Hi!
After using radius for the first time, I came up with several questions
about "why and how" to use radius. Please comment my questions:
As in the tutorial, I used freeradius and put the SIP users into the
raddb/users file. Do I have to make this manually for every user or are
there any tools do to this? Can radius be used with a backend database
for storing user data? If yes, why not directly use the database without
radius?
Using mysql for user authentication, adding new user is simple - serctl
or serweb. I miss such a simple solution for radius.
Can/will radius also be used for location contacts - or is it a must to
use mysql(postgres) for persistent user location?
Is there any functionality within ser+radius that can't be done with
ser+mysql?
The only point I see for using radius is that many PSTN-gateways support
writing CDRs into radius and billing systems will query these CDRs - but
why use radius for ser?
thanks
klaus
In fact, my ser installation works fine...
I can pass call through asterisk in standalone...
The problem is to interconnect the 2, to register ( i don't know if it's
a right solution) the sipphones on SER and to go outside thanks to
asterisk...
Thx
Alessio Focardi wrote:
>Hello Laurent,
>
>What you want to accomplish could be done, my advice is to setup a
>working installation of ser then you will continue with asterisk.
>
>At first make a simple installation of ser (no auth, no db maybe) and make
>your phones call each other.
>
>If you encounter specific problems and you want to have some help this
>is the right place.
>
>Good luck !
>
>
>
>Tuesday, April 20, 2004, 1:29:41 PM, you wrote:
>
>LB> Hi,
>LB> I want to use SER as a sip Proxy and asterisk as a gateway to the PSTN
>LB> network ...
>LB> My sipphones are BudgetTone101 and i'm having trouble trying configure
>LB> them....
>LB> Indeed, i don't know if they should register on SER or not... I don't
>LB> know what kind of sip messages should be passed to my machine running
>LB> asterisk.
>LB> I don't know what must be in ser.cfg ( if you've an example it could
>LB> help me a lot...)...
>LB> I wasn't able to find documentations about using Ser and Asterisk in
>LB> this configuration ( messages in the archives are not explicit
>LB> enough....) , so if you've a pointer or so....
>
>
>LB> Help...
>
>LB> thx,
>LB> Laurent
>
>LB> _______________________________________________
>LB> Serusers mailing list
>LB> serusers(a)lists.iptel.org
>LB> http://lists.iptel.org/mailman/listinfo/serusers
>
>
>
>
>
Hi,
I want to use SER as a sip Proxy and asterisk as a gateway to the PSTN
network ...
My sipphones are BudgetTone101 and i'm having trouble trying configure
them....
Indeed, i don't know if they should register on SER or not... I don't
know what kind of sip messages should be passed to my machine running
asterisk.
I don't know what must be in ser.cfg ( if you've an example it could
help me a lot...)...
I wasn't able to find documentations about using Ser and Asterisk in
this configuration ( messages in the archives are not explicit
enough....) , so if you've a pointer or so....
Help...
thx,
Laurent
Hi all,
here is my problem when i use serctl to add a account the domain name is
extract from email address and insert to domain field of subscriber
table.
I added two domains (support.example.com and example.com) but if i use
digest authentication (!www...) the client send is domain and SER look
at its subscriber domain field so it's right for example.com's clients.
I have to change domain name in subscriber table for all
support.example.com's clients or don't use digest authentication!
May I use one SERWEB per domain ?
is it possible to avoid changing domain field of subscriber table for
accounts of others domains?
What about dns srv may I have to add srv recording for each domain or
using outbound proxy?
Regards
Harry
Hi!
I try to setup ser+radius the first time, but I'm little confused which
dictionary I should use: There is dictionary.ser in ser and
dictionary.sip in radiusclient-ng. They are quite similar, but not
identical.
