Jesus: I found no changes between xten1.x and 2.0, both versions work the same way. However if you're running your ser on 192.168.1.2, you will need to set your xtem "Send Internal IP" field to "On". I'd tried without any NAT involved first as Wasik mentioned below. Also double check that your SIP_DOMAIN has the right value, otherwise the serctl add will create an user that www_authorize() won't be able to match. In short words, your SIP_DOMAIN has to be set to the same value (realm) you set in ser.conf if (!www_authorize("myrealm.com", "subscriber")).

-m

-----Original Message----- From: Wasik, Paul [mailto:Paul.Wasik@ipc.com] Sent: Wednesday, July 23, 2003 10:57 AM To: Maxim Sobolev; Jesus Rodriguez Cc: serusers@lists.iptel.org Subject: RE: [Serusers] X-Lite and SER (again) New info

The only way I have ever gotten Xten v1.0 or 2.0 to work with SER is to set the "Send Internal IP" field to "On". Even without NAT involved. Once I did that it worked fine ever since for me.

-----Original Message----- From: Maxim Sobolev [mailto:sobomax@portaone.com] Sent: Wednesday, July 23, 2003 1:51 PM To: Jesus Rodriguez Cc: serusers@lists.iptel.org Subject: Re: [Serusers] X-Lite and SER (again) New info

You are better off to contact X-Ten instead, because it is clearly a problem with X-Lite, not SER.

-Maxim

Jesus Rodriguez wrote:

Hello,

I'm sorry to come back again with this topic :( ... i've installed a new

SER

from cvs (rel_0_8_11) and when trying to register X-Lite 2.0, X-Lite does

not

send authentication information. As before, i can register an ATA186, a

SNOM

100 phone and SIPPS but no X-Lite. I think the problem is in my X-Lite

configuration and that it's my fault but after looking up and down i can't find the problem.

This is X-Lite configuration:

SIP Proxy Enabled: yes User Name: 1000 Authorization user: 1000 Password: 1000 Domain/Realm: voztelecom.net SIP Proxy: 192.168.1.2:5060 Out Bound Proxy: Proxy Mode: Normal Send Internal IP: Off

These are the X-Lite logs. The most strange thing is that it does not

answer

the auth requests from SER (below is Cisco ATA REGISTER log and SER configuration):

SEND >> 192.168.1.2:5060 REGISTER sip:voztelecom.net SIP/2.0 Via: SIP/2.0/UDP 192.168.1.203:5060 From: sip:1000@voztelecom.net To: sip:1000@voztelecom.net Contact: "JesusR" sip:1000@192.168.1.203:5060 Call-ID: 3148BBBEBC4F47F2A43768FD845E6663@voztelecom.net CSeq: 11222 REGISTER Expires: 500 User-Agent: X-Lite build 1047 Content-Length: 0

RECEIVE << 192.168.1.2:5060 SIP/2.0 401 Unauthorized Via: SIP/2.0/UDP 192.168.1.203:5060 From: sip:1000@voztelecom.net To: sip:1000@voztelecom.net;tag=b27e1a1d33761e85846fc98f5f3a7e58.d844 Call-ID: 3148BBBEBC4F47F2A43768FD845E6663@voztelecom.net CSeq: 11222 REGISTER WWW-Authenticate: Digest realm="voztelecom.net", nonce="3f1ebf0bae9c2713e34ed6c6c066884d61da2c46" Server: Sip EXpress router (0.8.11rc1 (i386/linux)) Content-Length: 0 Warning: 392 192.168.1.2:5060 "Noisy feedback tells: pid=27562

req_src_ip=192.168.1.203 req_src_port=5060 in_uri=sip:voztelecom.net out_uri=sip:voztelecom.net via_cnt==1"

RECEIVE << 192.168.1.2:5060 SIP/2.0 401 Unauthorized Via: SIP/2.0/UDP 192.168.1.203:5060 From: sip:1000@voztelecom.net To: sip:1000@voztelecom.net;tag=b27e1a1d33761e85846fc98f5f3a7e58.d844 Call-ID: 3148BBBEBC4F47F2A43768FD845E6663@voztelecom.net CSeq: 11222 REGISTER WWW-Authenticate: Digest realm="voztelecom.net", nonce="3f1ebf0bae9c2713e34ed6c6c066884d61da2c46" Server: Sip EXpress router (0.8.11rc1 (i386/linux)) Content-Length: 0 Warning: 392 192.168.1.2:5060 "Noisy feedback tells: pid=27563

req_src_ip=192.168.1.203 req_src_port=5060 in_uri=sip:voztelecom.net out_uri=sip:voztelecom.net via_cnt==1"

