returned -2

Home » Asterisk Users » returned -2
Asterisk Users 2 Comments

I’m having trouble setting up tls/srtp secure communications on my
Asterisk server- I’m still rather new at working with Asterisk.

I have enabled tls and encryption and I have csipsimple with tls build
on the phone. I’m currently only testing one phone with this capability
so far, and the rest still work in the current state.

My logging looks like this with verbose turned up:

[Jun 7 11:44:13] NOTICE[88483]: chan_sip.c:19842
handle_response_peerpoke: Peer ‘‘ is now Reachable. (171ms / 2000ms)
[Jun 7 11:46:17] NOTICE[88483]: chan_sip.c:25072 sip_poke_noanswer:
Peer ‘
‘ is now UNREACHABLE! Last qualify: 203
[Jun 7 11:46:29] NOTICE[88483]: chan_sip.c:19842
handle_response_peerpoke: Peer ‘
‘ is now Reachable. (1888ms / 2000ms)

When I call on this phone I get:

[Jun 7 11:40:47] WARNING[88483]: chan_sip.c:3280 __sip_xmit: sip_xmit
of 0x2c992000 (len 599) to 192.168.0.200:36129 returned -2: Invalid argument
[Jun 7 11:41:01] WARNING[88483]: chan_sip.c:3280 __sip_xmit: sip_xmit
of 0x2c992000 (len 599) to 192.168.0.200:36129 returned -2: Invalid argument
[Jun 7 11:41:15] WARNING[88483]: chan_sip.c:3280 __sip_xmit: sip_xmit
of 0x2c992000 (len 599) to 192.168.0.200:36129 returned -2: Invalid argument
[Jun 7 11:41:29] WARNING[88483]: chan_sip.c:3280 __sip_xmit: sip_xmit
of 0x2c992000 (len 599) to 192.168.0.200:36129 returned -2: Invalid argument

2 thoughts on - returned -2

  • I’m still no further advanced on this, but I think I have narrowed it
    down to tls. I have sip debug logs which shows that the server cannot
    contact the tls enabled phone at the same time this error crops up. The
    log says “calling ” and then the error.

    With TLS disabled, though, SRTP still doesn’t work either though. I have
    no knowledge of how to move forward on this, so some pointers would be
    very much appreciated.

  • I know I’ve bumped this already now, but I do need to resolve this and
    I’ve only been replying to myself.

    I’ve tried another client now (Jitsi), which was the only one with
    tls/srtp support that will run on freebsd, and it suffers the same problem.

    I am very confused now as to why the only client that is demonstrated in
    the docs is blink and is the only client to support a client
    certificate. Is this the only way that this works- to have a server
    _and_ a client certificate? Is this the source of the problem? Does this
    mean asterisk is broken in this regard?