Puedes mandar una captura del wireshark en tu SER a ver que pasa con el
INVITE cuando lo mandas desde Internet?
G.
On Tue, 2008-01-15 at 05:49 -0800, Andresdb wrote:
Estimado amigos,
Tengo el siguiente inconveniente y la situación es la siguiente:
INTERNET----<ippublica SER x.x.x.x:5060>----ServerSER----<iplan SER
192.168.1.200:5060>--LAN--<iplan Asterisk 192.168.1.201:5060>
Lo que queremos hacer es utilizar SER como un proxy para no exponer asterisk
a una ip publica.
Si me registro contra el openser con la ip de lan el forward de las llamadas
al Asterisk se hace correctamente, pero si intento registrarme contra la ip
publica me registro al ser pero no puedo hacer llamadas, el forward a la ip
de astrerisk no se hace, te detallo la configuración del cfg de ser, les
agradezco mucho en lo que me puedan ayudar.
openser.cfg
# ----------- global configuration parameters ------------------------
debug=7 # debug level (cmd line: -dddddddddd)
fork=yes
log_stderror=yes # (cmd line: -E)
check_via=no # (cmd. line: -v)
dns=no # (cmd. line: -r)
rev_dns=no # (cmd. line: -R)
children=4
listen=192.168.1.200
listen=200.40.119.215
port=5060
# ------------------ module loading ----------------------------------
# use dbtext database
mpath="/usr/local/lib/openser/modules/"
loadmodule "dbtext.so"
loadmodule "sl.so"
loadmodule "tm.so"
loadmodule "rr.so"
loadmodule "maxfwd.so"
loadmodule "usrloc.so"
loadmodule "registrar.so"
loadmodule "textops.so"
loadmodule "mi_fifo.so"
#loadmodule "mediaproxy.so"
#loadmodule "nathelper.so"
#loadmodule "acc.so"
#loadmodule "exec.so"
#loadmodule "xlog.so"
# modules for digest authentication
loadmodule "auth.so"
loadmodule "auth_db.so"
# ----------------- setting module-specific parameters ---------------
# -- mi_fifo params --
modparam("mi_fifo", "fifo_name", "/tmp/openser_fifo")
# -- nathelper
#modparam("nathelper", "rtpproxy_disable", 1)
#modparam("nathelper", "natping_interval", 30)
#modparam("nathelper", "sipping_from",
"sip:ping@192.168.0.7")
# -- usrloc params --
# use dbtext database for persistent storage
modparam("usrloc", "db_mode", 2)
modparam("usrloc|auth_db", "db_url",
"dbtext:///usr/local/etc/openser/dbtext")
# -- auth params --
#
modparam("auth_db", "calculate_ha1", 1)
modparam("auth_db", "password_column", "password")
modparam("auth_db", "user_column", "username")
modparam("auth_db", "domain_column", "domain")
# -- rr params --
# add value to ;lr param to make some broken UAs happy
modparam("rr", "enable_full_lr", 1)
# ------------------------- request routing logic -------------------
# main routing logic
route{
# initial sanity checks -- messages with
# max_forwards==0, or excessively long requests
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483","Too Many Hops");
exit;
};
if (msg:len >= max_len ) {
sl_send_reply("513", "Message too big");
exit;
};
# we record-route all messages -- to make sure that
# subsequent messages will go through our proxy; that's
# particularly good if upstream and downstream entities
# use different transport protocol
if (!method=="REGISTER") record_route();
# subsequent messages withing a dialog should take the
# path determined by record-routing
if (loose_route()) {
# mark routing logic in request
append_hf("P-hint: rr-enforced\r\n");
route(1);
exit;
};
if (!uri==myself) {
# mark routing logic in request
append_hf("P-hint: outbound\r\n");
route(1);
exit;
};
if (is_method("INVITE")) {
rewritehostport("192.168.1.201:5060");
t_relay();
exit;
}
# if the request is for other domain use UsrLoc
# (in case, it does not work, use the following command
# with proper names and addresses in it)
if (uri==myself) {
if (method=="REGISTER") {
# digest authentication
if (!www_authorize("*", "subscriber")) {
www_challenge("*", "0");
exit;
};
save("location");
exit;
};
lookup("aliases");
if (!uri==myself) {
append_hf("P-hint: outbound alias\r\n");
route(1);
exit;
};
# native SIP destinations are handled using our USRLOC DB
if (!lookup("location")) {
sl_send_reply("404", "Not Found");
exit;
};
};
append_hf("P-hint: usrloc applied\r\n");
route(1);
}
route[1]
{
# send it out now; use stateful forwarding as it works reliably
# even for UDP2TCP
if (!t_relay()) {
sl_reply_error();
};
}