My question now might be simple but it a point of confusion to me and it is how to tell Kamailio about the SIP users in the Asterisk DB ?!Hi Muhammad,If the users MUST authenticate to Kamailio first,This means that Kamailio should be aware of the SIP users exist in the Asterisk DB to be able to authenticate them and NOT receive 401 Unauthorized error message from Kamailio.
Best Regards,On Sun, Nov 16, 2014 at 3:01 PM, Muhammad Shahzad <shaheryarkh@gmail.com> wrote:Thank you.This seems to be fine. The user MUST authenticate to Kamailio, only then Kamailio will create REGISTER request that is send to asterisk. That's the key security feature behind the idea.Look at the register architecture diagram,
http://kb.asipto.com/asterisk:realtime:kamailio-4.0.x-asterisk-11.3.0-astdb#registrationOn Sat, Nov 15, 2014 at 10:31 PM, Mahmoud Ramadan Ali <cisco.and.more.blog@gmail.com> wrote:_______________________________________________Hi Dears,I'm trying to configure Kamailio as SBC in multi home mode for Asterisk by authenticating the inbound SIP registration requests,i'm following this tutorial http://kb.asipto.com/asterisk:realtime:kamailio-4.0.x-asterisk-11.3.0-astdb to achieve this goal. i have modified the necessary changes like the Asterisk DB URL and the SIP table name and Username and password column and verified the connection.My topology like this Asterisk (192.168.100.10) <----Internal:192.168.100.1---->Kamailio<---External:192.168.50.1-----> SIP Phone (192.168.50.2)But when trying to register a SIP phone Kamailio does NOT forward the authentication request to Asterisk and sends 401 Unauthorized error message.I've attached my config file if any one wants to check it and thanks in advance.Best Regards
U 192.168.50.2:37297 -> 192.168.50.1:5060
REGISTER sip:192.168.50.1;transport=UDP SIP/2.0.
Via: SIP/2.0/UDP 192.168.50.2:37297;branch=z9hG4bK-d8754z-a46e0c7c9d98fe52-1---d8754z-;rport;transport=UDP.
Max-Forwards: 70.
Contact: <sip:1001@192.168.50.2:37297;rinstance=1d7c44dbcb8a7a2f;transport=UDP>.
To: <sip:1001@192.168.50.1;transport=UDP>.
From: <sip:1001@192.168.50.1;transport=UDP>;tag=1d222e19.
Call-ID: NTc2NDBjMGQ2YWFmZjdmNWI0MzVmN2Y4NzYyODJlMTc..
CSeq: 2 REGISTER.
Expires: 70.
Allow: INVITE, ACK, CANCEL, BYE, NOTIFY, REFER, MESSAGE, OPTIONS, INFO, SUBSCRIBE.
Supported: replaces, norefersub, extended-refer, timer, X-cisco-serviceuri.
User-Agent: Z 3.2.21357 r21367.
Authorization: Digest username="1001",realm="192.168.50.1",nonce="VGfAuFRnv4wMvoTG7wA9tqYD9fgZDe3D",uri="sip:192.168.50.1;transport=UDP",response="8bbd01d879250585eafee4f510689f73",algorithm=MD5.
Allow-Events: presence, kpml.
Content-Length: 0.
#
U 192.168.50.1:5060 -> 192.168.50.2:37297
SIP/2.0 401 Unauthorized.
Via: SIP/2.0/UDP 192.168.50.2:37297;branch=z9hG4bK-d8754z-a46e0c7c9d98fe52-1---d8754z-;rport=37297;transport=UDP.
To: <sip:1001@192.168.50.1;transport=UDP>;tag=b27e1a1d33761e85846fc98f5f3a7e58.fe8b.
From: <sip:1001@192.168.50.1;transport=UDP>;tag=1d222e19.
Call-ID: NTc2NDBjMGQ2YWFmZjdmNWI0MzVmN2Y4NzYyODJlMTc..
CSeq: 2 REGISTER.
WWW-Authenticate: Digest realm="192.168.50.1", nonce="VGfAuFRnv4wMvoTG7wA9tqYD9fgZDe3D".
Server: kamailio (4.1.6 (i386/linux)).
Content-Length: 0.
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users@lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users@lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users@lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users