21 Nov
2006
21 Nov
'06
10:39 a.m.
hi all-
i have the following setup:
1. ser running on 5060
2. nathelper/rtp
3. mysql database w/digest authentication
now, i have a client on a private network (NAT) behind a firewall. port 5060
tcp is on the firewall is open as well as 35000 to 37000 UDP (rtpproxy is
set to run between these ports).
when i plug the client into a regular, non-firewalled home router, it
registers properly (register->401->register again->OK)
when i put the same client behind the firewall, it 401's twice.
i am 100% sure the password is correct.
is there something else that needs to be open? I dont really understand the
authentication mechanism - does the password come via a different port or
something like that?
21 Nov
21 Nov
11:19 a.m.
Does the 2nd register message send by the client contain Authorization
or Proxy-Authorization header fields? It may happen that the client does
not receive the first 401 sent by the server because the firewall blocks
it and then the second REGISTER message will be a retransmission of the
first one and the server will send the same reply, that means 401.
Jan.
Yair Hakak wrote:
hi all-
i have the following setup:
1. ser running on 5060
2. nathelper/rtp
3. mysql database w/digest authentication
now, i have a client on a private network (NAT) behind a firewall. port
5060
tcp is on the firewall is open as well as 35000 to 37000 UDP (rtpproxy is
set to run between these ports).
when i plug the client into a regular, non-firewalled home router, it
registers properly (register->401->register again->OK)
when i put the same client behind the firewall, it 401's twice.
i am 100% sure the password is correct.
is there something else that needs to be open? I dont really understand the
authentication mechanism - does the password come via a different port or
something like that?
------------------------------------------------------------------------
_______________________________________________
Serusers mailing list
Serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers
11:24 a.m.
second register has a WWW-authenticate: Digest, a realm which matches that
in ser.cfg, and a nonce.
that, and the fact that the registers come in pairs makes me believe the
client is recieving the first register.
thanks for the help so far-
yair
On 11/21/06, Jan Janak <jan(a)iptel.org> wrote:
Does the 2nd register message send by the client contain Authorization
or Proxy-Authorization header fields? It may happen that the client does
not receive the first 401 sent by the server because the firewall blocks
it and then the second REGISTER message will be a retransmission of the
first one and the server will send the same reply, that means 401.
Jan.
Yair Hakak wrote:
--
Yair Hakak
-----------------------------------------------------
Yair Hakak, CEO
Go Telecom, Ltd., Israel
israel: (972) 54 5491266
usa: (212) 202 2340
yair(a)gotel.co.il
hi all-
i have the following setup:
1. ser running on 5060
2. nathelper/rtp
3. mysql database w/digest authentication
now, i have a client on a private network (NAT) behind a firewall. port
5060
tcp is on the firewall is open as well as 35000 to 37000 UDP (rtpproxy
is
set to run between these ports).
when i plug the client into a regular, non-firewalled home router, it
registers properly (register->401->register again->OK)
when i put the same client behind the firewall, it 401's twice.
i am 100% sure the password is correct.
is there something else that needs to be open? I dont really understand
the
authentication mechanism - does the password come
via a different port
or
something like that?
------------------------------------------------------------------------
_______________________________________________
Serusers mailing list
Serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers
6543
days inactive
6543
days old
2 comments
2 participants
participants (2)
-
Jan Janak -
Yair Hakak