This is the sip.conf from asterisk: ########################################################################### [general] bindport=5062 bindaddr=0.0.0.0 ;canreinvite=no disallow=all ;allow=all register => asterisk:asterisk@my_openser_ip ;you can found more info of this in http://www.voip-info.org/wiki/ [ser] allow=ulaw allow=alaw allow=g723.1 allow=g726 allow=g729 allow=gsm allow=ilbc allow=lpc10 allow=speex allow=adpcm type=friend ; We allow incoming and outgoing calls. Use peer if you are only doing MWI context=internal ; This is the context incoming calls land in host=ip_ser ; This is the hostname or IP address of your SER server ;fromdomain=ser.server.rld ; This is your SER_DOMAIN insecure=very ; This allows incoming calls from the phones routing through ser to be passed into asterisk dtmfmode=rfc2833 This is the openser.cfg ###################################################################### # # $Id: openser.cfg,v 1.5 2005/10/28 19:45:33 bogdan_iancu Exp $ # # simple quick-start config script # # ----------- global configuration parameters ------------------------ debug=3 # debug level (cmd line: -dddddddddd) fork=yes log_stderror=yes # (cmd line: -E) /* Uncomment these lines to enter debugging mode fork=no log_stderror=yes */ check_via=no # (cmd. line: -v) dns=no # (cmd. line: -r) rev_dns=no # (cmd. line: -R) #port=5060 #children=4 fifo="/tmp/openser_fifo" # # uncomment the following lines for TLS support #disable_tls = 0 #listen = tls #tls_verify = 1 #tls_require_certificate = 0 #tls_require_certificate = 1 #tls_method = TLSv1 #tls_certificate = "/usr/local/etc/openser/tls/user/user-cert.pem" #tls_certificate = "/usr/local/etc/openser/tls/openser1/cert.pem" #tls_private_key = "/usr/local/etc/openser/tls/user/user-privkey.pem" #tls_private_key = "/usr/local/etc/openser/tls/openser1/privkey.pem" #tls_ca_list = "/usr/local/etc/openser/tls/user/user-calist.pem" #tls_ca_list = "/usr/local/etc/openser/tls/openser1/calist.pem" # ------------------ module loading ---------------------------------- # Uncomment this if you want to use SQL database loadmodule "/usr/local/lib/openser/modules/mysql.so" loadmodule "/usr/local/lib/openser/modules/sl.so" loadmodule "/usr/local/lib/openser/modules/tm.so" loadmodule "/usr/local/lib/openser/modules/rr.so" loadmodule "/usr/local/lib/openser/modules/maxfwd.so" loadmodule "/usr/local/lib/openser/modules/usrloc.so" loadmodule "/usr/local/lib/openser/modules/registrar.so" loadmodule "/usr/local/lib/openser/modules/textops.so" loadmodule "/usr/local/lib/openser/modules/xlog.so" loadmodule "/usr/local/lib/openser/modules/uac.so" loadmodule "/usr/local/lib/openser/modules/domain.so" loadmodule "/usr/local/lib/openser/modules/mediaproxy.so" #loadmodule "/usr/local/lib/openser/modules/avpops.so" # Uncomment this if you want digest authentication # mysql.so must be loaded ! loadmodule "/usr/local/lib/openser/modules/auth.so" loadmodule "/usr/local/lib/openser/modules/auth_db.so" # ----------------- setting module-specific parameters --------------- # -- usrloc params -- #modparam("usrloc", "db_mode", 0) # Uncomment this if you want to use SQL database # for persistent storage and comment the previous line modparam("usrloc", "db_mode", 2) # -- auth params -- # Uncomment if you are using auth module # modparam("auth_db", "calculate_ha1", yes) # # If you set "calculate_ha1" parameter to yes (which true in this config), # uncomment also the following parameter) # modparam("auth_db", "password_column", "password") # -- rr params -- # add value to ;lr param to make some broken UAs happy modparam("rr", "enable_full_lr", 1) # ------------------------- request routing logic ------------------- # main routing logic route{ xlog("yo soy <$si> y el destino es <$tu> <$td> <$du> <$rm> \n"); # initial sanity checks -- messages with # max_forwards==0, or excessively long requests if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); exit; }; if (msg:len >= 2048 ) { sl_send_reply("513", "Message too big"); exit; }; # ----------------------------------------------------------------- # Handle NOTIFY requests from Sipura's to keep-alive NAT # ----------------------------------------------------------------- if ((is_method("NOTIFY")) && (! uri=~"sip:.