Hi,
I was thinking to try from vm modules, but i am not
able from where i can download vm module?
I hope using SEMS i can make the ivr proper work. But
Please if u have any idea about vm module let me know
form where i can download it?
--------
Yours,
Abdul Lateef
Computer Programmer
HATIF COM
Mob: +974 - 5405022
Tel: +974 - 4883068
ICQ: 276994704
YM!: abdul_zu
Fax: +974 - 4883063
Doha Qatar
http://www.hatif.com
__________________________________
Start your day with Yahoo! - Make it your home page!
http://www.yahoo.com/r/hs
HI all,
Does openser support IVR system? if it is supporting
from where i can do the configuration?
--------
Yours,
Abdul Lateef
Computer Programmer
HATIF COM
Mob: +974 - 5405022
Tel: +974 - 4883068
ICQ: 276994704
YM!: abdul_zu
Fax: +974 - 4883063
Doha Qatar
http://www.hatif.com
__________________________________
Yahoo! Mail - PC Magazine Editors' Choice 2005
http://mail.yahoo.com
I need a solution that can implement round robin routing.... ive used the
gflags module to do this, and it routes my snom phoens two different servers
(im using SER as a load balancer) currently just doign a simple redirect
server. Here are my problems...phones routed to the same server cannot call
each other..... also...when reciveing an incoming call on DID from PSTN....
if the phone registers to one server.... and there are three...how can i
have it route to the proper server of where the phone is registered? Finally
how would I make calls between servers (they all have the same config) with
out going to the PSTN termiantion point and going back in??
hi,
I'm using ser-0.9.3+freeradius-0.9.1+radiusclient-ng-0.5.1.When I use "radtest test test localhost 0 testing123" to test the servers,it returns "rad_recv: Access-Reject packet from host 127.0.0.1:1812, id=235, length=45".And the radius prints:
rad_recv: Access-Request packet from host 127.0.0.1:34012, id=235, length=56
User-Name = "test"
User-Password = "test"
NAS-IP-Address = 255.255.255.255
NAS-Port = 0
modcall: entering group authorize
modcall[authorize]: module "preprocess" returns ok
modcall[authorize]: module "chap" returns noop
rlm_eap: EAP-Message not found
modcall[authorize]: module "eap" returns noop
modcall[authorize]: module "digest" returns noop
rlm_realm: No '@' in User-Name = "test", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop
users: Matched DEFAULT at 152
users: Matched test at 226
modcall[authorize]: module "files" returns ok
modcall[authorize]: module "mschap" returns noop
modcall: group authorize returns ok
rad_check_password: Found Auth-Type Digest
auth: type "digest"
modcall: entering group authenticate
ERROR: No Digest-Nonce: Cannot perform Digest authentication
modcall[authenticate]: module "digest" returns invalid
modcall: group authenticate returns invalid
auth: Failed to validate the user.
Who can give me any instructions?Thank you:)
---------- Forwarded message ----------
From: Voipers Portugal <voipers(a)gmail.com>
Date: 15/10/2005 11:55
Subject: Re: [Serusers] Multi Media Proxy servers install
To: Leon Sun <leon.sun(a)keywestcommunications.com>
Check this website:
www.voip-info.org/wiki-DNS+SRV
Regards,
Jose Simoes
2005/10/11, Leon Sun <leon.sun(a)keywestcommunications.com>:
> Hi,
>
> Just wondering if anyone likes to help(instruction only is fine) me build up
> few media proxy servers with pay by hours?
>
> I have built a mediaproxy with SER in same server and like to add few of
> them one by one. I can't figure out how to and to where put those DNS SRV.
>
> If you like to give me a hand, please let me know. We can talk about charge.
>
> Regards
>
> Leon Sun
>
>
> _______________________________________________
> Serusers mailing list
> serusers(a)lists.iptel.org
> http://lists.iptel.org/mailman/listinfo/serusers
>
Hi all,
I installed ser with SEMS, but i am not able to find
the vm.so (voice module) under my
/usr/local/lib/ser/modules.
Is it third party module, from where i can able to
download it?
