On Wed, Nov 15, 2006 at 02:02:12PM +0200, Marnus van Niekerk wrote:
<br> asterisk replies "407 Proxy Auth Required"<br> openSer forwards 407 reply to UA<br> UA resends INVITE with credentials but with the *original* URI (<a class="moz-txt-link-abbreviated" href="mailto:user@dom.tld">user@dom.tld</a> not <a class="moz-txt-link-abbreviated" href="mailto:user@vm.dom.tld">user@vm.dom.tld</a>)<br> openSer forwards the INVITE to the original destination instead of asterisk<br>
You should to have "insecure=very" in your sip.conf as the parameter on incoming sip channel.
Users mailing list Users@openser.org http://openser.org/cgi-bin/mailman/listinfo/users
Wbr,
You should to have "insecure=very" in your sip.conf as the parameter on incoming sip channel.
This does work, but are you saying the only way to get this working is for * to not authenticate the calls at all? It also takes much longer for the call to get answered since * tries the auth first.
M
Quoting Marnus van Niekerk m@mjvn.net:
You should to have "insecure=very" in your sip.conf as the parameter on incoming sip channel.
This does work, but are you saying the only way to get this working is for * to not authenticate the calls at all? It also takes much longer for the call to get answered since * tries the auth first.
The easier method is to authenticate SIP requests at the proxy and use a trust relationship between the proxy and the voicemail server. If you define your proxy as a peer in * sip.conf, then * will only accept SIP requests from your proxy.
Christian
M
Users mailing list Users@openser.org http://openser.org/cgi-bin/mailman/listinfo/users
The easier method is to authenticate SIP requests at the proxy and use a trust relationship between the proxy and the voicemail server. If you define your proxy as a peer in * sip.conf, then * will only accept SIP requests from your proxy.
Thank you, but I think I found another way of doing this as well.
In * sip.conf I changed the realm to "vm.dom.tld" and in openSer openser.cfg I check for INVITES with that realm in the Proxy-Auth header and send them straight back to * with rewritehostport.
This works and has the advantage that * still authenticates all peers which allows our peers to call into the voicemail box without a voicemail password.
M
-
Alexandr Dubovikov -
Christian Schlatter -
Marnus van Niekerk