7 Sep
2006
7 Sep
'06
5:52 p.m.
Hi,
Well I don't think I could skip the authorization process because there are
analogical devices which need to be authenticated, so it would create
problems.
How do I add the Asterisk Server to the trust tables?
I'm actually thinking of adding Asterisk as a RADIUS client to the RADIUS
server (freeRadius)
What do you think?
Thanks in advance,
Roberto
So... if I understand this correctly, you're having problems with diverted
calls FROM the Asterisk IVR not being able to authenticate on SER?
Could you just add the Asterisk server to the trust tables and skip the auth
process for calls coming back or would that create problems?
N.
*
On Tue, 5 Sep 2006 21:16:45 +0100, Roberto Lopes wrote*
Hi to all!
I've a big problem with SER & Asterisk
I've a network where i put them working together.
Asterisk is the media gateway with PSTN as well as being the server which
is making
all the services available (IVR, voicemail, conference calls,
etc).
SER just routes calls either to the softphones, VoIP
phones or to Asterisk
who will just forward the calls to PSTN (via Asterisk).
Till now everything works well except the service IVR
which is working on
Asterisk.
Details:
*MailScanner has detected a possible fraud attempt from "192.168.226.13"
claiming to be* *MailScanner warning: numerical links are often malicious:
192.168.226.13 - IP SER
**MailScanner has detected a possible fraud attempt
from "192.168.226.45"
claiming to be* *MailScanner warning: numerical
links are often malicious:
192.168.226.45 - IP Asterisk *
***
The problem is only after the user (roberto(a)192.168.226.13 - authenticated
and
authorized in RADIUS) calls IVR.
Till then the user calls, IVR gives some information
to the user and
everything goes well.
Problem is when he presses a number which will have to
redirect the call
to another user.
And why is there a problem.
*
*> Because the initially roberto(a)192.168.226.13 to be able to call IVR had
to rewrite host & port **MailScanner has detected a possible fraud attempt
from "192.168.226.45" claiming to be* *MailScanner warning: numerical links
are often malicious: 192.168.226.45 so that the call would reach Asterisk
who would then call to the IVR. *
***
That rewriting turned roberto(a)192.168.226.13 into
roberto(a)192.168.226.45.
That is, I can say, that it became a "new user".
While it's on the IVR there's no problem, but
when call is diverted it has
to give its credentials...
*
*> Credentials that don't exist in RADIUS cause it only accepts usernames
that end in @ **MailScanner has detected a possible fraud attempt from "
192.168.226.13" claiming to be* *MailScanner warning: numerical links are
often malicious: 192.168.226.13 (IP of SER) *
***
Here is the following code, both of extensions file in Asterisk and
configure file
of SER
I hope somebody knows how to solve it or at least find
a way how to.
extensions.conf - Asterisk
[sip]
exten => 74001,1,Answer
exten => 74001,2,SetMusicOnHold(default)
exten => 74001,3,Set(TIMEOUT(digit)=5)
exten => 74001,4,Set(TIMEOUT(response)=10)
exten => 74001,5,Background(menu)
exten =>
1,1,Dial(SIP/roberto@192.168.226.13:5060,,r)
...
exten => 7,1,Goto(sip,74001,1)
exten => 8,1,Hangup
ser.cfg - SER
...
if ((uri=~"^sip:7[0-9]{4}@.*")) {
route(5);
break;
};
...
route[5] { # Redirecting to Asterisk
# MsgLog
xlog("L_ALERT","(WARNING) Sending to Asterisk request of %fu to
%tu\n");
*
***> rewritehostport("**MailScanner has detected a possible fraud
attempt from " 192.168.226.45:5060" claiming to be* *MailScanner warning:
numerical links are often malicious: 192.168.226.45:5060"); *
*
route(1);
}
Thanks for your help,
Roberto Lopes
*