22 Nov
2004
22 Nov
'04
11:46 p.m.
Hi folks!
I have many users logged on my SER proxy, and routing works fine, but
for some destinations, I have to relay the call for another sip proxy.
Well, on the second proxy, my users login doesn't exist, so I have to
rewrite the username or credentials, before to relay!
I have tried with setuserpass and sethost but doesn't work...
My question is: does this is a normal thing, or I don't have to change
the username from sip message?
Regards.
23 Nov
23 Nov
12:50 p.m.
what kind of authentication requires the second proxy? Can you establish
a trust relation based on IP addresses with that proxy? SER is mainly a
SIP proxy and it doesn't authenticate by itself, neither in behalf of users.
Daniel
On 11/22/04 22:46, sendman wrote:
Hi folks!
I have many users logged on my SER proxy, and routing works fine, but
for some destinations, I have to relay the call for another sip proxy.
Well, on the second proxy, my users login doesn't exist, so I have to
rewrite the username or credentials, before to relay!
I have tried with setuserpass and sethost but doesn't work...
My question is: does this is a normal thing, or I don't have to change
the username from sip message?
Regards.
_______________________________________________
Serusers mailing list
serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers
12:59 p.m.
I've got more or less the same problem, I'm now using ser for routing and
Asterisk for routing to other destinations which require authentication.
Kind regards,
E. Versaevel
-----Oorspronkelijk bericht-----
Van: serusers-bounces(a)iptel.org [mailto:serusers-bounces@lists.iptel.org] Namens
Daniel-Constantin Mierla
Verzonden: dinsdag 23 november 2004 11:51
Aan: sendman
CC: serusers(a)lists.iptel.org
Onderwerp: Re: [Serusers] Double autentication
what kind of authentication requires the second proxy? Can you establish
a trust relation based on IP addresses with that proxy? SER is mainly a
SIP proxy and it doesn't authenticate by itself, neither in behalf of users.
Daniel
On 11/22/04 22:46, sendman wrote:
Hi folks!
I have many users logged on my SER proxy, and routing works fine, but
for some destinations, I have to relay the call for another sip proxy.
Well, on the second proxy, my users login doesn't exist, so I have to
rewrite the username or credentials, before to relay!
I have tried with setuserpass and sethost but doesn't work...
My question is: does this is a normal thing, or I don't have to change
the username from sip message?
Regards.
_______________________________________________
Serusers mailing list
serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers
_______________________________________________
Serusers mailing list
serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers
1:48 p.m.
Well, on second proxy I have to do Digest authentication with
different username/password from my proxy...
I want to know if I can rewrite the username/password before to relay
to second proxy?
On Tue, 23 Nov 2004 11:50:55 +0100, Daniel-Constantin Mierla
<daniel-constantin.mierla(a)fokus.fraunhofer.de> wrote:
what kind of authentication requires the second proxy?
Can you establish
a trust relation based on IP addresses with that proxy? SER is mainly a
SIP proxy and it doesn't authenticate by itself, neither in behalf of users.
Daniel
On 11/22/04 22:46, sendman wrote:
Hi folks!
I have many users logged on my SER proxy, and routing works fine, but
for some destinations, I have to relay the call for another sip proxy.
Well, on the second proxy, my users login doesn't exist, so I have to
rewrite the username or credentials, before to relay!
I have tried with setuserpass and sethost but doesn't work...
My question is: does this is a normal thing, or I don't have to change
the username from sip message?
Regards.
_______________________________________________
Serusers mailing list
serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers
2:12 p.m.
On 11/23/04 12:48, sendman wrote:
Well, on second proxy I have to do Digest
authentication with
different username/password from my proxy...
I want to know if I can rewrite the username/password before to relay
to second proxy?
this will not help. These operations apply to request URI and doesn't
affect credentials for digest authentication. The solution used by E.
Versaevel (in the same mail thread) is a way to go.
Daniel
On Tue, 23 Nov 2004 11:50:55 +0100, Daniel-Constantin Mierla
<daniel-constantin.mierla(a)fokus.fraunhofer.de> wrote:
what kind of authentication requires the second
proxy? Can you establish
a trust relation based on IP addresses with that proxy? SER is mainly a
SIP proxy and it doesn't authenticate by itself, neither in behalf of users.
Daniel
On 11/22/04 22:46, sendman wrote:
>Hi folks!
>
>I have many users logged on my SER proxy, and routing works fine, but
>for some destinations, I have to relay the call for another sip proxy.
>
>Well, on the second proxy, my users login doesn't exist, so I have to
>rewrite the username or credentials, before to relay!
>
>I have tried with setuserpass and sethost but doesn't work...
