9 Dec
2003
9 Dec
'03
7 p.m.
Hi all,
I have had some success with the configuration, however using
authentication does not work for me at all. I have grabbed another cfg for
testing, I can see my ata sending reg requests to the server and the server
just replying immediately with unauthorized 401 error. Shouldn't the
server first reply with a 100 trying message? Does the cfg file look like
it should work?
Thanks again,
64.189.165.2065060 -> 64.189.165.2055060
REGISTER sip:sip.coptalk.com SIP/2.0..Via SIP/2.0/UDP
64.189.165.2065060..From sip:Rick@sip.coptalk.com;tag=21094236
64..To sip:Rick@sip.coptalk.com..Call-ID 399581690@64.189.165.206..CSeq
1 REGISTER..Contact <sip:Rick@64.189.165.206
5060;transport=udp>;expires=3600..User-Agent Cisco ATA 186 v2.16.2
ata18x (030909a)..Content-Length 0....
#
U 64.189.165.2055060 -> 64.189.165.2065060
SIP/2.0 401 Unauthorized..Via SIP/2.0/UDP 64.189.165.2065060..From
sip:Rick@sip.coptalk.com;tag=2109423664..To sip:R
ick@sip.coptalk.com;tag=b27e1a1d33761e85846fc98f5f3a7e58.4a60..Call-ID
399581690@64.189.165.206..CSeq 1 REGISTER..WWW-
Authenticate Digest realm="sip.coptalk.com",
nonce="3fd602692d1f0bf922ae277c623f1d201acbde03"..Server Sip EXpress rou
ter (0.8.12 (i386/linux))..Content-Length 0....
# ----------- global configuration parameters ------------------------
debug=3 # debug level (cmd line -dddddddddd)
fork=yes
log_stderror=yes # (cmd line -E)
#/* Uncomment these lines to enter debugging mode
#fork=no
#log_stderror=yes
#*/
check_via=no # (cmd. line -v)
dns=no # (cmd. line -r)
rev_dns=no # (cmd. line -R)
port=5060
children=4
fifo="/tmp/ser_fifo"
#
# $Id pstn.cfg,v 1.2 2003/06/03 031812 jiri Exp $
#
#
# ------------------ module loading ----------------------------------
loadmodule "/usr/lib/ser/modules/tm.so"
loadmodule "/usr/lib/ser/modules/sl.so"
loadmodule "/usr/lib/ser/modules/acc.so"
loadmodule "/usr/lib/ser/modules/rr.so"
loadmodule "/usr/lib/ser/modules/usrloc.so"
loadmodule "/usr/lib/ser/modules/uri.so"
loadmodule "/usr/lib/ser/modules/registrar.so"
loadmodule "/usr/lib/ser/modules/maxfwd.so"
loadmodule "/usr/lib/ser/modules/mysql.so"
loadmodule "/usr/lib/ser/modules/auth.so"
loadmodule "/usr/lib/ser/modules/auth_db.so"
loadmodule "/usr/lib/ser/modules/textops.so"
loadmodule "/usr/lib/ser/modules/group.so"
modparam("auth_db", "db_url","sql//password@localhost/ser")
modparam("usrloc", "db_url", "sql//password@localhost/ser")
# ----------------- setting module-specific parameters ---------------
modparam("auth_db", "calculate_ha1", yes)
modparam("auth_db", "password_column", "password")
modparam("usrloc", "db_mode", 2)
# -- acc params --
# modparam("acc", "log_level", 1)
# that is the flag for which we will account -- don't forget to
# set the same one -)
# modparam("acc", "log_flag", 1 )
# ------------------------- request routing logic -------------------
# main routing logic
alias="coptalk.com"
alias="sip.coptalk.com"
use sip_warning=no
modparam("rr", "enable_full_lr", 1)
route{
# initial sanity checks -- messages with
# max_forwards==0, or excessively longrequests
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483","Too Many Hops");
break;
};
if (msglen >= max_len ) {
sl_send_reply("513", "Message too big");
break;
};
# we record-route all messages -- to make surethat
# subsequent messages will go through ourproxy; that's
# particularly good if upstream and downstreamentities
# use different transport protocol
record_route();
