192.168.1.184 syslog[407]: a=rtpmap:101 telephone-event/8000
453729 Mar 20 16:13:22 192.168.1.184 syslog[407]: a=ptime:20
453730 Mar 20 16:13:22 192.168.1.184 syslog[407]: a=sendrecv

THE UNAUTHORIZED COMES HERE. I ONLY CLIPPED OUT THE TOP OF THE MESSAGE

453733 Mar 20 16:13:22 192.168.1.184 syslog[407]: SIP/2.0 401 Unauthorized

THE PHONE ACKS AND RESPONDS AGAIN. AGAIN I ONLY CLIPPED OUT THE TOP AS THE INVITE IS WHAT YOU SEE ABOVE WITH THE AUTH HEADER

453761 Mar 20 16:13:22 192.168.1.184 syslog[407]: INVITE sip:7796798@BLAH:MYPORT SIP/2.0

453793 Mar 20 16:13:22 192.168.1.184 syslog[407]: <0> | ERROR | SSL ERROR ZERO RETURN - SHUTDOWN
453794 Mar 20 16:13:22 192.168.1.184 syslog[407]: <0> |WARNING| TLS closed
453795 Mar 20 16:13:22 192.168.1.184 syslog[407]: <0> | LEVEL4 | Register status changed to [(LS_REGISTER_FAIL) -- (3)], reason = [<info failid="" failreason=""/>]

AT THIS POINT THE TLS PORT CLOSED FOR WHATEVER REASON. THE PHONE REGISTERS 3 SECONDS LATER.

453962 Mar 20 16:13:25 192.168.1.184 syslog[407]: REGISTER sip:BLAH:MYPORT SIP/2.0

THE PHONE GETS THE OK BACK ON THE REGISTER

454032 Mar 20 16:13:25 192.168.1.184 syslog[407]: SIP/2.0 200 OK

AT THIS POINT I WOULD EXPECT THE PHONE TO TRY THE INVITE AGAIN, BUT IT DOESN'T. IT EVENTUALLY JUST GIVES THE "CALL TIMEOUT" MESSAGE ON THE SCREEN OF THE PHONE. THE VERY NEXT CALL I MAKE WORKS AS EXPECTED.

I'M GOING TO SHORTEN THE QUALIFY TIME ON MY ASTERISK SERVER TO SEE IF I CAN PREVENT THE TLS PORT FROM SHUTTING, BUT EITHER WAY THIS SEEMS LIKE A BUG TO ME. I CAN PROVIDE THE FULL LOG IN A PM IF DESIRED.

Thanks for your information , would you please share us the full pcap trace and config.bin file and the level 6 syslog that we can submit them to the for debug ? you can send them to support@yealink.com .
Also, would you please let us know how many phones you have ? all have the same issue ?
and how often the issue happen ?
please provide us these information to the support@yealink.com as well that we can understand the issue better.
Thanks for your help and sorry for the incovenient.

Flora,

I have emailed everything you requested.

We have about 35 phones (mostly T32s, some T38s). The issue is pretty frequent on the T32. We don't use TLS by default here, but we are trying to go that route for security. I have tried a factory reset and that did not resolve the issue.

Thanks,

Jim

Thanks Jim ,I have received your email , will forward them to the R&D

Hello Jim,
I have replied the email about the reason , please check if you can upgrade the server to fix the issue.
Best Regards!
Flora

I am experiencing the same issue with our Yealink phones. We have T42G, T46G and T48G connected to a Bicom Systems server. In testing we can call extensions (4-digits) all we want but any other dial strings results in random failures. SIP logs on the phone show the exact same processing as described by kg4ysy's post. We have tried various versions of the phone software with the same results.

What is causing this and what needs to be done to resolve this issue?

(06-20-2015 10:18 AM)fsmith Wrote: [ -> ]I am experiencing the same issue with our Yealink phones. We have T42G, T46G and T48G connected to a Bicom Systems server. In testing we can call extensions (4-digits) all we want but any other dial strings results in random failures. SIP logs on the phone show the exact same processing as described by kg4ysy's post. We have tried various versions of the phone software with the same results.

What is causing this and what needs to be done to resolve this issue?

Upgrading Asterisk fixed the issue for me. Since upgrading, I haven't had a single issue with TLS.

We use a system from a vendor so upgrading the asterisk version isn't really an issue. In Flora's response they said they sent you the reason for this. Can you post that so I can pass it on to our vendor?

What version of Asterisk did you have to upgrade to?

I am on 1.8.32.2.

This is from Flora from Yealink Support in an email they sent me...

Quote:After the engineer investigated the issue, it is the server disconnect the TLS sometimes, not the phone issue.
You can upgrade the server version of the Asterisk to fix the issue , would you please help check?
Below is the related info
：https://issues.asterisk.org/jira/browse/ASTERISK-19003
http://asteriskfaqs.org/2011/12/12/aster...erisk.html

Thanks for your reply, that helped.

The link in the yealink response lead me to the real answer. The problem turned out to be an issue with the size of the tls header and our version of asterisk. We managed to get header compression enabled on the phones which solved our issue.