thank dave ,
as i said you earlies iam using the xlite
which is a stun client and iam running
the stun 0.92 + ser in same box
so in debug mode of stun i could able to see public ip
allocate to that private ip but ser is not showing
any difference ( this is also in the debug mode)
so i donot know where is the error
actualy to test my stun server i have installed
winstun in the private ip and when i use runtest
the message it gives is
Port restricted NAT detected - VoIP will work with
STUN Preserves port number Does not supports hairpin
of media Public IP address: 202.53.76.51
so from here how to move further even rtpproxy is not
working fine with this
my ser.cfg file is
*******************************************************
# This default script includes nathelper support. To
make it work
# you will also have to install Maxim's RTP proxy. The
proxy is enforced
# if one of the parties is behind a NAT.
#
# If you have an endpoing in the public internet which
is known to
# support symmetric RTP (Cisco PSTN gateway or
voicemail, for example),
# then you don't have to force RTP proxy. If you don't
want to enforce
# RTP proxy for some destinations than simply use
t_relay() instead of
# route(1)
#
# Sections marked with !! Nathelper contain
modifications for nathelper
#
# NOTE !! This config is EXPERIMENTAL !
#
# ----------- global configuration parameters
------------------------
debug=8 # debug level (cmd line: -dddddddddd)
fork=yes
log_stderror=yes # (cmd line: -E)
/* Uncomment these lines to enter debugging mode
fork=no
log_stderror=yes
*/
check_via=no # (cmd. line: -v)
dns=no # (cmd. line: -r)
rev_dns=no # (cmd. line: -R)
port=5060
children=4
fifo="/tmp/ser_fifo"
# ------------------ module loading
----------------------------------
# Uncomment this if you want to use SQL database
#loadmodule "/usr/local/lib/ser/modules/mysql.so"
loadmodule "/usr/local/lib/ser/modules/sl.so"
loadmodule "/usr/local/lib/ser/modules/tm.so"
loadmodule "/usr/local/lib/ser/modules/rr.so"
loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
loadmodule "/usr/local/lib/ser/modules/usrloc.so"
loadmodule "/usr/local/lib/ser/modules/registrar.so"
loadmodule "/usr/local/lib/ser/modules/textops.so"
# Uncomment this if you want digest authentication
# mysql.so must be loaded !
#loadmodule "/usr/local/lib/ser/modules/auth.so"
#loadmodule "/usr/local/lib/ser/modules/auth_db.so"
# !! Nathelper
loadmodule "/usr/local/lib/ser/modules/nathelper.so"
# ----------------- setting module-specific parameters
---------------
# -- usrloc params --
modparam("usrloc", "db_mode", 0)
# Uncomment this if you want to use SQL database
# for persistent storage and comment the previous line
#modparam("usrloc", "db_mode", 2)
# -- auth params --
# Uncomment if you are using auth module
#
#modparam("auth_db", "calculate_ha1", yes)
#
# If you set "calculate_ha1" parameter to yes (which
true in this config),
# uncomment also the following parameter)
#
#modparam("auth_db", "password_column", "password")
# -- rr params --
# add value to ;lr param to make some broken UAs happy
modparam("rr", "enable_full_lr", 1)
# !! Nathelper
modparam("registrar", "nat_flag", 6)
modparam("nathelper", "natping_interval", 30) # Ping
interval 30 s
modparam("nathelper", "ping_nated_only", 1) # Ping
only clients behind NAT
# ------------------------- request routing logic
-------------------
# main routing logic
route{
# initial sanity checks -- messages with
# max_forwards==0, or excessively long requests
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483","Too Many Hops");
break;
};
if (msg:len >= max_len ) {
sl_send_reply("513", "Message too big");
break;
};
# !! Nathelper
# Special handling for NATed clients; first, NAT test
is
# executed: it looks for via!=received and RFC1918
addresses
# in Contact (may fail if line-folding is used);
also,
# the received test should, if completed, should
check all
# vias for rpesence of received
if (nat_uac_test("3")) {
# Allow RR-ed requests, as these may indicate that
# a NAT-enabled proxy takes care of it; unless it is
# a REGISTER
if (method == "REGISTER" || !
search("^Record-Route:")) {
log("LOG: Someone trying to register from
private IP, rewriting\n");
# This will work only for user agents that
support symmetric
# communication. We tested quite many of them
and majority is
# smart enough to be symmetric. In some phones
it takes a configuration
# option. With Cisco 7960, it is called
NAT_Enable=Yes, with kphone it is
# called "symmetric media" and "symmetric
signalling".