--------
Yours,
Abdul Lateef
Computer Programmer
HATIF COM
Mob: +974 - 5405022
Tel: +974 - 4883068
ICQ: 276994704
YM!: abdul_zu
Fax: +974 - 4883063
Doha Qatar
http://www.hatif.com
__________________________________
Yahoo! Music Unlimited
Access over 1 million songs. Try it free.
http://music.yahoo.com/unlimited/
i understand, minisip softphone can initiate TLS connection.
and it can be authenticated by the openser via digest authentication.
is it possible to use certificate instead of digest authentication?
--
Girish
On Fri, 2005-10-14 at 08:28 +0000, users-request(a)openser.org wrote:
> Send Users mailing list submissions to
> users(a)openser.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> http://openser.org/cgi-bin/mailman/listinfo/users
> or, via email, send a message with subject or body 'help' to
> users-request(a)openser.org
>
> You can reach the person managing the list at
> users-owner(a)openser.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Users digest..."
>
>
> Today's Topics:
>
> 1. Re: Re: [Serusers] trusting peers (Juha Heinanen)
> 2. Re: different tables for acc (Klaus Darilion)
> 3. Re: Improving TLS implementation (Cesc)
> 4. Re: Improving TLS implementation (Juha Heinanen)
> 5. Softphones compatible with Openser/TLS (Joonbum Byun)
> 6. Re: Softphones compatible with Openser/TLS (Klaus Darilion)
> 7. Re: Softphones compatible with Openser/TLS (Cesc)
> 8. Re: BYE method accompanied by error (Daniel-Constantin Mierla)
> 9. Re: How to do RADIUS authentication with hashed password (MD5
> or HA1)? (Bogdan-Andrei Iancu)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Thu, 13 Oct 2005 13:55:37 +0300
> From: Juha Heinanen <jh(a)tutpro.com>
> Subject: Re: [Users] Re: [Serusers] trusting peers
> To: Klaus Darilion <klaus.mailinglists(a)pernau.at>
> Cc: Nils Ohlmeier <lists(a)ohlmeier.org>, serusers(a)iptel.org, Jan Janak
> <jan(a)iptel.org>, "users openser.org" <users(a)openser.org>
> Message-ID: <17230.15657.441146.200770(a)rautu.tutpro.com>
> Content-Type: text/plain; charset=us-ascii
>
> Klaus Darilion writes:
>
> > e.g. simmilar to allow_trusted, but using the domain form the
> > certificate instead of using src_ip.
>
> yes, it would be easy to add such a check to permissions module.
>
> -- juha
>
>
>
> ------------------------------
>
> Message: 2
> Date: Thu, 13 Oct 2005 14:30:46 +0200
> From: Klaus Darilion <klaus.mailinglists(a)pernau.at>
> Subject: Re: [Users] different tables for acc
> To: jayesh nambiar <jayesh_1017(a)yahoo.com>
> Cc: SER <users(a)openser.org>
> Message-ID: <434E5376.2000902(a)pernau.at>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>
> No. Only one table for all costumers.
>
> klaus
>
> jayesh nambiar wrote:
> > hi all,
> > I came to kno about the parameter modparam("acc", "db_table_acc",
> > "acc_table").
> > Does this mean that I can have different acc tables for my different
> > type of customers. Is this possible.
> > If yes, then how? If i declare the appropriate flag and then use setflag
> > at the places i want to account, will it work.
> > Can someone please explain it to me. Any suggestions would help me a lot.
> > Thanx
> > jayesh
> >
> > ------------------------------------------------------------------------
> > Yahoo! Music Unlimited - Access over 1 million songs. Try it free.
> > <http://pa.yahoo.com/*http://us.rd.yahoo.com/evt=36035/*http://music.yahoo.c…>
> >
> >
> >
> > ------------------------------------------------------------------------
> >
> > _______________________________________________
> > Users mailing list
> > Users(a)openser.org
> > http://openser.org/cgi-bin/mailman/listinfo/users
>
>
>
>
> ------------------------------
>
> Message: 3
> Date: Thu, 13 Oct 2005 14:53:25 +0200
> From: Cesc <cesc.santa(a)gmail.com>
> Subject: Re: [Users] Improving TLS implementation
> To: Juha Heinanen <jh(a)tutpro.com>
> Cc: SER-Users <serusers(a)iptel.org>, OpenSER-users <users(a)openser.org>
> Message-ID:
> <ce8208420510130553r371591aeib5f43a7674b109b(a)mail.gmail.com>
> Content-Type: text/plain; charset="utf-8"
>
> Hi Juha,
> Well, that is true, but what do you propose then? just present a host cert
> and nothing else? I would say that if the company trust the hosting for
> running the service, a mere certficate should not be the problem, should it?