*[@]+.*")) { xlog("entre en notify \n"); sl_send_reply("200", "OK keep-alive"); return; } # ----------------------------------------------------------------- # Only allow known sip messages,ack, pq no hace falta responder. # ----------------------------------------------------------------- if (!is_method("INVITE|REGISTER|BYE|ACK|CANCEL")) { xlog("Estoy en metodo no diponible y que es <$rm>\n"); sl_send_reply("501", "Not implemented here"); return; }; # we record-route all messages -- to make sure that # subsequent messages will go through our proxy; that's # particularly good if upstream and downstream entities # use different transport protocol #if (!method=="REGISTER") record_route(); # subsequent messages withing a dialog should take the # path determined by record-routing if (loose_route()) { xlog("entree en loose route\n"); # mark routing logic in request append_hf("P-hint: rr-enforced\r\n"); route(1); }; # if the request is for other domain use UsrLoc # (in case, it does not work, use the following command # with proper names and addresses in it) # if (uri==myself) { if (uri=~"^sip:*.") { if (method=="ACK" && (src_ip!=XXXXXX)){ # Uncomment this if you want to use digest authentication if (!www_authorize("XXXXXXX", "subscriber")) { www_challenge("XXXXXXXX", "0"); exit; }; consume_credentials(); xlog("Voy a mandar respuesta a un ACK, yo soy <$si> y el destino es <$tu> <$td> <$du>\n"); route(1); exit; }; if (method=="REGISTER") { # Uncomment this if you want to use digest authentication if (!www_authorize("XXXXX", "subscriber")) { www_challenge("XXXXX", "1"); exit; }; xlog("Me llego un register y yo soy <$si> y el destino es <$tu> <$td> <$du>\n"); consume_credentials(); save("location"); exit; }; if (method=="INVITE") { # Uncomment this if you want to use digest authentication if (!www_authorize("XXXXX", "subscriber") && (src_ip!=XXXXXX) ) { www_challenge("XXXXX", "0"); exit; }; # consume_credentials(); xlog("Un tio mando un invite <$si> y el destino es <$tu> <$td> <$du> \n"); sl_send_reply("100", "Trying"); lookup("aliases"); #Si es de asterisk y no encuentra el telefono digo que no esta. if (!lookup("location") && (src_ip==XXXXXXXX) ) { #xlog("no encuentra el destino\n"); sl_send_reply("404", "Not Found"); exit; } else if (lookup("location") && (src_ip==XXXXX)){#if a call come from * and sip phone online i route to ring sl_send_reply("180", "Ringing"); route(2); return; } else {#otherway i forward to *. append_hf("P-hint: usrloc applied\r\n"); #sl_send_reply("180", "Ringing"); route(1); return; }; }; if (method=="CANCEL" && (src_ip==XXXXX)) {#Si viene de asterisk, lo mando con estado al telefo. #xlog("Me llego un cancel de asterisk\n"); route(2); return; } else if (method=="CANCEL" && (src_ip!=XXXXXX)) { #Si no viene de asterisk... # Uncomment this if you want to use digest authentication if (!www_authorize("XXXXXX", "subscriber")) { www_challenge("XXXXXX", "0"); exit; }; consume_credentials(); #xlog("Me llego un cancel de NO asterisk\n"); lookup("aliases"); if (!lookup("location")) {#primero compruebo que este numero existe. #xlog("no encuentra el destino\n"); sl_send_reply("404", "Not Found"); exit; } else { route(1); #Se lo mando a asterisk. return; }; }; if (method=="BYE") { # Uncomment this if you want to use digest authentication if (!www_authorize("XXXXX", "subscriber") && (src_ip!=XXXXXX) ) { www_challenge("XXXXX", "0"); exit; }; consume_credentials(); xlog("Me llego un BYE \n"); if (src_ip!=XXXXXXX){ route(1); } else { route(2); }; sl_send_reply("200", "OK"); exit; }; }; } #I route to asterisk here route[1] { xlog("Estoy en route(1) \n"); forward(XXXXX,5062); return; } #I route from asterisk to sip phones here route[2] { xlog("Estoy en route(2)\n"); if (!t_relay()) { #xlog("Dentro de error del t_relay del 2\n"); sl_reply_error(); }; return; } ################################################### Notes: XXXX=ip_asterisk This configuration works in the same net. Now, I'm trying to work behind a nat. This configuration don't works behind a nat. I don't challenge asterisk, if a call comes from asterisk_ip, I trust. Bye.