Hi, ALL: I have established a server with SER on the Internat with the IP:194.165.196.72,And we also have our own hardware phone developed. I am using MySQL and the nathelper modules & RTPproxy with NAT,but I run accross 2 problems with the digest authenticaiton: 1,Some UA cann't log on the server: I tested K-phone,X-Lite,WM5 and our own hardware phone,but with the digest authentication mode only the K-phone and X-lite can log in ,our own hardware phone and WM5 cann't register on it. The K-phone log on it with challenge form and password,fill in the password then log on.but the WM5 even haven't the challenge form to fill in the password.our own hardware phone also cann't log on the server. 2,Also the WM log in status problem: Under non-digest authentication mode,the WM can log on but while 2 WM log on it only can see one is online. 3,Our own hardware phone problem: Our own phone supports SIP/MGCP/H.323/Net2phoen protocals ,like Cisco ATA and 7960 products and have more features.But Also under non-digest authentication mode,It can regist and log on normally but while make a call behind NAT with RTPs,between X-lite,cann't hear the voice on the PC,but all can speak on the hardware phoen while X-LITE call to the phone.When Phone call to X-lite,it just the same,cann't hear anythink on the PC but other works normally.(Two UAs are all behind NAT). I open a account on our server: Address:194.165.196.72 Username: white password:white My x-lite number is 8888,If I am online it is also online.Please use WM and other UA have a try and let me know how to solve. the ser.cfg: # # $Id: ser.cfg,v 1.21.2.1 2003/07/30 16:46:18 andrei Exp $ # # simple quick-start config script # # ----------- global configuration parameters ------------------------ #debug=3 # debug level (cmd line: -dddddddddd) #fork=yes #log_stderror=no # (cmd line: -E) /* Uncomment these lines to enter debugging mode debug=7 fork=no log_stderror=yes */ check_via=no # (cmd. line: -v) dns=no # (cmd. line: -r) rev_dns=no # (cmd. line: -R) port=5060 children=4 fifo="/tmp/ser_fifo" listen=194.165.196.72 listen=127.0.0.1 alias=194.165.196.72 alias=podiumvision.com # ------------------ module loading ---------------------------------- # Uncomment this if you want to use SQL database loadmodule "/usr/lib/ser/modules/tm.so" loadmodule "/usr/lib/ser/modules/sl.so" loadmodule "/usr/lib/ser/modules/acc.so" loadmodule "/usr/lib/ser/modules/rr.so" loadmodule "/usr/lib/ser/modules/maxfwd.so" loadmodule "/usr/lib/ser/modules/mysql.so" loadmodule "/usr/lib/ser/modules/usrloc.so" loadmodule "/usr/lib/ser/modules/registrar.so" loadmodule "/usr/lib/ser/modules/auth.so" loadmodule "/usr/lib/ser/modules/auth_db.so" loadmodule "/usr/lib/ser/modules/textops.so" loadmodule "/usr/lib/ser/modules/uri.so" loadmodule "/usr/lib/ser/modules/group.so" loadmodule "/usr/lib/ser/modules/msilo.so" loadmodule "/usr/lib/ser/modules/nathelper.so" loadmodule "/usr/lib/ser/modules/enum.so" loadmodule "/usr/lib/ser/modules/domain.so" # ----------------- setting module-specific parameters --------------- # ------------- tm parameters modparam("tm", "fr_timer", 12) modparam("tm", "fr_inv_timer", 24) # ------------- accounting parameters modparam("acc", "log_missed_flag", 3) modparam("acc", "log_level", 1) modparam("acc", "log_flag", 1) # -- usrloc params -- #modparam("usrloc", "db_mode", 0) # Uncomment this if you want to use SQL database # for persistent storage and comment the previous line modparam("usrloc", "db_mode", 2) modparam("auth_db", "password_column", "password") #modparam("usrloc|auth_db|group|msilo", "db_url", "sql://ser:heslo@localhost/ser") # -- auth params -- # Uncomment if you are using auth module # modparam("auth_db", "calculate_ha1", yes) # # If you set "calculate_ha1" parameter to yes (which true in this config), # uncomment also the following parameter) # -- rr params -- # add value to ;lr param to make some broken UAs happy modparam("rr", "enable_full_lr", 1) #modparam("registrar", "nat_flag", 6) modparam("nathelper", "natping_interval", 30) # Ping interval 30 s #modparam("nathelper", "ping_nated_only", 1) # Ping only clients behind NAT # ------------------------- request routing logic ------------------- # main routing logic route{ # initial sanity checks -- messages with # max_forwards==0, or excessively long requests if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); break; }; if (msg:len >= max_len ) { sl_send_reply("513", "Message too big"); break; }; # !! Nathelper # Special handling for NATed clients; first, NAT test is # executed: it looks for via!=received and RFC1918 addresses # in Contact (may fail if line-folding is used); also, # the received test should, if completed, should check all # vias for rpesence of received
# Allow RR-ed requests, as these may indicate that # a NAT-enabled proxy takes care of it; unless it is # a REGISTER # we record-route all messages -- to make sure that # subsequent messages will go through our proxy; that's # particularly good if upstream and downstream entities # use different transport protocol #record_route(); # loose-route processing if (loose_route()) { append_hf("P-hint: rr-enforced\r\n"); #route(1); t_relay(); break; }; # if the request is for other domain use UsrLoc # (in case, it does not work, use the following command # with proper names and addresses in it) if (uri==myself) { if (method=="REGISTER" ) { # save("location"); # Uncomment this if you want to use digest authentication if (!www_authorize("194.165.196.72", "subscriber")) { www_challenge("194.165.196.72", "1"); break; }; log("LOG: Someone trying to register from private IP, rewriting\n"); fix_nated_contact(); # Rewrite contact with source IP of signalling if (method == "INVITE") { fix_nated_sdp("1"); # Add direction=active to SDP }; force_rport(); # Add rport parameter to topmost Via setflag(6); # Mark as NATed
save("location"); break; }; # native SIP destinations are handled using our USRLOC DB if (!lookup("location")) { sl_send_reply("404", "Not Found"); break; }; }; # forward to current uri now; use stateful forwarding; that # works reliably even if we forward from TCP to UDP if (!t_relay()) { sl_reply_error(); }; }
祝 商祺! Michael Shi( Shi Jia Lu石佳璐) Director Podium Vision Ltd (Shanghai,China Branch)
Tel: +86 (0)21 63296364 Mobile:+86 13311713825,+86 13916750280 Fax: +86 (0)21 63296364 MSN:glacier_shi @ hotmail.com Email: michael@podiumvision.co.uk This communication contains confidential information intended solely for the use of the individual/s and/or entity or entities to whom it was intended to be addressed. If you are not the intended recipient, be aware that any disclosure, copying, distribution, or use of the contents of this transmission is prohibited. If you have received this communication in error, please contact the sender immediately, delete this communication from your system, and do not disclose its contents to any third party, or use its contents. Any opinions expressed are solely those of the author.