SEND >> 192.168.1.2:5060 REGISTER sip:voztelecom.net SIP/2.0 Via: SIP/2.0/UDP 192.168.1.203:5060 From: sip:1000@voztelecom.net To: sip:1000@voztelecom.net Contact: "JesusR" sip:1000@192.168.1.203:5060 Call-ID: 3148BBBEBC4F47F2A43768FD845E6663@voztelecom.net CSeq: 11224 REGISTER Expires: 500 User-Agent: X-Lite build 1047 Content-Length: 0

RECEIVE << 192.168.1.2:5060 SIP/2.0 401 Unauthorized Via: SIP/2.0/UDP 192.168.1.203:5060 From: sip:1000@voztelecom.net To: sip:1000@voztelecom.net;tag=b27e1a1d33761e85846fc98f5f3a7e58.d844 Call-ID: 3148BBBEBC4F47F2A43768FD845E6663@voztelecom.net CSeq: 11224 REGISTER WWW-Authenticate: Digest realm="voztelecom.net", nonce="3f1ebf0fe0eb06e006bfa17508318525b23a1672" Server: Sip EXpress router (0.8.11rc1 (i386/linux)) Content-Length: 0 Warning: 392 192.168.1.2:5060 "Noisy feedback tells: pid=27562

req_src_ip=192.168.1.203 req_src_port=5060 in_uri=sip:voztelecom.net out_uri=sip:voztelecom.net via_cnt==1"

RECEIVE << 192.168.1.2:5060 SIP/2.0 401 Unauthorized Via: SIP/2.0/UDP 192.168.1.203:5060 From: sip:1000@voztelecom.net To: sip:1000@voztelecom.net;tag=b27e1a1d33761e85846fc98f5f3a7e58.d844 Call-ID: 3148BBBEBC4F47F2A43768FD845E6663@voztelecom.net CSeq: 11224 REGISTER WWW-Authenticate: Digest realm="voztelecom.net", nonce="3f1ebf0fe0eb06e006bfa17508318525b23a1672" Server: Sip EXpress router (0.8.11rc1 (i386/linux)) Content-Length: 0 Warning: 392 192.168.1.2:5060 "Noisy feedback tells: pid=27563

req_src_ip=192.168.1.203 req_src_port=5060 in_uri=sip:voztelecom.net out_uri=sip:voztelecom.net via_cnt==1"

This is Cisco ATA REGISTER log which send the reply to auth request from

SER:

...

...

SIP <<

Trying 1st IP ADDR c0a80102 proxy=192.168.1.2:5060 [0]REGISTER Retry 0 [0:0] Tx Msg to 192.168.1.2:5060

REGISTER sip:192.168.1.2 SIP/2.0 Via: SIP/2.0/UDP 192.168.1.202:5060 From: sip:1001@192.168.1.2;user=phone;tag=4183361925 To: sip:1001@192.168.1.2;user=phone Call-ID: 2881434130@192.168.1.202 CSeq: 1 REGISTER Contact: sip:1001@192.168.1.202:5060;user=phone;transport=udp;expires=60 User-Agent: Cisco ATA 186 v2.16 ata18x (030401a) Content-Length: 0

[0]Rx Msg from 192.168.1.2:5060

SIP/2.0 401 Unauthorized Via: SIP/2.0/UDP 192.168.1.202:5060 From: sip:1001@192.168.1.2;user=phone;tag=4183361925 To:

sip:1001@192.168.1.2;user=phone;tag=b27e1a1d33761e85846fc98f5f3a7e58.9 cf4

Call-ID: 2881434130@192.168.1.202 CSeq: 1 REGISTER WWW-Authenticate: Digest realm="voztelecom.net",

nonce="3f1ec1149f7590fd4532ba8c63a36a9123360fa0"

Server: Sip EXpress router (0.8.11rc1 (i386/linux)) Content-Length: 0 Warning: 392 192.168.1.2:5060 "Noisy feedback tells: pid=27563

req_src_ip=192.168.1.202 req_src_port=5060 in_uri=sip:192.168.1.2 out_uri=sip:192.168.1.2 via_cnt==1"

[0]Reg Resp 401; Unauthorized [0]REGISTER Retry 0 [0:0] Tx Msg to 192.168.1.2:5060

REGISTER sip:192.168.1.2 SIP/2.0 Via: SIP/2.0/UDP 192.168.1.202:5060 From: sip:1001@192.168.1.2;user=phone;tag=4183361925 To: sip:1001@192.168.1.2;user=phone Call-ID: 2881434130@192.168.1.202 CSeq: 2 REGISTER Contact: sip:1001@192.168.1.202:5060;user=phone;transport=udp;expires=60 User-Agent: Cisco ATA 186 v2.16 ata18x (030401a) Authorization: Digest

username="1001",realm="voztelecom.net",nonce="3f1ec1149f7590fd4532ba8c63 a36a 9123360fa0",uri="sip:192.168.1.2",response="9cedb192d83009a19e3bf610c2d1 3b85 "

