Hi,
After some testing on the latest release, i have some problem doing the
following on LINUX :
Scenario :
- SIP Phones behind a NAT
- SER server under linux with rtpproxy launched
- a 3660 cisco gateway with PSTN connectivity enabled.
When i call with SIP phone a PSTN number, everything is OK BUT no sound
anywhere.
I could not find a sample ser.cfg script that reflect this scenario. Could
someone send me this scenario ?
Maybe i missunderstood some things. In particular, do i need to launch two
instances of ser (one for outbound proxy, another for request. If yes, how to
do that)
Thanks.
> -----Original Message-----
> From: Jan Janak [mailto:jan@iptel.org]
> Sent: Thursday, March 18, 2004 10:38 am
> To: Ticknor, Scott: DGSE
> Cc: serusers(a)lists.iptel.org
> Subject: Re: [Serusers] authentication recommnedations
>
>
> Yes, there is an explanation. The default configuration file
> authenticates REGISTERs only. If you want to authenticate calls
> (INVITEs) as well, then you have to modify the configuration file and
> insert additional authentication when INVITE is being processed.
>
> But be careful -- you cannot authenticate all INVITE messages because
> foreing users will be not able to call your subscribers (foreign users
> have no username and password on your server). You should check if the
> INVITE is coming from one of your subscribers and then authenticate.
>
> Jan.
ah ok so i have to play with the routing logic, good good.this will be fun
merci tout le monde
> -----Original Message-----
> From: Nils Ohlmeier [mailto:nils@iptel.org]
> Sent: Thursday, March 18, 2004 10:38 am
> To: serusers(a)lists.iptel.org
> Cc: Ticknor, Scott: DGSE
> Subject: Re: [Serusers] authentication recommnedations
>
>
> You have to activate authentication for all type message by
> hand, like you
> allready did for REGISTER by uncommenting the lines in the config.
> Without seeing your config and watching into my crystal ball
> i guess you
> configuration only authenticates REGSITER messages. RADIUS
> will help you in
> no way, because you also have to place the autentication
> parts at the right
> places of your config.
>
> Nils
ok i think i see what you mean , ie:
if (method=="INVITE") {
www_challenge("sip.foo.bar", "0");
....
}
? i will give this a shot
thanks nils
Hello
I have successfully installed and configured Serweb but cannot login to
the web site. I enter admin / heslo and the web page just refreshes. I
am not logged in. Can some one point me in the right direction? I am
completely stumped.
"register_globals=On" and "short_open_tag=On" in /etc/php,ini
My configuration:
Redhat Taroon updated
ser-0.8.12-0
sems-0.1.1-0
php-4.3.2-7.ent
mysql-3.23.56-1.9
mysql-server3.23.56-1.9
php-mysql-4.3.2-7
httpd-2.0.46-26.ent
serweb_2004-01-04.tar.gz
Best regards
Harry
Hi,
Is that a way to check the Top most Via rport with the sender's port?
I have a UA capable of detecting its symmetric NAT's public address and
advertise it in the SIP message. Below is an example of the message. The
device has private address 192.168.x.x and is set to listen SIP message at
port 5070, the NAT's public address is y.y.y.y, the register is listening at
public address z.z.z.z port 5060.
UA1 192.168.5.5:5070 --> NAT (y.y.y.y:60500) --> Proxy z.z.z.z:5060
SEND >> z.z.z.z:5060
REGISTER sip:xyz.org SIP/2.0
Via: SIP/2.0/UDP
y.y.y.y:5070;rport;branch=z9hG4bKA38B122163B34FA9B039C915AA2ACB43
From: UA1 <sip:ua1@xyz.org>
To: UA1 <sip:ua1@xyz.org>
Contact: "UA1" <sip:ua1@y.y.y.y:5070>
Call-ID: F75DAF8081B44B62905C14B20CC7421C(a)xyz.org
CSeq: 7900 REGISTER
Expires: 1800
Max-Forwards: 70
User-Agent: Some SIP User Agent
Content-Length: 0
RECEIVE << z.z.z.z:5060
SIP/2.0 200 OK
Via: SIP/2.0/UDP
y.y.y.y:5070;rport=60500;branch=z9hG4bK381E2433E71D4FE995B208FFD8AF8F15
From: UA1 <sip:ua1@xyz.org>
To: UA1 <sip:ua1@xyz.org>;tag=794fe65c16edfdf45da4fc39a5d2867c.8eac
Contact: "UA1" <sip:ua1@y.y.y.y:5070>
Call-ID: F75DAF8081B44B62905C14B20CC7421C(a)xyz.org
CSeq: 7900 REGISTER
Contact: <sip:ua1@y.y.y.y:5070>;q=0.00;expires=1800
Server: Sip EXpress router (0.8.12-tcp_nonb (i386/linux))
Content-Length: 0
Warning: 392 z.z.z.z:5060 "Noisy feedback tells: pid=18470
req_src_ip=y.y.y.y req_src_port=60500 in_uri=sip:xyz.orgout_uri=sip:xyz.org
via_cnt==1"
Here, the client 192.168.5.5 (not show in the message) send a message with
source address 192.168.5.5 source port 5070 to proxy z.z.z.z port 5060.
