Hi all,
I have had some success with the configuration, however using authentication does not work for me at all. I have grabbed another cfg for testing, I can see my ata sending reg requests to the server and the server just replying immediately with unauthorized 401 error. Shouldn't the server first reply with a 100 trying message? Does the cfg file look like it should work?
Thanks again,
64.189.165.2065060 -> 64.189.165.2055060 REGISTER sip:sip.coptalk.com SIP/2.0..Via SIP/2.0/UDP 64.189.165.2065060..From sip:Rick@sip.coptalk.com;tag=21094236 64..To sip:Rick@sip.coptalk.com..Call-ID 399581690@64.189.165.206..CSeq 1 REGISTER..Contact <sip:Rick@64.189.165.206 5060;transport=udp>;expires=3600..User-Agent Cisco ATA 186 v2.16.2 ata18x (030909a)..Content-Length 0.... # U 64.189.165.2055060 -> 64.189.165.2065060 SIP/2.0 401 Unauthorized..Via SIP/2.0/UDP 64.189.165.2065060..From sip:Rick@sip.coptalk.com;tag=2109423664..To sip:R ick@sip.coptalk.com;tag=b27e1a1d33761e85846fc98f5f3a7e58.4a60..Call-ID 399581690@64.189.165.206..CSeq 1 REGISTER..WWW- Authenticate Digest realm="sip.coptalk.com", nonce="3fd602692d1f0bf922ae277c623f1d201acbde03"..Server Sip EXpress rou ter (0.8.12 (i386/linux))..Content-Length 0....
# ----------- global configuration parameters ------------------------
debug=3 # debug level (cmd line -dddddddddd) fork=yes log_stderror=yes # (cmd line -E)
#/* Uncomment these lines to enter debugging mode #fork=no #log_stderror=yes #*/
check_via=no # (cmd. line -v) dns=no # (cmd. line -r) rev_dns=no # (cmd. line -R) port=5060 children=4 fifo="/tmp/ser_fifo"
# # $Id pstn.cfg,v 1.2 2003/06/03 031812 jiri Exp $ # #
# ------------------ module loading ---------------------------------- loadmodule "/usr/lib/ser/modules/tm.so" loadmodule "/usr/lib/ser/modules/sl.so" loadmodule "/usr/lib/ser/modules/acc.so" loadmodule "/usr/lib/ser/modules/rr.so" loadmodule "/usr/lib/ser/modules/usrloc.so" loadmodule "/usr/lib/ser/modules/uri.so" loadmodule "/usr/lib/ser/modules/registrar.so" loadmodule "/usr/lib/ser/modules/maxfwd.so" loadmodule "/usr/lib/ser/modules/mysql.so" loadmodule "/usr/lib/ser/modules/auth.so" loadmodule "/usr/lib/ser/modules/auth_db.so" loadmodule "/usr/lib/ser/modules/textops.so" loadmodule "/usr/lib/ser/modules/group.so" modparam("auth_db", "db_url","sql//password@localhost/ser") modparam("usrloc", "db_url", "sql//password@localhost/ser")
# ----------------- setting module-specific parameters ---------------
modparam("auth_db", "calculate_ha1", yes) modparam("auth_db", "password_column", "password") modparam("usrloc", "db_mode", 2) # -- acc params -- # modparam("acc", "log_level", 1) # that is the flag for which we will account -- don't forget to # set the same one -) # modparam("acc", "log_flag", 1 )
# ------------------------- request routing logic -------------------
# main routing logic alias="coptalk.com" alias="sip.coptalk.com" use sip_warning=no
modparam("rr", "enable_full_lr", 1)
route{
# initial sanity checks -- messages with # max_forwards==0, or excessively longrequests if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); break; };
if (msglen >= max_len ) { sl_send_reply("513", "Message too big"); break; };
# we record-route all messages -- to make surethat # subsequent messages will go through ourproxy; that's # particularly good if upstream and downstreamentities # use different transport protocol
record_route(); # loose-route processing if (loose_route()) { t_relay(); break; };
# if the request is for other domain useUsrLoc # (in case, it does not work, use thefollowing command # with proper names and addresses in it) if (uri=~"[@.]sip.coptalk.com([;].*)*") {
if (method=="REGISTER") {
# Uncomment this if you want to use digestauthentication if (!www_authorize("sip.coptalk.com", "subscriber")) { www_challenge("sip.coptalk.com", "0"); break; }; save("location"); break; };
# native SIP destinations are handledusing our USRLOC DB if (!lookup("location")) { sl_send_reply("404", "NotFound"); break; }; }; # forward to current uri now; use statefulforwarding; that # works reliably even if we forward from TCPto UDP if (!t_relay()) { sl_reply_error(); }; if (uri=~"^sip[0-9]*@.*") { log("Forwarding to PSTN\n"); t_relay_to_udp ("65.189.155.101","5060"); t_relay_to_tcp ("65.189.155.101","5060"); break; };
if (method=="INVITE") { sl_send_reply("403", "Call cannot be served here"); } else { forward(urihost, uriport); }; break; }
On Dec 09, 2003 at 09:00, Rick Gocher rgocher@coptalk.com wrote:
Hi all,
I have had some success with the configuration, however using authentication does not work for me at all. I have grabbed another cfg for testing, I can see my ata sending reg requests to the server and the server just replying immediately with unauthorized 401 error. Shouldn't the server first reply with a 100 trying message?
