11 Oct
2007
11 Oct
'07
9:29 a.m.
OK,
thank you for the hint. It works now even though for some reason I
need to have the IP of Asterisk both in the 'trusted' table and the
'permissions.allow' file.
Thanks
Max
On Oct 11, 2007, at 6:39 , Greger V. Teigre wrote:
You can use allow_trusted() to allow calls from your
Asterisk. see
the chapter you referred to (Getting Started) for an example of how
to use it.
Just add the IP of your Asterisk to the table of trusted IPs.
g-)
Max Weltz wrote:
Hello,
I am working on a project in which calls are placed from an
Asterisk server towards the PSTN or SIP clients and then connected
to another phone of the PSTN or another SIP client. Those calls
are placed by a user (caller) through an interface. First a call
is placed towards the caller from an extension in Asterisk and
once the caller picks up the phone, the second call is placed and
both are connected.
In a first time all SIP clients were registered to Asterisk
and there was no SER on the picture. Everything was working fine.
But I have decided to use SER as SIP proxy now. So the SIP
clients are registered with SER and Asterisk is still the
originating point of all calls and provides the connection to the
PSTN. Asterisk and SER are running on the same machine (Asterisk
has port 5061 and SER port 5060) and Asterisk is registered to SER:
==sip.conf==
[general]
port=5061
bindport=5061
bindaddr=0.0.0.0
disallow=all
;allow=gsm
allow=ulaw
allow=alaw
;context=bogon-calls
context=from-sip
autocreatepeer=yes
register=> asterisk:password@192.168.1.24:5060/maxAS
[SERADDRESS]
type=friend
username=asterisk
secret=password
host=192.168.1.24
fromdomain=192.168.1.24
[maxAS]
type=friend
secret=password2
qualify=yes
nat=no
host=dynamic
canreinvite=no
context=from-sip
Most things work fine:
* a user can ask Asterisk to call a SIP client and connect it to
another SIP client: Asterisk finds its way to SER and both calls
are happily connected.
* a user can also ask a call to be placed towards a SIP client
and then this call is connected to a PSTN call, no problem either.
The problem is when the user wants a call towards the PSTN to be
connected to a SIP client. Once the call going towards the PSTN
has been answered, Asterisk attempts to contact a SIP client
which is registered in SER but SER sees the call coming from "sip:
(PSTN phone number of the first call)@hostIP". There is no such
client in the database and it is therefore not allowed to
connect. In the following example Zap/1-1 is the interface
towards the PSTN, 0761111111 the phone number dialled, and 6644
an extension registered with SER. Here is the Asterisk output.
Channel Zap/1-1 was answered.
--
Executing Answer("Zap/1-1", "") in new stack
-- Executing Goto("Zap/1-1", "from-sip|6644|1") in new stack
-- Goto (from-sip,6644,1)
-- Executing Answer("Zap/1-1", "") in new stack
-- Executing Dial("Zap/1-1", "SIP/6644@SERADDRESS||r") in new
stack
-- Called 6644@SERADDRESS
Oct 10 11:41:16 WARNING[4264]: chan_sip.c:7972 handle_response:
Forbidden - wrong password on authentication for INVITE to
'"0761111111" <sip:0761111111@192.168.1.24>;tag=as537d1ed7'
-- SIP/SERADDRESS-50e7 is circuit-busy
Here is the portion of the Asterisk Dialplan that is relevant and
the ser.cfg (which comes from http://siprouter.onsip.org/doc/
gettingstarted/):
==extensions.conf==
[context1]
exten => 666,1,Answer()
exten => 666,2,Goto(from-sip,6644,1)
[from-sip]
exten => _.,1,Answer
exten => _.,2,Dial(SIP/${EXTEN}@SERADDRESS,,r)
exten => _.,3,Hangup
==ser.cfg==
debug=3
fork=no
log_stderror=yes
listen=192.168.1.24 # INSERT YOUR IP ADDRESS HERE
port=5060
children=4
dns=no
rev_dns=no
fifo="/tmp/ser_fifo"
fifo_db_url="mysql://ser:password@192.168.1.26/ser"
loadmodule "/usr/lib/ser/modules/mysql.so"
loadmodule "/usr/lib/ser/modules/sl.so"