>
>My question is: does this is a normal thing, or I don't have to change
>the username from sip message?
>
>
>Regards.
>
>_______________________________________________
>Serusers mailing list
>serusers(a)lists.iptel.org
>http://lists.iptel.org/mailman/listinfo/serusers
>
>
>
>
>
_______________________________________________
Serusers mailing list
serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers
2:22 p.m.
However I've still got problems with that setup.
* Asterisk seems to alter the From: header in my incoming calls
(changes non numeric usernames to asterisk)
* Sip error messages are not relayed (ie, my outgoing call creates a
404
not found, but asterisk doesn't relay that message back to the
originating UA
* Asterisk is annoying for the fact that it want's to remain in the
RTP
Path (could be solved with canreinvite=yes entries in sip.conf,
however my asterisk doesn't want to get out of the RTP Path, hence
it
scales much worse.
Not even starting on how to design and implement a scaleable/redundant setup
(which is more or less what I need to do for my final school project)
Kind regards,
E. Versaevel
-----Oorspronkelijk bericht-----
Van: serusers-bounces(a)iptel.org [mailto:serusers-bounces@lists.iptel.org] Namens
Daniel-Constantin Mierla
Verzonden: dinsdag 23 november 2004 13:12
Aan: sendman
CC: serusers(a)lists.iptel.org
Onderwerp: Re: [Serusers] Double autentication
On 11/23/04 12:48, sendman wrote:
_______________________________________________
Serusers mailing list
serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers
Well, on second proxy I have to do Digest
authentication with
different username/password from my proxy...
I want to know if I can rewrite the username/password before to relay
to second proxy?
this will not help. These operations apply to request URI and doesn't
affect credentials for digest authentication. The solution used by E.
Versaevel (in the same mail thread) is a way to go.
Daniel
On Tue, 23 Nov 2004 11:50:55 +0100, Daniel-Constantin Mierla
<daniel-constantin.mierla(a)fokus.fraunhofer.de> wrote:
>what kind of authentication requires the second proxy? Can you establish
>a trust relation based on IP addresses with that proxy? SER is mainly a
>SIP proxy and it doesn't authenticate by itself, neither in behalf of
users.
Daniel
On 11/22/04 22:46, sendman wrote:
>Hi folks!
>
>I have many users logged on my SER proxy, and routing works fine, but
>for some destinations, I have to relay the call for another sip proxy.
>
>Well, on the second proxy, my users login doesn't exist, so I have to
>rewrite the username or credentials, before to relay!
>
>I have tried with setuserpass and sethost but doesn't work...
>
>My question is: does this is a normal thing, or I don't have to change
>the username from sip message?
>
>
>Regards.
>
>_______________________________________________
>Serusers mailing list
>serusers(a)lists.iptel.org
>http://lists.iptel.org/mailman/listinfo/serusers
>
>
>
>
>
_______________________________________________
Serusers mailing list
serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers
25 Nov
25 Nov
10:09 p.m.
Well, according to the specifications, it is possible to challenge one
SIP request several times (with different realm in digest credentials).
The 401 would be always forwarded to the user agent and the user agent
should be configured with several usernames and password (for different
realms).
The problem is that this is not supported in user agents (as far as I know
only Snom and Pingtel support it). I did ask several UA vendors if they
plan to implement it and the answer was always no. Given that, the best
you can do is avoid double authentication.
Jan.
On 23-11 09:48, sendman wrote:
Well, on second proxy I have to do Digest
authentication with
different username/password from my proxy...
I want to know if I can rewrite the username/password before to relay
to second proxy?
On Tue, 23 Nov 2004 11:50:55 +0100, Daniel-Constantin Mierla
<daniel-constantin.mierla(a)fokus.fraunhofer.de> wrote:
what kind of authentication requires the second
proxy? Can you establish
a trust relation based on IP addresses with that proxy? SER is mainly a
SIP proxy and it doesn't authenticate by itself, neither in behalf of users.
Daniel
On 11/22/04 22:46, sendman wrote:
_______________________________________________
Serusers mailing list
serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers Hi folks!
I have many users logged on my SER proxy, and routing works fine, but
for some destinations, I have to relay the call for another sip proxy.
Well, on the second proxy, my users login doesn't exist, so I have to
rewrite the username or credentials, before to relay!
I have tried with setuserpass and sethost but doesn't work...
My question is: does this is a normal thing, or I don't have to change
the username from sip message?
Regards.
_______________________________________________
Serusers mailing list
serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers
7302
days inactive
7305
days old
6 comments
4 participants
participants (4)
-
Daniel-Constantin Mierla -
E. Versaevel -
Jan Janak -
sendman