# loose-route processing
if (loose_route()) {
t_relay();
break;
};
# if the request is for other domain useUsrLoc
# (in case, it does not work, use thefollowing command
# with proper names and addresses in it)
if (uri=~"[(a)\.]sip\.coptalk\.com([;].*)*") {
if (method=="REGISTER") {
# Uncomment this if you want to use digestauthentication
if
(!www_authorize("sip.coptalk.com", "subscriber")) {
www_challenge("sip.coptalk.com", "0");
break;
};
save("location");
break;
};
# native SIP destinations are handledusing our USRLOC DB
if (!lookup("location")) {
sl_send_reply("404", "NotFound");
break;
};
};
# forward to current uri now; use statefulforwarding; that
# works reliably even if we forward from TCPto UDP
if (!t_relay()) {
sl_reply_error();
};
if (uri=~"^sip[0-9]*@.*") {
log("Forwarding to PSTN\n");
t_relay_to_udp ("65.189.155.101","5060");
t_relay_to_tcp ("65.189.155.101","5060");
break;
};
if (method=="INVITE") {
sl_send_reply("403", "Call cannot be served
here");
} else {
forward(urihost, uriport);
};
break;
}
10 Dec
10 Dec
5:51 p.m.
On Dec 09, 2003 at 09:00, Rick Gocher <rgocher(a)coptalk.com> wrote:
Hi all,
I have had some success with the configuration, however using
authentication does not work for me at all. I have grabbed another cfg for
testing, I can see my ata sending reg requests to the server and the server
just replying immediately with unauthorized 401 error. Shouldn't the
server first reply with a 100 trying message?
No, it shouldn't.
Does the cfg file look like
it should work?
It doesn't look like a ser configuration problem.
Thanks again,
64.189.165.2065060 -> 64.189.165.2055060
REGISTER sip:sip.coptalk.com SIP/2.0..Via SIP/2.0/UDP
64.189.165.2065060..From sip:Rick@sip.coptalk.com;tag=21094236
64..To sip:Rick@sip.coptalk.com..Call-ID 399581690@64.189.165.206..CSeq
1 REGISTER..Contact <sip:Rick@64.189.165.206
5060;transport=udp>;expires=3600..User-Agent Cisco ATA 186 v2.16.2
ata18x (030909a)..Content-Length 0....
#
U 64.189.165.2055060 -> 64.189.165.2065060
SIP/2.0 401 Unauthorized..Via SIP/2.0/UDP 64.189.165.2065060..From
sip:Rick@sip.coptalk.com;tag=2109423664..To sip:R
ick@sip.coptalk.com;tag=b27e1a1d33761e85846fc98f5f3a7e58.4a60..Call-ID
399581690@64.189.165.206..CSeq 1 REGISTER..WWW-
Authenticate Digest realm="sip.coptalk.com",
nonce="3fd602692d1f0bf922ae277c623f1d201acbde03"..Server Sip EXpress rou
ter (0.8.12 (i386/linux))..Content-Length 0....
The ata should send again the REGSITER with authentication information
added to it. It looks like your ata is misconfigured.
Andrei
11:35 p.m.
Hi Andrei,
Thank you for your help.. I have followed instructions on the ATA
configuration from the web and believe all is configured correctly, unless
there is a bug in the firmware... I have set UID: Rick UID1: Rick pwd0 and
pwd1 to the password for Rick which I entered using serctl. UseSip:1 and
set sipregon:1. The GkorProxy has been tested with the fqdn and ip address
of the sip server.
If I turn off Sip registration on the ATA ngrep reports,
U 64.189.165.206:5060 -> 64.189.165.205:5060
CANCEL sip:6045551212@sip.coptalk.com;user=phone SIP/2.0..Via:
SIP/2.0/UDP 64.189.165.206:5060..From:
sip:Rick@sip.coptalk.com;tag=4067373120..To:
<sip:6045551212@sip.coptalk.com;user=phone>..Call-ID:
903446842@64.189.165.206..CSeq: 1 CANCEL..User-Agent: Cisco ATA
186 v2.16.2 ata18x (030909a)..Content-Length: 0....
#
U 64.189.165.205:5060 -> 64.189.165.206:5060
SIP/2.0 404 User does not exist..Via: SIP/2.0/UDP
64.189.165.206:5060..From: sip:Rick@sip.coptalk.com;tag=4067373120..To:
<sip:6045551212@sip.coptalk.com;user=phone>;tag=b27e1a1d33761e85846fc98f5f3a7e58.4a60..Call-ID:
903446842@64.189.165.206..CSeq: 1 CANCEL..Server: Sip EXpress router
(0.8.12 (i386/linux))..Content-Length: 0..Warning: 392 64.189.165.205:506 0
"Noisy feedback tells: pid=2827 req_src_ip=64.189.165.206
req_src_port=5060 in_uri=sip:6045551212@sip.coptalk.com;user=phone
out_uri=sip:6045551212@sip.coptalk.com;user=phone via_cnt==1"....
#
U 64.189.165.206:5060 -> 64.189.165.205:5060
CANCEL sip:6045551212@sip.coptalk.com;user=phone SIP/2.0..Via:
SIP/2.0/UDP 64.189.165.206:5060..From:
sip:Rick@sip.coptalk.com;tag=4067373120..To:
<sip:6045551212@sip.coptalk.com;user=phone>..Call-ID:
903446842@64.189.165.206..CSeq: 1 CANCEL..User-Agent: Cisco ATA
186 v2.16.2 ata18x (030909a)..Content-Length: 0....
#
U 64.189.165.205:5060 -> 64.189.165.206:5060
SIP/2.0 404 User does not exist..Via: SIP/2.0/UDP
64.189.165.206:5060..From: sip:Rick@sip.coptalk.com;tag=4067373120..To:
<sip:6045551212@sip.coptalk.com;user=phone>;tag=b27e1a1d33761e85846fc98f5f3a7e58.4a60..Call-ID:
903446842@64.189.165.206..CSeq: 1 CANCEL..Server: Sip EXpress router
(0.8.12 (i386/linux))..Content-Length: 0..Warning: 392 64.189.165.205:506 0
"Noisy feedback tells: pid=2822 req_src_ip=64.189.165.206
req_src_port=5060 in_uri=sip:6045551212@sip.coptalk.com;user=phone
out_uri=sip:6045551212@sip.coptalk.com;user=phone via_cnt==1"....
When I turn sip reg on the server ngrep says,
U 64.189.165.206:5060 -> 64.189.165.205:5060
REGISTER sip:sip.coptalk.com SIP/2.0..Via: SIP/2.0/UDP
64.189.165.206:5060..From: sip:Rick@sip.coptalk.com;tag=30522552
06..To: sip:Rick@sip.coptalk.com..Call-ID:
2275441284@64.189.165.206..CSeq: 1 REGISTER..Contact: <sip:Rick@64.189.165.206
:5060;transport=udp>;expires=3600..User-Agent: Cisco ATA 186 v2.16.2
ata18x (030909a)..Content-Length: 0....
#
U 64.189.165.205:5060 -> 64.189.165.206:5060
SIP/2.0 401 Unauthorized..Via: SIP/2.0/UDP 64.189.165.206:5060..From:
sip:Rick@sip.coptalk.com;tag=3052255206..To:
sip:Rick@sip.coptalk.com;tag=b27e1a1d33761e85846fc98f5f3a7e58.4a60..Call-ID:
2275441284@64.189.165.206..CSeq: 1 REGISTER..WWW-Authenticate: Digest
realm="coptalk.com",
nonce="3fd79c25e8ddc363367cf7ab2721734e868138ba"..Server: Sip EXpress
router (0.8.12 (i386/linux))..Content-Length: 0..Warning: 392
64.189.165.205:5060 "Noisy feedback tells: pid=2822
req_src_ip=64.189.165.206 req_src_port=5060 in_uri=sip:sip.coptalk.com
out_uri=sip:sip.coptalk.com via_cnt==1"....