loadmodule "/usr/lib/ser/modules/tm.so"
loadmodule "/usr/lib/ser/modules/rr.so"
loadmodule "/usr/lib/ser/modules/maxfwd.so"
loadmodule "/usr/lib/ser/modules/usrloc.so"
loadmodule "/usr/lib/ser/modules/registrar.so"
loadmodule "/usr/lib/ser/modules/auth.so"
loadmodule "/usr/lib/ser/modules/auth_db.so"
loadmodule "/usr/lib/ser/modules/uri_db.so"
modparam("auth_db|uri_db|usrloc", "db_url", "mysql://
ser:password@192.168.1.26/ser")
modparam("auth_db", "calculate_ha1", 1)
modparam("auth_db", "password_column", "password")
modparam("usrloc", "db_mode", 2)
modparam("rr", "enable_full_lr", 1)
route {
#
-----------------------------------------------------------------
# Sanity Check Section
#
-----------------------------------------------------------------
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483", "Too Many Hops");
break;
};
if (msg:len > max_len) {
sl_send_reply("513", "Message Overflow");
break;
};
#
-----------------------------------------------------------------
# Record Route Section
#
-----------------------------------------------------------------
if (method!="REGISTER") {
record_route();
};
#
-----------------------------------------------------------------
# Loose Route Section
#
-----------------------------------------------------------------
if (loose_route()) {
route(1);
break;
};
#
-----------------------------------------------------------------
# Call Type Processing Section
#
-----------------------------------------------------------------
if (uri!=myself) {
route(1);
break;
};
if (method=="ACK") {
route(1);
break;
} if (method=="INVITE") {
route(3);
break;
} else if (method=="REGISTER") {
route(2);
break;
};
lookup("aliases");
if (uri!=myself) {
route(1);
break;
};
if (!lookup("location")) {
sl_send_reply("404", "User Not Found");
break;
};
route(1);
}
route[1] {
#
-----------------------------------------------------------------
# Default Message Handler
#
-----------------------------------------------------------------
if (!t_relay()) {
sl_reply_error();
};
}
route[2] {
#
-----------------------------------------------------------------
# REGISTER Message Handler
# ----------------------------------------------------------------
sl_send_reply("100", "Trying");
if (!www_authorize("192.168.1.24","subscriber")) {
www_challenge("192.168.1.24","0");
break;
};
if (!check_to()) {
sl_send_reply("401", "Unauthorized");
break;
};
consume_credentials();
if (!save("location")) {
sl_reply_error();
};
}
route[3] {
#
-----------------------------------------------------------------
# INVITE Message Handler
#
-----------------------------------------------------------------
if (!proxy_authorize("192.168.1.24","subscriber")) {
proxy_challenge("192.168.1.24","0");
break;
} else if (!check_from()) {
sl_send_reply("403", "Use From=ID");
break;
};
consume_credentials();
lookup("aliases");
if (uri!=myself) {
route(1);
break;
};
if (!lookup("location")) {
sl_send_reply("404", "User Not Found");
break;
};
route(1);
}
I guess (but I am new to SER) that the idea is to make the call
be placed as the SIP user "asterisk" and not as the SIP user
"0761111111" but I don't know where to do that (inside asterisk
before the SIP call is placed? inside ser.cfg?) or maybe just to
skip the authentication for SIP URIs that look like a phone
number. I also read in http://siprouter.onsip.org/doc/
gettingstarted/ch09.html how to relay calls placed towards the
PSTN from SER towards a gateway (Asterisk here) but I think it
wouldn't do any good to send back the call to Asterisk. Asterisk
would just end up placing another call towards the PSTN and
that's not what I want.
Any suggestion will be greatly appreciated,
Thanks,
//Max
_______________________________________________
Serusers mailing list
Serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers