<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-9">
<META content="MSHTML 6.00.2900.3059" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT face=Arial size=2>hi all;</FONT></DIV>
<DIV><FONT face=Arial size=2>i am now able to register my client with the
openserver server.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>i used STUN server option of x-lite and
stun.voipuser.org as the stun server</FONT></DIV>
<DIV><FONT face=Arial size=2>i also set/exported SIP_DOMAIN variable to my
public openser server ip address.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>i wonder do i have to use a stun server
?</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<BLOCKQUOTE dir=ltr
style="PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV style="FONT: 10pt arial">----- Original Message ----- </DIV>
<DIV
style="BACKGROUND: #e4e4e4; FONT: 10pt arial; font-color: black"><B>From:</B>
<A title=abdsahin@gmail.com href="mailto:abdsahin@gmail.com">asahin</A> </DIV>
<DIV style="FONT: 10pt arial"><B>To:</B> <A title=users@openser.org
href="mailto:users@openser.org">users@openser.org</A> </DIV>
<DIV style="FONT: 10pt arial"><B>Sent:</B> Friday, March 30, 2007 10:26
PM</DIV>
<DIV style="FONT: 10pt arial"><B>Subject:</B> openser behind nat UAs behind
NAT</DIV>
<DIV><BR></DIV>
<DIV><FONT face=Arial size=2>hi;</FONT></DIV>
<DIV><FONT face=Arial size=2>i installed and tested openser on the internal
network, it was working.</FONT></DIV>
<DIV><FONT face=Arial size=2>i tried to test it behind NAT with x-lite sip
client, but it failed.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>i defined a port mapping on the adsl modem for
udp/tcp 5060 ports to forward the packets to the openser installed
machine.</FONT></DIV>
<DIV><FONT face=Arial size=2>when i try to register to openser i received
a 408 request timeout message.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>i guess its due to external ip of the openser
server. i think i should define external ip of the modem to the openser as if
it's its own ip, but dont where to define it.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>here is the ngrep dump at the
server.</FONT></DIV>
<DIV><FONT face=Arial size=2>U external_ip_of_ua:23975 ->
192.168.200.2:5060 REGISTER sip:external_ip_of_openser SIP/2.0..Via:
SIP/2.0/UDP
external_ip_of_ua:23975;branch=z9hG4bK-d87543-307c62021a71bf6d-1--d87543-;rport..Max-Forwards:
70..Contact:
<sip:apo@external_ip_of_ua:23975;rinstance=6a2c0ccf1a30b6bf>..To:
"apo"<sip:apo@external_ip_of_openser>..From:
"apo"<sip:apo@external_ip_of_ua;tag=da6a3851..Call-ID:
ODJmOTVkNmIxNjE0NWM3MWNiNTQ4ZjFlMmVkZDZmYjQ...CSeq: 1 REGISTER..
Expires: 3600..Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY,
MESSAGE, SUBSCRIBE, INFO..User-Agent: X-Lite release 1006e stamp
34025..Content-Length: 0....#U 192.168.200.2:5060 ->
external_ip_of_openser:5060<BR> REGISTER sip:external_ip_of_openser
SIP/2.0..Via: SIP/2.0/UDP 192.168.200.2;branch=z9hG4bKd734.53940821.0..Via:
SIP/2.0/UDP
external_ip_of_ua:23975;branch=z9hG4bK-d87543-307c62021a71bf6d-1--d87543-;rport=23975..Max-Forwards:
69..Contact:
<sip:apo@external_ip_of_ua:23975;rinstance=6a2c0ccf1a30b6bf>..To:
"apo"<sip:apo@external_ip_of_openser>..From:
"apo"<sip:apo@external_ip_of_ua;tag=da6a3851..Call- ID:
ODJmOTVkNmIxNjE0NWM3MWNiNTQ4ZjFlMmVkZDZmYjQ...CSeq: 1 REGISTER..Expires:
3600..Allow: INVITE, ACK, CANCEL, OPTIONS, B YE, REFER, NOTIFY, MESSAGE,
SUBSCRIBE, INFO..User-Agent: X-Lite release 1006e stamp 34025..Content-Length:
0..P-hint: out bound....</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>my openser.cfg file is the initial openser
openser.cfg file i didnt change it.</FONT></DIV>
<DIV><FONT face=Arial size=2>-------------</FONT></DIV>
<DIV><FONT size=2>
<P>#</P>
<P># $Id: openser.cfg 1676 2007-02-21 13:16:34Z bogdan_iancu $</P>
<P>#</P>
<P># simple quick-start config script</P>
<P># Please refer to the Core CookBook at
http://www.openser.org/dokuwiki/doku.php</P>
<P># for a explanation of possible statements, functions and parameters.</P>
<P>#</P>
<P># ----------- global configuration parameters ------------------------</P>
<P>debug=3 # debug level (cmd line: -dddddddddd)</P>
<P>fork=yes</P>
<P>log_stderror=no # (cmd line: -E)</P>
<P>children=4</P>
<P># Uncomment these lines to enter debugging mode </P>
<P>#fork=no</P>
<P>#log_stderror=yes</P>
<P>#</P>
<P>port=5060</P>
<P># uncomment the following lines for TLS support</P>
<P>#disable_tls = 0</P>
<P>#listen = tls:your_IP:5061</P>
<P>#tls_verify_server = 1</P>
<P>#tls_verify_client = 1</P>
<P>#tls_require_client_certificate = 0</P>
<P>#tls_method = TLSv1</P>
<P>#tls_certificate = "/usr/local/etc/openser/tls/user/user-cert.pem"</P>
<P>#tls_private_key = "/usr/local/etc/openser/tls/user/user-privkey.pem"</P>
<P>#tls_ca_list = "/usr/local/etc/openser/tls/user/user-calist.pem"</P>
<P># ------------------ module loading ----------------------------------</P>
<P>#set module path</P>
<P>mpath="/usr/local/lib64/openser/modules/"</P>
<P># Uncomment this if you want to use SQL database</P>
<P>#loadmodule "mysql.so"</P>
<P>loadmodule "sl.so"</P>
<P>loadmodule "tm.so"</P>
<P>loadmodule "rr.so"</P>
<P>loadmodule "maxfwd.so"</P>
<P>loadmodule "usrloc.so"</P>
<P>loadmodule "registrar.so"</P>
<P>loadmodule "textops.so"</P>
<P>loadmodule "mi_fifo.so"</P>
<P># Uncomment this if you want digest authentication</P>
<P># mysql.so must be loaded !</P>
<P>#loadmodule "auth.so"</P>
<P>#loadmodule "auth_db.so"</P>
<P># ----------------- setting module-specific parameters ---------------</P>
<P># -- mi_fifo params --</P>
<P>modparam("mi_fifo", "fifo_name", "/tmp/openser_fifo")</P>
<P># -- usrloc params --</P>
<P>modparam("usrloc", "db_mode", 0)</P>
<P># Uncomment this if you want to use SQL database </P>
<P># for persistent storage and comment the previous line</P>
<P>#modparam("usrloc", "db_mode", 2)</P>
<P># -- auth params --</P>
<P># Uncomment if you are using auth module</P>
<P>#</P>
<P>#modparam("auth_db", "calculate_ha1", yes)</P>
<P>#</P>
<P># If you set "calculate_ha1" parameter to yes (which true in this config),
</P>
<P># uncomment also the following parameter)</P>
<P>#</P>
<P>#modparam("auth_db", "password_column", "password")</P>
<P># -- rr params --</P>
<P># add value to ;lr param to make some broken UAs happy</P>
<P>modparam("rr", "enable_full_lr", 1)</P>
<P># ------------------------- request routing logic -------------------</P>
<P># main routing logic</P>
<P>route{</P>
<P># initial sanity checks -- messages with</P>
<P># max_forwards==0, or excessively long requests</P>
<P>if (!mf_process_maxfwd_header("10")) {</P>
<P>sl_send_reply("483","Too Many Hops");</P>
<P>exit;</P>
<P>};</P>
<P>if (msg:len >= 2048 ) {</P>
<P>sl_send_reply("513", "Message too big");</P>
<P>exit;</P>
<P>};</P>
<P># we record-route all messages -- to make sure that</P>
<P># subsequent messages will go through our proxy; that's</P>
<P># particularly good if upstream and downstream entities</P>
<P># use different transport protocol</P>
<P>if (!method=="REGISTER")</P>
<P>record_route();</P>
<P># subsequent messages withing a dialog should take the</P>
<P># path determined by record-routing</P>
<P>if (loose_route()) {</P>
<P># mark routing logic in request</P>
<P>append_hf("P-hint: rr-enforced\r\n"); </P>
<P>route(1);</P>
<P>};</P>
<P>if (!uri==myself) {</P>
<P># mark routing logic in request</P>
<P>append_hf("P-hint: outbound\r\n"); </P>
<P># if you have some interdomain connections via TLS</P>
<P>#if(uri=~"@tls_domain1.net") {</P>
<P># t_relay("tls:domain1.net");</P>
<P># exit;</P>
<P>#} else if(uri=~"@tls_domain2.net") {</P>
<P># t_relay("tls:domain2.net");</P>
<P># exit;</P>
<P>#}</P>
<P>route(1);</P>
<P>};</P>
<P># if the request is for other domain use UsrLoc</P>
<P># (in case, it does not work, use the following command</P>
<P># with proper names and addresses in it)</P>
<P>if (uri==myself) {</P>
<P>if (method=="REGISTER") {</P>
<P># Uncomment this if you want to use digest authentication</P>
<P>#if (!www_authorize("openser.org", "subscriber")) {</P>
<P># www_challenge("openser.org", "0");</P>
<P># exit;</P>
<P>#};</P>
<P>save("location");</P>
<P>exit;</P>
<P>};</P>
<P>lookup("aliases");</P>
<P>if (!uri==myself) {</P>
<P>append_hf("P-hint: outbound alias\r\n"); </P>
<P>route(1);</P>
<P>};</P>
<P># native SIP destinations are handled using our USRLOC DB</P>
<P>if (!lookup("location")) {</P>
<P>sl_send_reply("404", "Not Found");</P>
<P>exit;</P>
<P>};</P>
<P>append_hf("P-hint: usrloc applied\r\n"); </P>
<P>};</P>
<P>route(1);</P>
<P>}</P>
<P> </P>
<P>route[1] {</P>
<P># send it out now; use stateful forwarding as it works reliably</P>
<P># even for UDP2TCP</P>
<P>if (!t_relay()) {</P>
<P>sl_reply_error();</P>
<P>};</P>
<P>exit;</P>
<P>}</P>
<P><FONT face=Arial></FONT> </P></FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV></BLOCKQUOTE></BODY></HTML>