Hi Ovidiu, I´m currently configured on this way on my openser:
if (!www_authorize("ser.ip-tel.com.ar", "subscriber")) { www_challenge("ser.ip-tel.com.ar", "0"); break; };
Is it right?
Thanks
Diego
----- Original Message ----- From: "Ovidiu Sas" sip.nslu@gmail.com To: "Diego Valencia" dvalencia@ip-tel.com.ar Cc: users@openser.org Sent: Tuesday, February 20, 2007 4:39 PM Subject: Re: [Users] SER behind PIX
Hi Diego,
When you challenge the SIP UA from openSER, provide the realm and configure the SIP UA to use that particular realm for authorization.
see: http://openser.org/docs/modules/1.2.x/auth_db.html#AEN170 (do not use an empty string for realm)
Regards, Ovidiu Sas
On 2/20/07, Diego Valencia dvalencia@ip-tel.com.ar wrote:
Hi everybody. In the topology:
INTERNET | PIX (NAT static translate 200.x.x.2 to 10.1.1.2) | SER (10.1.1.2)
I can´t register UA from internet.(unauthorized)
The PIX is configured with the "fixup SIP" and "fixup udp SIP" commands. I guess there is a problem when UA generates HA1 with the external IP, then de PIX translates this to internal IP, and the SER can´t authenticate it by the erroneous hash.
Anybody know some solution for it?
Thanks!
Diego
Users mailing list Users@openser.org http://openser.org/cgi-bin/mailman/listinfo/users