#
U 64.189.165.206:5060 -> 64.189.165.205:5060
REGISTER sip:sip.coptalk.com SIP/2.0..Via: SIP/2.0/UDP
64.189.165.206:5060..From: sip:Rick@sip.coptalk.com;tag=30522552
06..To: sip:Rick@sip.coptalk.com..Call-ID:
2275441284@64.189.165.206..CSeq: 1 REGISTER..Contact: <sip:Rick@64.189.165.206
:5060;transport=udp>;expires=3600..User-Agent: Cisco ATA 186 v2.16.2
ata18x (030909a)..Content-Length: 0....
#
U 64.189.165.205:5060 -> 64.189.165.206:5060
SIP/2.0 401 Unauthorized..Via: SIP/2.0/UDP 64.189.165.206:5060..From:
sip:Rick@sip.coptalk.com;tag=3052255206..To:
sip:Rick@sip.coptalk.com;tag=b27e1a1d33761e85846fc98f5f3a7e58.4a60..Call-ID:
2275441284@64.189.165.206..CSeq: 1 REGISTER..WWW-Authenticate: Digest
realm="coptalk.com",
nonce="3fd79c290575162cb70b43cca08372cebf390380"..Server: Sip EXpress
router (0.8.12 (i386/linux))..Content-Length: 0..Warning: 392
64.189.165.205:5060 "Noisy feedback tells: pid=2827
req_src_ip=64.189.165.206 req_src_port=5060 in_uri=sip:sip.coptalk.com
out_uri=sip:sip.coptalk.com via_cnt==1"....
I downloaded the Xten-Lite phone and it generates the same errors as the
ata, except it's display says login timed out contact your
administrator. Any ideas?
Thanks again,
Rick
At 04:51 PM 12/10/2003 +0100, Andrei Pelinescu-Onciul wrote:
On Dec 09, 2003 at 09:00, Rick Gocher
<rgocher(a)coptalk.com> wrote:
Hi all,
I have had some success with the configuration, however using
authentication does not work for me at all. I have grabbed another cfg
for
testing, I can see my ata sending reg requests to
the server and the
server
just replying immediately with unauthorized 401
error. Shouldn't the
server first reply with a 100 trying message?
No, it shouldn't.
Does the cfg file look like
it should work?
It doesn't look like a ser configuration problem.
Thanks again,
64.189.165.2065060 -> 64.189.165.2055060
REGISTER sip:sip.coptalk.com SIP/2.0..Via SIP/2.0/UDP
64.189.165.2065060..From sip:Rick@sip.coptalk.com;tag=21094236
64..To sip:Rick@sip.coptalk.com..Call-ID 399581690@64.189.165.206..CSeq
1 REGISTER..Contact <sip:Rick@64.189.165.206
5060;transport=udp>;expires=3600..User-Agent Cisco ATA 186 v2.16.2
ata18x (030909a)..Content-Length 0....
#
U 64.189.165.2055060 -> 64.189.165.2065060
SIP/2.0 401 Unauthorized..Via SIP/2.0/UDP 64.189.165.2065060..From
sip:Rick@sip.coptalk.com;tag=2109423664..To sip:R
ick@sip.coptalk.com;tag=b27e1a1d33761e85846fc98f5f3a7e58.4a60..Call-ID
399581690@64.189.165.206..CSeq 1 REGISTER..WWW-
Authenticate Digest realm="sip.coptalk.com",
nonce="3fd602692d1f0bf922ae277c623f1d201acbde03"..Server Sip EXpress rou
ter (0.8.12 (i386/linux))..Content-Length 0....
The ata should send again the REGSITER with authentication information
added to it. It looks like your ata is misconfigured.
Andrei
7654
days inactive
7655
days old
2 comments
2 participants
participants (2)
-
Andrei Pelinescu-Onciul -
Rick Gocher