Content-Length: 0

[0]Rx Msg from 192.168.1.2:5060

SIP/2.0 200 OK Via: SIP/2.0/UDP 192.168.1.202:5060 From: sip:1001@192.168.1.2;user=phone;tag=4183361925 To:

sip:1001@192.168.1.2;user=phone;tag=b27e1a1d33761e85846fc98f5f3a7e58.9 cf4

Call-ID: 2881434130@192.168.1.202 CSeq: 2 REGISTER Contact:

sip:1001@192.168.1.202:5060;user=phone;transport=udp;q=0.00;expires=60

Server: Sip EXpress router (0.8.11rc1 (i386/linux)) Content-Length: 0 Warning: 392 192.168.1.2:5060 "Noisy feedback tells: pid=27562

req_src_ip=192.168.1.202 req_src_port=5060 in_uri=sip:192.168.1.2 out_uri=sip:192.168.1.2 via_cnt==1"

[0]Reg Resp 200; OK [0]Reg OK (60)

And this is SER configuration:

# # $Id: ser.cfg,v 1.21 2003/06/04 13:47:36 jiri Exp $ # # simple quick-start config script #

# ----------- global configuration parameters ------------------------

debug=3 # debug level (cmd line: -dddddddddd) fork=yes log_stderror=yes # (cmd line: -E)

/* Uncomment these lines to enter debugging mode debug=7 fork=no log_stderror=yes */

check_via=no # (cmd. line: -v) dns=no # (cmd. line: -r) rev_dns=no # (cmd. line: -R) port=5060 children=4 fifo="/tmp/ser_fifo"

# ------------------ module loading ----------------------------------

# Uncomment this if you want to use SQL database loadmodule "/usr/local/lib/ser/modules/mysql.so"

loadmodule "/usr/local/lib/ser/modules/sl.so" loadmodule "/usr/local/lib/ser/modules/tm.so" loadmodule "/usr/local/lib/ser/modules/rr.so" loadmodule "/usr/local/lib/ser/modules/maxfwd.so" loadmodule "/usr/local/lib/ser/modules/usrloc.so" loadmodule "/usr/local/lib/ser/modules/registrar.so"

# Uncomment this if you want digest authentication # mysql.so must be loaded ! loadmodule "/usr/local/lib/ser/modules/auth.so" loadmodule "/usr/local/lib/ser/modules/auth_db.so"

# ----------------- setting module-specific parameters ---------------

# -- usrloc params --

#modparam("usrloc", "db_mode", 0)

# Uncomment this if you want to use SQL database # for persistent storage and comment the previous line modparam("usrloc", "db_mode", 2) modparam("usrloc","db_url","sql://ser:heslo@192.168.1.3/ser")

# -- auth params -- # Uncomment if you are using auth module # modparam("auth_db","db_url","sql://ser:heslo@192.168.1.3/ser") modparam("auth_db", "calculate_ha1", yes) # # If you set "calculate_ha1" parameter to yes (which true in this config), # uncomment also the following parameter) # modparam("auth_db", "password_column", "password")

# -- rr params -- # add value to ;lr param to make some broken UAs happy modparam("rr", "enable_full_lr", 1)

# ------------------------- request routing logic -------------------

# main routing logic

alias="voztelecom.net" alias="devel.voztelecom.net" alias="192.168.1.2"

route{

    # initial sanity checks -- messages with
    # max_forwards==0, or excessively long requests
    if (!mf_process_maxfwd_header("10")) {
            sl_send_reply("483","Too Many Hops");
            break;
    };
    if (len_gt( max_len )) {
            sl_send_reply("513", "Message too big");
            break;
    };

    # we record-route all messages -- to make sure that
    # subsequent messages will go through our proxy; that's
    # particularly good if upstream and downstream entities
    # use different transport protocol
    record_route();
    # loose-route processing
    if (loose_route()) {
            t_relay();
            break;
    };

    # if the request is for other domain use UsrLoc
    # (in case, it does not work, use the following command
    # with proper names and addresses in it)
    if (uri==myself) {

# if (uri=~"voztelecom.net" || uri=~"192.168.1.2") {

            if (method=="REGISTER") {

# Uncomment this if you want to use digest authentication if (!www_authorize("voztelecom.net",

"subscriber")) {

                            www_challenge("voztelecom.net", "0");
                            break;
                    };

                    save("location");
                    break;
            };

            # native SIP destinations are handled using our USRLOC

DB

            if (!lookup("location")) {
                    sl_send_reply("404", "Not Found");
                    break;
            };
    };
    # forward to current uri now; use stateful forwarding; that
    # works reliably even if we forward from TCP to UDP
    if (!t_relay()) {
            sl_reply_error();
    };

}

Thanks in advance for your help.

Saludos JesusR.

---

Jesus Rodriguez VozTelecom Sistemas, S.L. jesusr@voztele.com http://www.voztele.com Tel. 902360305

---

---

Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers

_______________________________________________ Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers

_______________________________________________ Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers