Hi All
I have been working to make this work. I have an Asterisk gateway and a Ser proxy running on to different servers. Ser has one Public Ip and a private one. ( on two different NICs) I have installed RTPProxy on the same server as Ser. When I make a call from my cell phone I can have a conversion on my SIP phone. Everything works great. But when I call from SIP phone it is no sound. My cell rings I can pick it up but no sound. Can one of you expert on this mater please help me? I'm enclosing my ser.cfg # # $Id: ser.cfg,v 1.21.4.1 2003/11/10 15:35:15 andrei Exp $ # # simple quick-start config script # # ----------- global configuration parameters ------------------------
debug=4 # debug level (cmd line: -dddddddddd) fork=no log_stderror=yes # (cmd line: -E)
/* Uncomment these lines to enter debugging mode debug=9 fork=yes log_stderror=yes */
alias="Domain.com" alias="my.Domain.com" # alias="192.168.0.100" # alias="192.168.0.200"
listen="public ip" check_via=no # (cmd. line: -v) dns=no # (cmd. line: -r) rev_dns=no # (cmd. line: -R) #port=5060 #children=4 fifo="/tmp/ser_fifo" fifo_mode=0777
# ------------------ module loading ----------------------------------
# Uncomment this if you want to use SQL database loadmodule "/usr/local/lib/ser/modules/mysql.so"
loadmodule "/usr/local/lib/ser/modules/sl.so" loadmodule "/usr/local/lib/ser/modules/tm.so" loadmodule "/usr/local/lib/ser/modules/rr.so" loadmodule "/usr/local/lib/ser/modules/maxfwd.so" loadmodule "/usr/local/lib/ser/modules/usrloc.so" loadmodule "/usr/local/lib/ser/modules/registrar.so" loadmodule "/usr/local/lib/ser/modules/textops.so"
loadmodule "/usr/local/lib/ser/modules/nathelper.so"
# Uncomment this if you want digest authentication # mysql.so must be loaded ! loadmodule "/usr/local/lib/ser/modules/auth.so" loadmodule "/usr/local/lib/ser/modules/auth_db.so"
# ----------------- setting module-specific parameters --------------- # -- usrloc params --
modparam("usrloc", "db_mode", 0)
# Uncomment this if you want to use SQL database # for persistent storage and comment the previous line modparam("usrloc", "db_mode", 2)
# -- auth params -- # Uncomment if you are using auth module # modparam("auth_db", "calculate_ha1", yes) # # If you set "calculate_ha1" parameter to yes (which true in this config), # uncomment also the following parameter) # modparam("auth_db", "password_column", "password")
# -- rr params -- # add value to ;lr param to make some broken UAs happy modparam("rr", "enable_full_lr", 1)
# !! Nathelper modparam("registrar", "nat_flag", 6) modparam("nathelper", "natping_interval", 30) # Ping interval 30 s # modparam("nathelper", "ping_nated_only", 1) # Ping only clients behind NAT # ------------------------- request routing logic -------------------
# main routing logic
route { # initial sanity checks -- messages with # max_forwards==0, or excessively long requests if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); break; }; if (msg:len >= max_len ) { sl_send_reply("513", "Message too big"); break; };
# !! Nathelper # Special handling for NATed clients; first, NAT test is # executed: it looks for via!=received and RFC1918 addresses # in Contact (may fail if line-folding is used); also, # the received test should, if completed, should check all # vias for rpesence of received if (nat_uac_test("3")) { log(1, "NAT client\n"); record_route();
# Allow RR-ed requests, as these may indicate that # a NAT-enabled proxy takes care of it; unless it is # a REGISTER #if (method=="REGISTER") {
if (method == "REGISTER" || !search("^Record-Route:")) { log(1, "LOG: Someone trying to register from private IP, rewriting\n");
# This will work only for user agents that supportsymmetric # communication. We tested quite many of them andmajority is # smart enough to be symmetric. In some phones it takesa configuration # option. With Cisco 7960, it is called NAT_Enable=Yes,with kphone it is # called "symmetric media" and "symmetric signalling".
