Hi,
Well I don't think I could skip the authorization process because there are analogical devices which need to be authenticated, so it would create problems.
How do I add the Asterisk Server to the trust tables?
I'm actually thinking of adding Asterisk as a RADIUS client to the RADIUS server (freeRadius)
What do you think?
Thanks in advance,
Roberto
So... if I understand this correctly, you're having
problems with diverted calls FROM the Asterisk IVR not being able to
authenticate on SER?
Could you just add the Asterisk server to the trust tables and skip
the auth process for calls coming back or would that create problems?
N.
On Tue, 5 Sep 2006 21:16:45 +0100, Roberto Lopes wrote
> Hi to all!
> I've a big problem with SER & Asterisk
> I've a network where i put them working together.
> Asterisk is the media gateway with PSTN as well as being the server
which is making all the services available (IVR, voicemail, conference
calls, etc).
> SER just routes calls either to the softphones, VoIP phones or
to Asterisk who will just forward the calls to PSTN (via Asterisk).
>
Till now everything works well except the service IVR which is working on Asterisk.
>
> Details:
> MailScanner has detected a possible fraud attempt from "
192.168.226.13" claiming to be
MailScanner warning: numerical links are often malicious: 192.168.226.13 - IP SER
> MailScanner has detected a possible fraud attempt from "192.168.226.45
" claiming to be MailScanner warning: numerical links are often malicious:
192.168.226.45 - IP Asterisk
>
> The problem is only after the user (roberto@192.168.226.13 - authenticated and authorized in RADIUS) calls IVR.
> Till then the user calls, IVR gives some information to the user and everything goes well.
> Problem is when he presses a number which will have to redirect the call to another user.
> And why is there a problem.
> Because the initially roberto@192.168.226.13 to be able to call IVR had to rewrite host & port
MailScanner has detected a possible fraud attempt from "192.168.226.45" claiming to be
MailScanner
warning: numerical links are often malicious: 192.168.226.45 so that
the call would reach Asterisk who would then call to the IVR.
> That rewriting turned
roberto@192.168.226.13 into
roberto@192.168.226.45. That is, I can say, that it became a "new user".
> While it's on the IVR there's no problem, but when call is diverted it has to give its credentials...
> Credentials that don't exist in RADIUS cause it only accepts usernames that end in @
MailScanner has detected a possible fraud attempt from "192.168.226.13" claiming to be
MailScanner warning: numerical links are often malicious:
192.168.226.13 (IP of SER)
>
> Here is the following code, both of extensions file in Asterisk and configure file of SER
> I hope somebody knows how to solve it or at least find a way how to.
>
> extensions.conf - Asterisk
>
[sip]
exten => 74001,1,Answer
exten => 74001,2,SetMusicOnHold(default)
exten => 74001,3,Set(TIMEOUT(digit)=5)
exten => 74001,4,Set(TIMEOUT(response)=10)
exten => 74001,5,Background(menu)
> exten => 1,1,Dial(SIP/roberto@192.168.226.13:5060,,r)
...
exten => 7,1,Goto(sip,74001,1)
exten => 8,1,Hangup
>
> ser.cfg - SER
>
> ...
> if ((uri=~"^sip:7[0-9]{4}@.*")) {
> route(5);
> break;
> };
...
> route[5] { # Redirecting to Asterisk
>
# MsgLog
> xlog("L_ALERT","(WARNING) Sending to Asterisk request of %fu to %tu\n");
> rewritehostport("MailScanner has detected a possible fraud attempt from "
192.168.226.45:5060" claiming to be MailScanner warning: numerical links are often malicious:
192.168.226.45:5060");
> route(1);
> }
>
>
> Thanks for your help,
> Roberto Lopes