The way you have configured the client gives 192.168.0.2 as your domain. You will
probably want to configure
or something.
There needs to be a match between: client configurations, aliases defined in ser.cfg, and
domains that you have configured in the DB (used by the is_uri_* functions). Only then
will SER properly recognize your clients.
All these steps are covered in the Getting Started doc.
g-)
---- Original Message ----
From: Alberto
To: Greger V. Teigre
Cc: serusers(a)lists.iptel.org
Sent: Friday, September 16, 2005 09:51 AM
Subject: Re: [Serusers] ser.cfg with PSTN gateway connectivity
But, I can't register sip clients, when a sip
client sends REGISTER
the ser answer 403, Forbidden.
Session Initiation Protocol
Request-Line: REGISTER sip:192.168.0.2:5060 SIP/2.0
Method: REGISTER
Resent Packet: False
Message Header
Content-Length: 0
Contact: <sip:4000@192.168.0.9:5060>;events="message-summary"
Call-ID: EC3B7C61-92BE-4CEA-8A43-53391E95F301(a)192.168.0.9
Max-Forwards: 70
From: <sip:4000@192.168.0.2:5060>;tag=446779626482
SIP from address: sip:4000@192.168.0.2:5060
SIP tag: 446779626482
CSeq: 1 REGISTER
To: <sip:4000@192.168.0.2:5060>
SIP to address: sip:4000@192.168.0.2:5060
Via: SIP/2.0/UDP
192.168.0.9;rport;branch=z9hG4bKc0a800090131c9b1432a784800002a6300000001
User-Agent: SJphone/1.50.271d (SJ Labs)
Session Initiation Protocol
Status-Line: SIP/2.0 403 Forbidden
Status-Code: 403
Resent Packet: False
Message Header
Call-ID: EC3B7C61-92BE-4CEA-8A43-53391E95F301(a)192.168.0.9
From: <sip:4000@192.168.0.2:5060>;tag=446779626482
SIP from address: sip:4000@192.168.0.2:5060
SIP tag: 446779626482
CSeq: 1 REGISTER
To:
<sip:4000@192.168.0.2:5060>;tag=d222d7f099537762bc94f7b18918c630.a1da
SIP to address: sip:4000@192.168.0.2:5060
SIP tag: d222d7f099537762bc94f7b18918c630.a1da
Via: SIP/2.0/UDP
192.168.0.9;rport=5060;branch=z9hG4bKc0a800090131c9b1432a784800002a6300000001
Server: Sip EXpress router (0.9.3 (i386/freebsd))
Content-Length: 0
Warning: 392 192.168.0.2:5060 "Noisy feedback tells: pid=441
req_src_ip=192.168.0.9 req_src_port=5060 in_uri=sip:192.168.0.2:5060
out_uri=sip:192.168.0.2:5060 via_cnt==1"
----- Original Message -----
From: Greger V. Teigre
To: Alberto
Cc: serusers(a)lists.iptel.org
Sent: Friday, September 16, 2005 9:19 AM
Subject: Re: [Serusers] ser.cfg with PSTN gateway connectivity
The test does the following:
If callee is not within the local domain (as registered in the
domains table), check that:
either... caller is from a local domain
or... the source is a trusted party (gw etc)
If not, forbidden
g-)
---- Original Message ----
From: Alberto
To: Greger V. Teigre
Cc: serusers(a)lists.iptel.org
Sent: Friday, September 16, 2005 08:51 AM
Subject: Re: [Serusers] ser.cfg with PSTN gateway connectivity
> Yes, I did it too.
>
> I suppose that I have to do a entry in 'trusted' table of the IP
> address of the PSTN gateway.
>
> mysql> select * from trusted;
> +----------------+-------+--------------+
>> src_ip | proto | from_pattern |
> +----------------+-------+--------------+
>> 212.xxx.xxx.81 | any | ^sip:.*$ |
> +----------------+-------+--------------+
> 1 row in set (0.01 sec)
>
> mysql> select username,domain,password from subscriber;
> +----------+-------------+-----------+
>> username | domain | password |
> +----------+-------------+-----------+
>> admin | sip | heslo |
>> 1000 |
teching.net | 123454321 |
>> 2000 |
teching.net | 12345 |
>> 3000 |
teching.net | 12345 |
>> 4000 |
teching.net | 12345 |
>> 5000 |
teching.net | 12345 |
> +----------+-------------+-----------+
> 6 rows in set (0.00 sec)
>
> Is this correct? I believe that I do not understand it well.
>
> Thanks.
>
>
>> Hi,
>>
>> I've read the SER Getting Started form
http://www.onsip.org .
>>
>> When I configure the ser with PSTN Gateway (subject 8 of the guide)
>> I can't register any client (403, Forbidden). I think, the problem
>> is the next line of ser.cfg:
>>
>> if (!is_uri_host_local()) {
>> if (is_from_local() || allow_trusted()) {
>> route(4);
>> route(1);
>> } else {
>> sl_send_reply("403","Forbidden");
>> };
>> break;
>> };
>>
>> I'd copied the permissions.allow and permissions.deny to
>> /usr/local/etc/ser and in the .allow file I'd uncomment the last
>> line (ALL:ALL)
>>
>> Any idea? Thanks.