Which one should be used?
thanks,
klaus
Hi, ALL:
I have established a server with SER on the Internat with the IP:194.165.196.72,And we also have our own hardware phone developed. I am using MySQL and the nathelper modules & RTPproxy with NAT,but I run accross 2 problems with the digest authenticaiton:
1,Some UA cann't log on the server: I tested K-phone,X-Lite,WM5 and our own hardware phone,but with the digest authentication mode only the K-phone and X-lite can log in ,our own hardware phone and WM5 cann't register on it. The K-phone log on it with challenge form and password,fill in the password then log on.but the WM5 even haven't the challenge form to fill in the password.our own hardware phone also cann't log on the server.
2,Also the WM log in status problem: Under non-digest authentication mode,the WM can log on but while 2 WM log on it only can see one is online.
3,Our own hardware phone problem: Our own phone supports SIP/MGCP/H.323/Net2phoen protocals ,like Cisco ATA and 7960 products and have more features.But Also under non-digest authentication mode,It can regist and log on normally but while make a call behind NAT with RTPs,between X-lite,cann't hear the voice on the PC,but all can speak on the hardware phoen while X-LITE call to the phone.When Phone call to X-lite,it just the same,cann't hear anythink on the PC but other works normally.(Two UAs are all behind NAT).
I open a account on our server:
Address:194.165.196.72
Username: white
password:white
My x-lite number is 8888,If I am online it is also online.Please use WM and other UA have a try and let me know how to solve.
the ser.cfg:
#
# $Id: ser.cfg,v 1.21.2.1 2003/07/30 16:46:18 andrei Exp $
#
# simple quick-start config script
#
# ----------- global configuration parameters ------------------------
#debug=3 # debug level (cmd line: -dddddddddd)
#fork=yes
#log_stderror=no # (cmd line: -E)
/* Uncomment these lines to enter debugging mode
debug=7
fork=no
log_stderror=yes
*/
check_via=no # (cmd. line: -v)
dns=no # (cmd. line: -r)
rev_dns=no # (cmd. line: -R)
port=5060
children=4
fifo="/tmp/ser_fifo"
listen=194.165.196.72
listen=127.0.0.1
alias=194.165.196.72
alias=podiumvision.com
# ------------------ module loading ----------------------------------
# Uncomment this if you want to use SQL database
loadmodule "/usr/lib/ser/modules/tm.so"
loadmodule "/usr/lib/ser/modules/sl.so"
loadmodule "/usr/lib/ser/modules/acc.so"
loadmodule "/usr/lib/ser/modules/rr.so"
loadmodule "/usr/lib/ser/modules/maxfwd.so"
loadmodule "/usr/lib/ser/modules/mysql.so"
loadmodule "/usr/lib/ser/modules/usrloc.so"
loadmodule "/usr/lib/ser/modules/registrar.so"
loadmodule "/usr/lib/ser/modules/auth.so"
loadmodule "/usr/lib/ser/modules/auth_db.so"
loadmodule "/usr/lib/ser/modules/textops.so"
loadmodule "/usr/lib/ser/modules/uri.so"
loadmodule "/usr/lib/ser/modules/group.so"
loadmodule "/usr/lib/ser/modules/msilo.so"
loadmodule "/usr/lib/ser/modules/nathelper.so"
loadmodule "/usr/lib/ser/modules/enum.so"
loadmodule "/usr/lib/ser/modules/domain.so"
# ----------------- setting module-specific parameters ---------------
# ------------- tm parameters
modparam("tm", "fr_timer", 12)
modparam("tm", "fr_inv_timer", 24)
# ------------- accounting parameters
modparam("acc", "log_missed_flag", 3)
modparam("acc", "log_level", 1)
modparam("acc", "log_flag", 1)
# -- usrloc params --
#modparam("usrloc", "db_mode", 0)
# Uncomment this if you want to use SQL database
# for persistent storage and comment the previous line
modparam("usrloc", "db_mode", 2)
modparam("auth_db", "password_column", "password")
#modparam("usrloc|auth_db|group|msilo", "db_url", "sql://ser:heslo@localhost/ser")
# -- auth params --
# Uncomment if you are using auth module
#
modparam("auth_db", "calculate_ha1", yes)
#
# If you set "calculate_ha1" parameter to yes (which true in this config),
# uncomment also the following parameter)
# -- rr params --
# add value to ;lr param to make some broken UAs happy
modparam("rr", "enable_full_lr", 1)
#modparam("registrar", "nat_flag", 6)
modparam("nathelper", "natping_interval", 30) # Ping interval 30 s
#modparam("nathelper", "ping_nated_only", 1) # Ping only clients behind NAT
# ------------------------- request routing logic -------------------
# main routing logic
route{
# initial sanity checks -- messages with
# max_forwards==0, or excessively long requests
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483","Too Many Hops");
break;
};
if (msg:len >= max_len ) {
sl_send_reply("513", "Message too big");
break;
};
# !! Nathelper
# Special handling for NATed clients; first, NAT test is
# executed: it looks for via!=received and RFC1918 addresses
# in Contact (may fail if line-folding is used); also,
# the received test should, if completed, should check all
# vias for rpesence of received
# Allow RR-ed requests, as these may indicate that
# a NAT-enabled proxy takes care of it; unless it is
# a REGISTER
# we record-route all messages -- to make sure that
# subsequent messages will go through our proxy; that's
# particularly good if upstream and downstream entities
# use different transport protocol
#record_route();
# loose-route processing
if (loose_route()) {
append_hf("P-hint: rr-enforced\r\n");
#route(1);
t_relay();
break;
};
# if the request is for other domain use UsrLoc
# (in case, it does not work, use the following command
# with proper names and addresses in it)
if (uri==myself) {
if (method=="REGISTER" ) {
# save("location");
# Uncomment this if you want to use digest authentication
if (!www_authorize("194.165.196.72", "subscriber")) {
www_challenge("194.165.196.72", "1");
break;
};
log("LOG: Someone trying to register from private IP, rewriting\n");
fix_nated_contact(); # Rewrite contact with source IP of signalling
if (method == "INVITE") {
fix_nated_sdp("1"); # Add direction=active to SDP
};
force_rport(); # Add rport parameter to topmost Via
setflag(6); # Mark as NATed
save("location");
break;
};
# native SIP destinations are handled using our USRLOC DB
if (!lookup("location")) {
sl_send_reply("404", "Not Found");
break;
};
};
# forward to current uri now; use stateful forwarding; that
# works reliably even if we forward from TCP to UDP
if (!t_relay()) {
sl_reply_error();
};
}
祝
商祺!
Michael Shi( Shi Jia Lu石佳璐)
Director
Podium Vision Ltd (Shanghai,China Branch)
Tel: +86 (0)21 63296364
Mobile:+86 13311713825,+86 13916750280
Fax: +86 (0)21 63296364
MSN:glacier_shi @ hotmail.com
Email: michael(a)podiumvision.co.uk
This communication contains confidential information intended solely for the use of the individual/s and/or entity or entities to whom it was intended to be addressed. If you are not the intended recipient, be aware that any disclosure, copying, distribution, or use of the contents of this transmission is prohibited. If you have received this communication in error, please contact the sender immediately, delete this communication from your system, and do not disclose its contents to any third party, or use its contents. Any opinions expressed are solely those of the author.
All,
I am newbie to SER.Here has a question.
I have three SIP-client(MSN messenger4.7 and kphone) and a proxy server-SER.
Three clients all register to SER.
I uses messenger4.7 to invite the other one .When invite message pass through SER, I rewrite URI to kphone.
But this doesn't work.Followed my script.How should I do this work?
Thanks.
