I'm working in a VoIP solution here in my university and we have a
wide LDAP base and I am thinking about using it for
I found on the internet Ldap/Ldaps modules for SER
(http://www.ethworld.ethz.ch/technologies/sipeth/ser_modules/ldaps),
but I am afraid that I could only use them for lookups and not direct
authentication.
I guess I could use radius for authentication but I dont know if
installing a radius server "just" for this would be worth the effort.
Does anyone know if there is a way to authenticate users in a LDAP
server without using Radius? I mean, could I use SER directly with
LDAP without using RADIUS?
Regards,
Felipe
--
Master Student - Electrical Engineering Department
Computer Engineering and Telecommunications Research Group
Universidade Federal de Minas Gerais - Brazil
"For God so loved the world that he gave his one and only Son, that
whoever believes in him shall not perish but have eternal life."
John 3:16
hi all,
Is there a way to configure openser so that it sends rport in
via header ? Actually th packet from server is reverse natted through
another system using any random port, i want it the reply to come on
the same port . thanks ....
Regards,
Ranveer.
--
Memories : They bring Diamonds and Rust
Dear Wizards,
Many of you seem to be running public SER servers with hundreds of users.
I would like to become a paying customer of such a SER server,
but cannot find any such services advertised on the internet.
Can someone please recommend a running, fee-for-service SER server?
A few weeks ago, I asked this same question,
and got zero responses. And I mean no responses of any kind.
Is this the wrong forum to ask such a question?
Even messages pointing out why I am a total idiot
would have been preferable to total silence.
If there are reasons that it is not practical for anyone
to operate a fee-for-service SER server,
I would love to see some discussion of
what makes it so impractical.
Please feel free to speculate on why you think
such services have not been created.
thanks, Michael
Hi Nhadie.
I'm using the autoprovisioning system with PAP2 and Sipura. I don't
know if the other phones have this feature. I also know that SJPhone can
have this feaure too.
Regards,
Ricardo Martinez.-
> -----Mensaje original-----
> De: Nhadie [mailto:nhadie@cbcpworld.com]
> Enviado el: Jueves, 08 de Septiembre de 2005 10:43
> Para: serusers(a)lists.iptel.org
> Asunto: [Serusers] auto configuration
>
>
> Hi List!
>
> Would just like to ask how can I automatically download a
> configuration for
> a SIP phone. I mean , let's say I have a client that bought
> the phone, once
> he plugged it in on the internet it will download a
> configuration file, that
> has it's username, password, sip proxy etc. I use
> Grandstream, PAP2, Sipura,
> x-lite x-pro and eyebeam. Is that possible?
>
> Thank You
>
> Regards,
> Nhadie
>
> _______________________________________________
> Serusers mailing list
> serusers(a)lists.iptel.org
> http://lists.iptel.org/mailman/listinfo/serusers
>
Hi,
I am trying to figure out how to solve the follwoing problem.
I have two subnetworks, A and B, with different private ip adressing
schemes (IP@A <mailto:IP@A> ) and (IP@B <mailto:IP@B> ).
SER is installed in a computer with network interfaces towards both
subnetworks.
SER's SIP signalling proxying operation works properly within the
subnetworks and when trying to set up a communication between users in A
and B. But in that last case, obviously there is no media at all
circulating among the subnetworks.
Portaone's RTP proxy has been installed and configured in the computer
with interfaces towards both subnetworks where SER is installed.
I am trying to configure SER so that, based on the nathelper module,
when communication between both subnetworks occurs, the RTP proxy is
involved and the communication (also media and not only signalling) is
possible. BUT I am making something wrong, becouse it does not work ...
Can anyone give me a hand /hint?
Thanks a lot in advance / in any case.
My SER config file is the following:
#
# ----------- global configuration parameters ------------------------
/* Uncomment these lines to enter debugging mode
debug=7
fork=no
log_stderror=yes
*/
check_via=no # (cmd. line: -v)
dns=no # (cmd. line: -r)
rev_dns=no # (cmd. line: -R)
fifo="/tmp/ser_fifo"
fifo_mode=0662
alias=wirelessip.x.x.x
alias=sip..x.x.x
alias=x.x.x
log_stderror=no
debug=3
children=3
mhomed=1
# ------------------ module loading ----------------------------------
# Uncomment this if you want to use SQL database
loadmodule "/lib/ser/modules/mysql.so"
loadmodule "/lib/ser/modules/sl.so"
loadmodule "/lib/ser/modules/tm.so"
loadmodule "/lib/ser/modules/rr.so"
loadmodule "/lib/ser/modules/maxfwd.so"
loadmodule "/lib/ser/modules/usrloc.so"
loadmodule "/lib/ser/modules/textops.so"
loadmodule "/lib/ser/modules/registrar.so"
# Uncomment this if you want digest authentication
# mysql.so must be loaded !
loadmodule "/lib/ser/modules/auth.so"
loadmodule "/lib/ser/modules/auth_db.so"
# For NAT support / media proxying
loadmodule "/lib/ser/modules/nathelper.so"
# ----------------- setting module-specific parameters ---------------
# -- usrloc params --
#modparam("usrloc", "db_mode", 0)
# Uncomment this if you want to use SQL database
# for persistent storage and comment the previous line
modparam("usrloc", "db_mode", 2)
# -- auth params --
# Uncomment if you are using auth module
modparam("auth_db", "calculate_ha1", yes)
# If you set "calculate_ha1" parameter to yes (which true in this
config),
# uncomment also the following parameter)
modparam("auth_db", "password_column", "password")
# -- rr params --
# add value to ;lr param to make some broken UAs happy
modparam("rr", "enable_full_lr", 1)
# For NAT
# We will use flag 6 to mark NATed contacts
modparam("registrar", "nat_flag", 6)
# Enable NAT pinging
modparam("nathelper", "natping_interval", 60)
# Ping only contacts that are known to be
# behind NAT
modparam("nathelper", "ping_nated_only", 1)
# ------------------------- request routing logic -------------------
# main routing logic
route{
# initial sanity checks -- messages with
# max_forwards==0, or excessively long requests
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483","Too Many Hops");
break;
};
if ( msg:len > max_len ) {
sl_send_reply("513", "Message too big");
break;
};
# special handling for NATed clients; first, nat test is
# executed: it looks for via!=received and RFC1918 addresses
# in Contact (may fail if line-folding used); also,
# the received test should, if complete, should check all
# vias for presence of received
if (nat_uac_test("3")) {
# allow RR-ed requests, as these may indicate that
# a NAT-enabled proxy takes care of it; unless it is
# a REGISTER
if (method == "REGISTER" || ! search("^Record-Route:")) {
log("LOG: Someone trying to register from private IP, rewriting\n");
# This will work only for user agents that support symmetric
# communication. We tested quite many of them and majority is
# smart smart enough to be symmetric. In some phones, like
# it takes a configuration option. With Cisco 7960, it is
# called NAT_Enable=Yes, with kphone it is called
# "symmetric media" and "symmetric signaling". (The latter
# not part of public released yet.)
fix_nated_contact(); # Rewrite contact with source IP of signalling
if (method == "INVITE") {
fix_nated_sdp("1"); # Add direction=active to SDP
};
force_rport(); # Add rport parameter to topmost Via
setflag(6); # Mark as NATed
};
};
# we record-route all messages -- to make sure that
# subsequent messages will go through our proxy; that's
# particularly good if upstream and downstream entities
# use different transport protocol
record_route();
# loose-route processing
if (loose_route()) {
t_relay();
break;
};
lookup("aliases");
# if the request is for other domain use UsrLoc
# (in case, it does not work, use the following command
# with proper names and addresses in it)
if (uri==myself) {
if (method=="REGISTER") {
# Uncomment this if you want to use digest authentication
if (!www_authorize("com.dtu.dk", "subscriber")) {
www_challenge("com.dtu.dk", "0");
break;
};
save("location");
break;
};
# native SIP destinations are handled using our USRLOC DB
if (!lookup("location")) {
sl_send_reply("404", "Not Found");
break;
};
};
# forward to current uri now; use stateful forwarding; that
# works reliably even if we forward from TCP to UDP
if (!t_relay()) {
sl_reply_error();
};
}
#
# Forcing media relay if necessary
#
route[1] {
#if (uri=~"[@:](192\.168\.|10\.|172\.16)" && !search("^Route:")){
# sl_send_reply("479", "We don't forward to private IP addresses");
# break;
#};
#if (isflagset(6)) {
force_rtp_proxy(); # I force everything through the proxy
t_on_reply("1");
append_hf("P-Behind-NAT: Yes\r\n");
#};
if (!t_relay()) {
sl_reply_error();
break;
};
}
onreply_route[1] {
if (status =~ "(183)|2[0-9][0-9]") {
fix_nated_contact();
force_rtp_proxy();
};
}
Hello,
Somebody has tested freeSide billing system !?
Harry
___________________________________________________________________________
Appel audio GRATUIT partout dans le monde avec le nouveau Yahoo! Messenger
Téléchargez cette version sur http://fr.messenger.yahoo.com
Hello all,
can SER with RTP-proxy or Media-Proxy relay T38. If supported, do we
need to do some extra configuration or it will work in standard
configuation.
Thank you,
Atif
Please help.
----- Original Message -----
From: "Nicky" <nicky(a)caliber.com.sg>
To: <serusers(a)lists.iptel.org>; <sems(a)lists.iptel.org>
Sent: Wednesday, September 28, 2005 10:38 PM
Subject: Sems IVR Module
> Hi all,
>
> I am testing the sems version from the Head and when i uses a SIP Phone to
> call into
> the IVR module for recording when I am in the middle of recording, the
> program detected DTMF
> signal and jump out of the script. Why is it so? as I never pressed on any
> key? How can I resolve this
> problem? Why is the voice signal become the DTMF signal? Is there any
> adjustment that
> i can do to solve this problem , as my voice goes louder the more DTMF
> signal is being detected.
>
> Please help.
>
> regards,
> nicky
>
Hello,
latest openser version from cvs includes a set of new functions (core
and avpops) and pseudo-variable which allow to access and manage the
value of dst_uri.
The dst_uri field contains the address of the next hop, when the routing
does not follow R-URI address. Such cases are Route header driven
routing (dst_uri is set after loose_route() to the value of next Route
header), contacts behind nat (dst_uri is set to the address of nat after
lookup("location")) or dispatcher usage. The dst_uri has higher priority
in routing over R-URI but less than explicit parameters in relaying
functions (e.g., t_relay_to*()).
The field was invisible from the script but it proved in the discussions
on the mailing list to be important to access it. For example, to detect
whether the caller and callee are behind same nat. Also, it can be
checked in case of preloaded Route header to secure relaying to special
resources (e.g., pstn gateway). With the new branch_route the value of
dst_uri can be checked for each branch.
A short summary of what was added:
* core functions:
- setdsturi("uri") - set the value of dst_uri
- resetdsturi() - reset the value of dst_uri
- isdsturiset() - test if the value of dst_uri is null
* pseudo-variables
- $du - value of dst_uri (added long time ago)
- $dd - domain of dst_uri
- $dp - port of dst_uri
- $dP - transport protocol of dst_uri
* avpops changes
- avp_write() can read the value of dst_uri and write it in an avp
- avp_pushto() can write the value of an avp in dst_uri
Tutorials and dokuwiki will be updated soon.
Daniel