fix_nated_contact(); # Rewrite contact with source IPof signalling
if (method == "INVITE") { log(1, "NAT -> INVITE\n"); fix_nated_sdp("1"); # Add direction=active to SDP }; force_rport(); # Add rport parameter to topmost Via setflag(6); # Mark as NATed append_to_reply("P-NATed-Caller: Yes\r\n"); }; }; # we record-route all messages -- to make sure that # subsequent messages will go through our proxy; that's # particularly good if upstream and downstream entities # use different transport protocol if (!method=="REGISTER") record_route();
# subsequent messages withing a dialog should take the # path determined by record-routing if (loose_route()) { # mark routing logic in request append_hf("P-hint: rr-enforced\r\n"); route(1); break; };
if (uri=~"^sip:0[0-9]*@my.Domain.com") { log(1, "Forwarding to Asteriks\n"); route(1); # rewritehostport("192.168.0.200:5060"); # append_hf("P-hint: GATEWAY\r\n"); # t_relay_to_udp("192.168.0.200", "5060"); #forward(192.168.0.200,5060); # Where local asterisk is listening #t_relay(); break; }; if (!uri==myself) { # mark routing logic in request append_hf("P-hint: outbound\r\n"); route(1); break; };
# if the request is for other domain use UsrLoc # (in case, it does not work, use the following command # with proper names and addresses in it) if (uri==myself) {
if (method=="REGISTER") { log(1, "Myself -> REGISTER\n"); # Uncomment this if you want to use digest authentication # if (!www_authorize("iptel.org", "subscriber")) { # www_challenge("iptel.org", "0"); # break; # };
save("location"); break; };
lookup("aliases"); if (!uri==myself) { append_hf("P-hint: outbound alias\r\n"); route(1); break; };
# native SIP destinations are handled using our USRLOC DB if (!lookup("location")) { sl_send_reply("404", "Not Found"); break; }; };
#inserted by klaus if (method=="INVITE") { log(1, "INVITE\n"); record_route(); force_rtp_proxy(); /* set up reply processing */ t_on_reply("1"); };
# forward to current uri now; use stateful forwarding; that # works reliably even if we forward from TCP to UDP if (!t_relay()) { sl_reply_error(); };
# append_hf("P-hint: usrloc applied\r\n"); route(1); }
route[1] { # !! Nathelper log(1, "ROUTE[1]\n"); if (uri=~"[@:](192.168.|10.|172.(1[6-9]|2[0-9]|3[0-1]).)" && search("^Route:")){ sl_send_reply("479", "We don't forward to private IPaddresses"); break; };
# if client or server know to be behind a NAT, enable relay if (isflagset(6)) { log(1, "Flag is 6 (NAT)\n"); if (!is_present_hf("P-RTP-Proxy")) { force_rtp_proxy(); append_hf("P-RTP-Proxy: YES\r\n"); }; append_hf("P-NATed-Calee: Yes\r\n");
rewritehostport("192.168.0.200:5060"); append_hf("P-hint: GATEWAY\r\n"); t_relay_to_udp("192.168.0.200", "5060"); break ; };
# NAT processing of replies; apply to all transactions (forexample, # re-INVITEs from public to private UA are hard to identify as # NATed at the moment of request processing); look at replies t_on_reply("1");
# send it out now; use stateful forwarding as it works reliably # even for UDP2TCP if (!t_relay()) { log(1, "ROUTE[1] -> sl_reply_error\n"); sl_reply_error(); break; };
}
# !! Nathelper onreply_route[1] { log(1, "onreply_route[1]\n"); if (status=~"[12][0-9][0-9]"){ # force_rtp_proxy();
# if (isflagset(6) && status=~"(183)|2[0-9][0-9]") { fix_nated_contact(); fix_nated_sdp("1"); force_rtp_proxy(); } else #if(nat_uac_test("1")) { fix_nated_contact(); force_rtp_proxy(); };
}
regards
------------------------------------------------------------- Pressis Consulting DA Sanjay Duggal Operative CTO
--- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.707 / Virus Database: 463 - Release Date: 15.06.2004
-
Sanjay Duggal