# ----------- global configuration parameters ------------------------
#debug=3 # debug level (cmd line: -dddddddddd)
#fork=yes
#log_stderror=no # (cmd line: -E)
/* Uncomment these lines to enter debugging mode
debug=9
fork=no
log_stderror=yes
*/
check_via=no # (cmd. line: -v)
dns=no # (cmd. line: -r)
rev_dns=no # (cmd. line: -R)
#port=5060
#children=4
fifo="/tmp/ser_fifo"
# ------------------ module loading ----------------------------------
# Uncomment this if you want to use SQL database
loadmodule "/usr/lib/ser/modules/mysql.so"
loadmodule "/usr/lib/ser/modules/sl.so"
loadmodule "/usr/lib/ser/modules/tm.so"
loadmodule "/usr/lib/ser/modules/rr.so"
loadmodule "/usr/lib/ser/modules/maxfwd.so"
loadmodule "/usr/lib/ser/modules/usrloc.so"
loadmodule "/usr/lib/ser/modules/registrar.so"
# Uncomment this if you want digest authentication
# mysql.so must be loaded !
loadmodule "/usr/lib/ser/modules/auth.so"
loadmodule "/usr/lib/ser/modules/auth_db.so"
# ----------------- setting module-specific parameters ---------------
# -- usrloc params --
#modparam("usrloc", "db_mode", 0)
# Uncomment this if you want to use SQL database
# for persistent storage and comment the previous line
modparam("usrloc", "db_mode", 2)
# -- auth params --
# Uncomment if you are using auth module
#
modparam("auth_db", "calculate_ha1", yes)
#
# If you set "calculate_ha1" parameter to yes (which true in this config),
# uncomment also the following parameter)
#
modparam("auth_db", "password_column", "password")
# -- rr params --
# add value to ;lr param to make some broken UAs happy
modparam("rr", "enable_full_lr", 1)
# ------------------------- request routing logic -------------------
# main routing logic
route{
# initial sanity checks -- messages with
# max_forwards==0, or excessively long requests
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483","Too Many Hops");
break;
};
if ( msg:len > max_len ) {
sl_send_reply("513", "Message too big");
break;
};
# we record-route all messages -- to make sure that
# subsequent messages will go through our proxy; that's
# particularly good if upstream and downstream entities
# use different transport protocol
record_route();
# loose-route processing
if (loose_route()) {
t_relay();
break;
};
# if the request is for other domain use UsrLoc
# (in case, it does not work, use the following command
# with proper names and addresses in it)
if (uri=~"mook.com") {
if (method=="REGISTER") {
# Uncomment this if you want to use digest authentication
if (!www_authorize("mook.com", "subscriber")) {
www_challenge("mook.com", "0");
break;
};
save("location");
break;
};
# native SIP destinations are handled using our USRLOC DB
if (method=="INVITE") {
if (uri=~"messenger4.7(a)mook.com") {
rewriteuri("sip:kphone@mook.com");
}else if (!lookup("location")) {
sl_send_reply("404", "Not Found");
break;
};
};
}; #end uri=myself
# forward to current uri now; use stateful forwarding; that
# works reliably even if we forward from TCP to UDP
if (!t_relay()) {
sl_reply_error();
};
}
Hi all,
Here is the message sent me back after trying to configure serweb from
CVS "Invalid database in $config->db_type".
I 've looked in html /main_prepend.php and html/load_phplib.php witout
success.
Anybody could help me ?
Harry
Hi, I'd like to get some recommendations from other users what the best
option for an rtp proxy to use. From what I have seen the options are:
1.) Ser MEDIA proxy
2.) rtpproxy
3.) asterisk ( perhaps with some slight modifications )
What are people using? and any insight would be helpful, as to which
model seems to work the best.
regards,
Andy
Hi guys,
I managed to make calls to PSTN via SER. How can configure ser to receive
calls from the PSTN?
Regards,
Lakmal
Lankacom Services (Pvt) Ltd.
65C, Dharmapala Mawatha,
Colombo 07.
Sri Lanka.
Tel: +94-1-437545
www.lankacom.net
