Hi All,
we are trying to use the Kamailio as an UAC on a PBX. It should behave just like a normal SIP UAC (e.g. an SNOM phone).
The reason why we want that, is connecting a service to any other PBX with Client features and security (DA).
Our setup looks like:
Kamailio UAC w/ register <-> Kamailio OBP/SBC <-> PBX
The register is working fine. We insert the credentials into DB and trigger kamailio to reload the config (kamctl uac.reload).
Then the register is sent out including the unauth (401) handling. After than we are registered on the PBX. The Register is sent though the OBP as configured in DB.
We are trying to make calls:
Calls from PBX to Kamailio are working fine but we struggle with calls from kamailio torwards PBX.
We have the l_uuid in a variable and we try to get the PV ready for the invite.
First we need to do is rewrite the "from" URI. We thought we can get a proper FROM URI with the uuid we have. But the uac_replace_from just sets the $fu as given and does not make any logic with UAC credentials.
To handle the RURI, we trigger uac_reg_lookup with the uuid and it replaces the $ru with user-name and domain from the data stored in DB. In this case that makes no sense. The $rU should be what the user had dialed, the $rd should be the server given in uacreg DB table. The OBP given in DB is ignored completely.
After we managed to rewrite everything in SIP as needed we try to catch the 407 as it's shown in the module documentation with failure route. Here we have not found any way to get the credentials for the uuid.
Now we wonder if we have missed any global setting which sets everything right. If anybody has a similar setup and a working config, we appreciate any help we can get.
our config looks like:
...
loadmodule "uac.so"
....
modparam("uac","auth_realm_avp","$avp(arealm)")
modparam("uac","auth_username_avp","$avp(auser)")
modparam("uac","auth_password_avp","$avp(apass)")
modparam("uac","restore_from_avp","$avp(original_uri_from)")
modparam("uac","restore_to_avp","$avp(original_uri_to)")
modparam("uac","credential","username:domain:password")
modparam("uac", "reg_db_url","DBURI")
modparam("uac", "reg_timer_interval", 60)
modparam("uac", "reg_retry_interval", 300)
...
route {
xlog("L_NOTICE", "INVITE: F=$fu T=$tu R=$ru\n");
route("QUERY_UUID"); # <- sets $var(UUID) to l_uuid of the DB
$var(request_user) = $rU;
uac_reg_lookup("$var(UUID)", "$ru");
$var(request_from_user) = $rU;
$rU = $var(request_user);
uac_replace_from("$var(request_from_user)","sip:$var(request_from_user)@
1.2.3.4");
t_on_failure("TRUNKAUTH");
xlog("L_NOTICE", "INVITE: F=$fu T=$tu R=$ru $avp(auser) $avp(apass)\n"); # avp "auser and apass are "<null>"
if (!t_relay()) {
xlog("L_ERR", "error to <$tu> from <$fu>\n");
sl_reply_error();
};
}
failure_route[TRUNKAUTH] {
if (t_is_canceled()) {
exit;
}
if(t_check_status("401|407")) {
# $avp(auser) = "test"; <-should be set from the l_uuid profile anyhow
# $avp(apass) = "test";
$var(request_user) = $rU;
if (uac_auth()) {
# We do never get here since uac_auth never returns true.
$rU = $var(request_user);
route("FORWARD_MESSAGE");
exit;
}
xlog("L_NOTICE", "DAMN!!!");
}
}
--