No, it shouldn't.
Does the cfg file look like it should work?
It doesn't look like a ser configuration problem.
Thanks again,
64.189.165.2065060 -> 64.189.165.2055060 REGISTER sip:sip.coptalk.com SIP/2.0..Via SIP/2.0/UDP 64.189.165.2065060..From sip:Rick@sip.coptalk.com;tag=21094236 64..To sip:Rick@sip.coptalk.com..Call-ID 399581690@64.189.165.206..CSeq 1 REGISTER..Contact <sip:Rick@64.189.165.206 5060;transport=udp>;expires=3600..User-Agent Cisco ATA 186 v2.16.2 ata18x (030909a)..Content-Length 0.... # U 64.189.165.2055060 -> 64.189.165.2065060 SIP/2.0 401 Unauthorized..Via SIP/2.0/UDP 64.189.165.2065060..From sip:Rick@sip.coptalk.com;tag=2109423664..To sip:R ick@sip.coptalk.com;tag=b27e1a1d33761e85846fc98f5f3a7e58.4a60..Call-ID 399581690@64.189.165.206..CSeq 1 REGISTER..WWW- Authenticate Digest realm="sip.coptalk.com", nonce="3fd602692d1f0bf922ae277c623f1d201acbde03"..Server Sip EXpress rou ter (0.8.12 (i386/linux))..Content-Length 0....
The ata should send again the REGSITER with authentication information added to it. It looks like your ata is misconfigured.
Andrei
Hi Andrei,
Thank you for your help.. I have followed instructions on the ATA configuration from the web and believe all is configured correctly, unless there is a bug in the firmware... I have set UID: Rick UID1: Rick pwd0 and pwd1 to the password for Rick which I entered using serctl. UseSip:1 and set sipregon:1. The GkorProxy has been tested with the fqdn and ip address of the sip server.
If I turn off Sip registration on the ATA ngrep reports,
U 64.189.165.206:5060 -> 64.189.165.205:5060 CANCEL sip:6045551212@sip.coptalk.com;user=phone SIP/2.0..Via: SIP/2.0/UDP 64.189.165.206:5060..From: sip:Rick@sip.coptalk.com;tag=4067373120..To: sip:6045551212@sip.coptalk.com;user=phone..Call-ID: 903446842@64.189.165.206..CSeq: 1 CANCEL..User-Agent: Cisco ATA 186 v2.16.2 ata18x (030909a)..Content-Length: 0.... # U 64.189.165.205:5060 -> 64.189.165.206:5060 SIP/2.0 404 User does not exist..Via: SIP/2.0/UDP 64.189.165.206:5060..From: sip:Rick@sip.coptalk.com;tag=4067373120..To: sip:6045551212@sip.coptalk.com;user=phone;tag=b27e1a1d33761e85846fc98f5f3a7e58.4a60..Call-ID: 903446842@64.189.165.206..CSeq: 1 CANCEL..Server: Sip EXpress router (0.8.12 (i386/linux))..Content-Length: 0..Warning: 392 64.189.165.205:506 0 "Noisy feedback tells: pid=2827 req_src_ip=64.189.165.206 req_src_port=5060 in_uri=sip:6045551212@sip.coptalk.com;user=phone out_uri=sip:6045551212@sip.coptalk.com;user=phone via_cnt==1".... # U 64.189.165.206:5060 -> 64.189.165.205:5060 CANCEL sip:6045551212@sip.coptalk.com;user=phone SIP/2.0..Via: SIP/2.0/UDP 64.189.165.206:5060..From: sip:Rick@sip.coptalk.com;tag=4067373120..To: sip:6045551212@sip.coptalk.com;user=phone..Call-ID: 903446842@64.189.165.206..CSeq: 1 CANCEL..User-Agent: Cisco ATA 186 v2.16.2 ata18x (030909a)..Content-Length: 0.... # U 64.189.165.205:5060 -> 64.189.165.206:5060 SIP/2.0 404 User does not exist..Via: SIP/2.0/UDP 64.189.165.206:5060..From: sip:Rick@sip.coptalk.com;tag=4067373120..To: sip:6045551212@sip.coptalk.com;user=phone;tag=b27e1a1d33761e85846fc98f5f3a7e58.4a60..Call-ID: 903446842@64.189.165.206..CSeq: 1 CANCEL..Server: Sip EXpress router (0.8.12 (i386/linux))..Content-Length: 0..Warning: 392 64.189.165.205:506 0 "Noisy feedback tells: pid=2822 req_src_ip=64.189.165.206 req_src_port=5060 in_uri=sip:6045551212@sip.coptalk.com;user=phone out_uri=sip:6045551212@sip.coptalk.com;user=phone via_cnt==1"....
When I turn sip reg on the server ngrep says,
U 64.189.165.206:5060 -> 64.189.165.205:5060 REGISTER sip:sip.coptalk.com SIP/2.0..Via: SIP/2.0/UDP 64.189.165.206:5060..From: sip:Rick@sip.coptalk.com;tag=30522552 06..To: sip:Rick@sip.coptalk.com..Call-ID: 2275441284@64.189.165.206..CSeq: 1 REGISTER..Contact: <sip:Rick@64.189.165.206 :5060;transport=udp>;expires=3600..User-Agent: Cisco ATA 186 v2.16.2 ata18x (030909a)..Content-Length: 0.... # U 64.189.165.205:5060 -> 64.189.165.206:5060 SIP/2.0 401 Unauthorized..Via: SIP/2.0/UDP 64.189.165.206:5060..From: sip:Rick@sip.coptalk.com;tag=3052255206..To: sip:Rick@sip.coptalk.com;tag=b27e1a1d33761e85846fc98f5f3a7e58.4a60..Call-ID: 2275441284@64.189.165.206..CSeq: 1 REGISTER..WWW-Authenticate: Digest realm="coptalk.com", nonce="3fd79c25e8ddc363367cf7ab2721734e868138ba"..Server: Sip EXpress router (0.8.12 (i386/linux))..Content-Length: 0..Warning: 392 64.189.165.205:5060 "Noisy feedback tells: pid=2822 req_src_ip=64.189.165.206 req_src_port=5060 in_uri=sip:sip.coptalk.com out_uri=sip:sip.coptalk.com via_cnt==1".... # U 64.189.165.206:5060 -> 64.189.165.205:5060 REGISTER sip:sip.coptalk.com SIP/2.0..Via: SIP/2.0/UDP 64.189.165.206:5060..From: sip:Rick@sip.coptalk.com;tag=30522552 06..To: sip:Rick@sip.coptalk.com..Call-ID: 2275441284@64.189.165.206..CSeq: 1 REGISTER..Contact: <sip:Rick@64.189.165.206 :5060;transport=udp>;expires=3600..User-Agent: Cisco ATA 186 v2.16.2 ata18x (030909a)..Content-Length: 0.... # U 64.189.165.205:5060 -> 64.189.165.206:5060 SIP/2.0 401 Unauthorized..Via: SIP/2.0/UDP 64.189.165.206:5060..From: sip:Rick@sip.coptalk.com;tag=3052255206..To: sip:Rick@sip.coptalk.com;tag=b27e1a1d33761e85846fc98f5f3a7e58.4a60..Call-ID: 2275441284@64.189.165.206..CSeq: 1 REGISTER..WWW-Authenticate: Digest realm="coptalk.com", nonce="3fd79c290575162cb70b43cca08372cebf390380"..Server: Sip EXpress router (0.8.12 (i386/linux))..Content-Length: 0..Warning: 392 64.189.165.205:5060 "Noisy feedback tells: pid=2827 req_src_ip=64.189.165.206 req_src_port=5060 in_uri=sip:sip.coptalk.com out_uri=sip:sip.coptalk.com via_cnt==1"....
I downloaded the Xten-Lite phone and it generates the same errors as the ata, except it's display says login timed out contact your administrator. Any ideas?
Thanks again,
Rick
At 04:51 PM 12/10/2003 +0100, Andrei Pelinescu-Onciul wrote:
On Dec 09, 2003 at 09:00, Rick Gocher rgocher@coptalk.com wrote:
Hi all,
I have had some success with the configuration, however using authentication does not work for me at all. I have grabbed another cfg
for
testing, I can see my ata sending reg requests to the server and the
server
just replying immediately with unauthorized 401 error. Shouldn't the server first reply with a 100 trying message?
No, it shouldn't.
Does the cfg file look like it should work?
It doesn't look like a ser configuration problem.
Thanks again,
64.189.165.2065060 -> 64.189.165.2055060 REGISTER sip:sip.coptalk.com SIP/2.0..Via SIP/2.0/UDP 64.189.165.2065060..From sip:Rick@sip.coptalk.com;tag=21094236 64..To sip:Rick@sip.coptalk.com..Call-ID 399581690@64.189.165.206..CSeq 1 REGISTER..Contact <sip:Rick@64.189.165.206 5060;transport=udp>;expires=3600..User-Agent Cisco ATA 186 v2.16.2 ata18x (030909a)..Content-Length 0.... # U 64.189.165.2055060 -> 64.189.165.2065060 SIP/2.0 401 Unauthorized..Via SIP/2.0/UDP 64.189.165.2065060..From sip:Rick@sip.coptalk.com;tag=2109423664..To sip:R ick@sip.coptalk.com;tag=b27e1a1d33761e85846fc98f5f3a7e58.4a60..Call-ID 399581690@64.189.165.206..CSeq 1 REGISTER..WWW- Authenticate Digest realm="sip.coptalk.com", nonce="3fd602692d1f0bf922ae277c623f1d201acbde03"..Server Sip EXpress rou ter (0.8.12 (i386/linux))..Content-Length 0....
The ata should send again the REGSITER with authentication information added to it. It looks like your ata is misconfigured.
Andrei
-
Andrei Pelinescu-Onciul -
Rick Gocher