fix_nated_contact(); # Rewrite contact with
source IP of signalling
if (method == "INVITE") {
fix_nated_sdp("1"); # Add direction=active
to SDP
};
force_rport(); # Add rport parameter to topmost
Via
setflag(6); # Mark as NATed
};
};
# we record-route all messages -- to make sure that
# subsequent messages will go through our proxy;
that's
# particularly good if upstream and downstream
entities
# use different transport protocol
if (!method=="REGISTER") record_route();
# subsequent messages withing a dialog should take
the
# path determined by record-routing
if (loose_route()) {
# mark routing logic in request
append_hf("P-hint: rr-enforced\r\n");
route(1);
break;
};
if (!uri==myself) {
# mark routing logic in request
append_hf("P-hint: outbound\r\n");
route(1);
break;
};
# if the request is for other domain use UsrLoc
# (in case, it does not work, use the following
command
# with proper names and addresses in it)
if (uri==myself) {
if (method=="REGISTER") {
# Uncomment this if you want to use digest
authentication
# if (!www_authorize("iptel.org", "subscriber")) {
# www_challenge("iptel.org", "0");
# break;
# };
save("location");
break;
};
lookup("aliases");
if (!uri==myself) {
append_hf("P-hint: outbound alias\r\n");
route(1);
break;
};
# native SIP destinations are handled using our
USRLOC DB
if (!lookup("location")) {
sl_send_reply("404", "Not Found");
break;
};
};
append_hf("P-hint: usrloc applied\r\n");
route(1);
}
route[1]
{
# !! Nathelper
if
(uri=~"[@:](192\.168\.|10\.|172\.(1[6-9]|2[0-9]|3[0-1])\.)"
&& !search("^Route:")){
sl_send_reply("479", "We don't forward to private
IP addresses");
break;
};
# if client or server know to be behind a NAT, enable
relay
if (isflagset(6)) {
force_rtp_proxy();
};
# NAT processing of replies; apply to all
transactions (for example,
# re-INVITEs from public to private UA are hard to
identify as
# NATed at the moment of request processing); look at
replies
t_on_reply("1");
# send it out now; use stateful forwarding as it
works reliably
# even for UDP2TCP
if (!t_relay()) {
sl_reply_error();
};
}
# !! Nathelper
onreply_route[1] {
# NATed transaction ?
if (isflagset(6) && status =~ "(183)|2[0-9][0-9]")
{
fix_nated_contact();
force_rtp_proxy();
# otherwise, is it a transaction behind a NAT and
we did not
# know at time of request processing ? (RFC1918
contacts)
} else if (nat_uac_test("1")) {
fix_nated_contact();
};
*******************************************************
with regards
serdiehard
--- Dave Bath <dave(a)fuuz.com> wrote:
You should only need to enable stun from your client
(obviously only
works for a client which supports stun).
Sorry, I do not use cpled
-----Original Message-----
From: ser die [mailto:serdiehard@yahoo.com]
Sent: 16 August 2004 14:43
To: Dave Bath
Cc: serusers(a)lists.iptel.org
Subject: RE: [Serusers] ser + stun
yes dave,
my stun server is working correctly i have tested
with winstunsetup.msi
now i need to work this with ser
does i need to have any configurarion changes in the
ser.cfg?
has the cpled worked for you?
with regards
serdiehard
--- Dave Bath <dave(a)fuuz.com> wrote:
Hey,
Haven't really used the raw fifo commands, so
can't
help you there. I
suggest you find a machine from which you can
confirm whether your stun
server is operating correctly before you worry
about
the ser.cfg.
Regards,
Dave
-----Original Message-----
From: ser die [mailto:serdiehard@yahoo.com]
Sent: 16 August 2004 13:52
To: Dave Bath
Subject: RE: [Serusers] ser + stun
thanks dave,
i have downloaded winstunsetup but the format is
.msi
mines is a linux system so i donot know how to use
is it and how to get the confirmation that stun is
correctly setup in the system
one other thing do you have any idea about how to
run
the fifo commands?
with regards
serdiehard
--- Dave Bath <dave(a)fuuz.com> wrote:
> Have you used the WinStun program to confirm
that
> your stun server is
> correctly set up?
>
> Dave
>
> -----Original Message-----
> From: serusers-bounces(a)lists.iptel.org
> [mailto:serusers-bounces@lists.iptel.org] On
> Behalf Of ser die
> Sent: 16 August 2004 08:44
> To: serusers(a)lists.iptel.org
> Subject: [Serusers] ser + stun
>
> hello friends,
>
> iam using ser of latest cvs head
>
> and stun server of 0.92 version
>
> iam running ser + stun on the same box
>
> mines problem is stun could able to communicate
>
> with the behind nat boxes and give an public ip
to
>
> that machines but ser could not able to even
>
> detect that.
>
> is there any special cofigurations we need to
make
>
> with regards
> rama kanth
>
>
>
>
__________________________________________________
Do You
Yahoo!?
Tired of spam? Yahoo! Mail has the best spam
protection around
http://mail.yahoo.com
_______________________________________________
Serusers mailing list
serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers
_______________________________________________
Serusers mailing list
serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers
__________________________________
Do you Yahoo!?
Take Yahoo! Mail with you! Get it on your mobile
phone.
http://mobile.yahoo.com/maildemo
__________________________________
Do you Yahoo!?
New and Improved Yahoo! Mail - Send 10MB messages!
http://promotions.yahoo.com/new_mail
__________________________________
Do you Yahoo!?
Yahoo! Mail Address AutoComplete - You start. We finish.
http://promotions.yahoo.com/new_mail