Because of some intellegence in the UA (STUN in this case), it determines
that the public address of the NAT is y.y.y.y.
When contructing the Register request, it use the public IP y.y.y.y in the
Via and Contact header. The message, upon reaching the NAT, be translated to
have source address y.y.y.y and port 60500. None of the nat_uac_test()
function can detect that the UA is behide NAT and thus save the contact as
sip:y.y.y.y:5070. The reply of the register is fine as it follow the rport.
If however, someone invite this client, SER will return sip:y.y.y.y:5070.
Due to the nature of symmetric NAT, port 5070 is block and cannot reach UA1.
I know I can setup PAT to have all incoming traffic with port 5070 to
forward to 192.168.5.5 and make is looks like restricted cone NAT but the
NAT device is own by the customer and I have no control.
Is there a way in SER that I can check the rport with the source port, if
different, rewrite the contact as sip:[source address]:[rport]?
Regards,
Zeus Ng, CISSP, CCSA
Principal Consultant
iSquare Technology
Tel: +61 2 9419 3887
Fax: +61 2 9410 2629
Mob: 0416 135 794
Email: zeus.ng(a)isquare.com.au
**********************************************************************
This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error, you are prohibited from reading,
copying, distributing and using the information. Please contact the sender
immediately by return email and destroy the original message.
******************************************************************
I can't help you with the cvs version as I never used it (and it will
cause problems as its under heavy developement). If you don't need
IPv4-IPv6 translation and separation of rtpproxy from ser, than I
suggest to use 0.8.12 stable and the corresponding rtpproxy.
ethereal: just sniff all packets without filter. You should see the RTP
streams sent to the IP address and port numbers in the SDP of INVITE and
200 OK.
Watch for ICMP errors.
Klaus
Fábio Silvestri wrote:
> I'm using cvs version of ser on outbound proxy, and tgz of rtpproxy cvs
> version of rtpproxy, I got 'rtpproxy syntax error' messages.
>
> Klaus, what kind of information on ethereal I need to look?
>
>
>
> Klaus Darilion wrote:
>
>> You have to use rtpproxy v20040105 if you're working with 0.8.12 stable.
>>
>> What do you mean with "both clients behind a proxy"? The clients are
>> registered at different proxies? Then only one proxy has to enable the
>> rtpproxy.
>>
>> klaus
>>
>> Fábio Silvestri wrote:
>>
>>> After cvs update on rtpproxy, now I'm getting this message when running:
>>>
>>> # rtpproxy -2f:
>>>
>>> rtpproxy: rtpproxy started, pid 1681
>>> rtpproxy: command syntax error
>>> rtpproxy: command syntax error
>>> rtpproxy: command syntax error
>>> rtpproxy: command syntax error
>>> rtpproxy: command syntax error
>>>
>>>
>>>
>>> Fábio Silvestri wrote:
>>>
>>>> Hi!
>>>>
>>>> I have a outbound proxy configured and working very well, but I have
>>>> a little problem, when both clientes are registered on SER and
>>>> behind a proxy!
>>>>
>>>> The call's don't work, or the phone rings one time only, and in all
>>>> cases the return voice, can't be listen.
>>>>
>>>> Klaus, i'm using a script I have founded from you!
>>>>
>>>> Regards.
>>>>
>>>> Klaus Darilion wrote:
>>>>
>>>>> Hi Fabio!
>>>>>
>>>>> Just replace your condition in the reply route with my condition.
>>>>>
>>>>> No, you don't need to any special commands for the rtpproxy.
>>>>>
>>>>> Yes I have sample cfg - i already postet is ome time ago - search
>>>>> the archive.
>>>>>
>>>>> regards,
>>>>> klaus
>>>>>
>>>>> PS: cc to the list
>>>>>
>>>>> Fabio Silvestri wrote:
>>>>>
>>>>>> Well, where do I need to include that code if { } on my ser.cfg?
>>>>>>
>>>>>> Do you have a sample cfg?
>>>>>>
>>>>>> How do I need to run rtpproxy, have some special command line?
>>>>>>
>>>>>> On Mon, 1 Mar 2004, Klaus Darilion wrote:
>>>>>>
>>>>>>
>>>>>>> Date: Mon, 01 Mar 2004 09:35:12 +0100
>>>>>>> From: Klaus Darilion <klaus.mailinglists(a)pernau.at>
>>>>>>> To: Fábio Silvestri <fabio(a)informatec.com.br>
>>>>>>> Cc: serusers(a)lists.iptel.org
>>>>>>> Subject: Re: [Serusers] SER and rtpproxy
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Fábio Silvestri wrote:
>>>>>>>
>>>>>>>
>>>>>>>> Hi!
>>>>>>>>
>>>>>>>> After a long search on maillinst, I'm trying to run SER with
>>>>>>>> rtpproxy, for resolve problems with SIP UA (ata186) behind a
>>>>>>>> nat, but I'm still get in trouble.
>>>>>>>>
>>>>>>>> I have setup ser.cfg to use rtpproxy, like this:
>>>>>>>>
>>>>>>>> ...
>>>>>>>> if (method=="INVITE") {
>>>>>>>> log(1,"INVITE\n");
>>>>>>>> fix_nated_sdp("1");
>>>>>>>> record_route();
>>>>>>>> force_rport();
>>>>>>>> setflag(1);
>>>>>>>> force_rtp_proxy();
>>>>>>>> t_on_reply("1");
>>>>>>>> }
>>>>>>>> ...
>>>>>>>> onreply_route[1] {
>>>>>>>> log(1, ">=====> reply 1\n");
>>>>>>>> if ((status=~"[12][0-9][0-9]")) {
>>>>>>>> force_rtp_proxy();
>>>>>>>> }
>>>>>>>> }
>>>>>>>> ...
>>>>>>>>
>>>>>>>> But I get this error on syslog:
>>>>>>>>
>>>>>>>> 0(5463) ERROR: extract_mediaip: no `c=' in SDP
>>>>>>>>
>>>>>>>
>>>>>>> This will happen when you try to rewrite a response without sdp,
>>>>>>> e.g. 100 trying, 180 ringing....
>>>>>>>
>>>>>>> I'm unsing:
>>>>>>> if ( (status=~"200" || status=~"183") ) {
>>>>>>> force_rtp_proxy();
>>>>>>>
>>>>>>>
>>>>>>>> I'm running rtpproxy, on linux shell without any parameters.
>>>>>>>>
>>>>>>>> Does anybody knows what this means that message, and how to
>>>>>>>> solve, a ser.cfg for rtpproxy, and others tips will be helpfull...
>>>>>>>>
>>>>>>>> Regards.
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> Serusers mailing list
>>>>> serusers(a)lists.iptel.org
>>>>> http://lists.iptel.org/mailman/listinfo/serusers
>>>>>
>>>>
>>>
>>
>
Hi!
There is an article about VoIP at heise.de
(http://www.heise.de/newsticker/meldung/45655) which announces that the
next releases of ser won't be open source.
Can please comment on this?
regards,
Klaus
Hello,
I have heard, that You have a ldap authentification for SER. I want to authenticate against a Windows ADS.
Can You say me, how to get this?
--
Helmut Herzog
Fraunhofer Institut für Informations- und Datenverarbeitung IITB
Fraunhoferstr. 1
D-76131 Karlsruhe
Tel: 0049-721/6091216 Fax:0049-721/6091413 http://www.iitb.fraunhofer.de/
email: helmut.herzog(a)iitb.fraunhofer.de
This works for me with Cisco 7960 phones,
asterisk sip.conf for #8544:
[8544]
type=friend
username=8544
secret=****
host=dynamic
defaultip=10.100.10.118 (ip of ser)
mailbox=8544
Paul Cheng wrote:
>Hi,
>
>Has anyone successfully used Asterisk as a back end voicemail server
>with SER and figured out a way to pass MWI messages to the client UA
>registered with SER?
regards,
Tor.
Hi,
Has anyone successfully used Asterisk as a back end voicemail server
with SER and figured out a way to pass MWI messages to the client UA
registered with SER?