> Cesc
>
> On 10/13/05, Juha Heinanen <jh(a)tutpro.com> wrote:
> >
> > cesc,
> >
> > you made a good summary, but in multi-domain case, it is not just a
> > technical problem on how to present or offer a domain specific
> > certificate. in order to be able to do that, the domains have to
> > surrender their private keying information to a provider that currently
> > happens to host their sip service, and to another provider that hosts
> > their web service, and to third provider that hosts their e-commerce
> > service, etc.
> >
> > in most cases, this is simply out of question. companies are not going
> > to do it.
> >
> > -- juha
> >
>
Oops, i spoke too soon
It looks like you have placed the "files" module before the "sql" module
in your radiusd.conf
Its matching your DEFAULT entry in files (setting the Auth-Type to none)
but the sql module is later changing the Auth-Type to "digest"
Changing the order would solve this problem, as you want it to match the
SQL statement first and than the section in the files last (which
changes the Auth-Type)
Also, you may want to reduce the load on your database by not setting
the Auth-Type in the database and instead setting in the users file with
a DEFAULT statement as (at least in my case) it isn't somthing that need
to be dynamic.
lenirsantiago(a)yahoo.com wrote:
>Hello list,
>
>I've been trying my hardest today to get group_radius to work, and its
>function radius_is_user_in().
>I'm running ser0.9.4 and freeradius 1.0.4 with the mysql backend and digest
>authentication.
>
>Radius authentication works fine.
>The problem is that when radius_is_user_in() function gets called, it sends
>a radius message but without the User-Password field and freeradius
>complains that it requires it since we are using Digest.
>I've seen a couple of posts here, but they were never answered:
>http://mail.iptel.org/pipermail/serusers/2005-March/017342.html
>http://mail.iptel.org/pipermail/serusers/2005-March/017075.html
>
>-----
>I have a small test in my ser.cfg file:
> if (!radius_www_authorize("")) {
> xlog("L_I","%ci - %fu - User not authenticated, Radius
>Authenticating...\n");
> www_challenge("","0");
> break;
> } else {
> xlog("L_I","%ci - %fu - User authenticated...\n");
> };
>
> if (radius_is_user_in("From", "Dialin")){
> xlog("L_I","From: User is in Radius Group Dialin!!!!\n");
> } else {
> xlog("L_I","From: User *IS NOT* Group Dialin!!!!!\n");
> };
>
> if (radius_is_user_in("Credentials", "Dialin2")){
> xlog("L_I","From: User is in Radius Group Dialin2!!!!\n");
> } else {
> xlog("L_I","From: User *IS NOT* Group Dialin2!!!!!\n");
> };
>
>-----
>In /etc/raddb/users file I have the following at line 152:
>DEFAULT Auth-Type = System
> Fall-Through = 1
>
>DEFAULT Service-Type == Group-Check, Auth-Type := None
>
>DEFAULT Service-Type == SIP-Callee-AVPs, Auth-Type := None
>
>-----
>
>These are mysql tables:
>
>+----+----------+-----------+----+----------+
>| id | UserName | Attribute | op | Value |
>+----+----------+-----------+----+----------+
>| 1 | Jhassell | Password | == | changeme |
>| 2 | Rneis | Password | == | changeme |
>| 3 | 1000 | Password | == | 1000 |
>| 4 | 2000 | Password | == | 2000 |
>| 5 | 3000 | Password | == | 3000 |
>| 8 | 1000 | Auth-Type | := | Digest |
>+----+----------+-----------+----+----------+
>
>+----+-----------+-----------+----+--------+
>| id | GroupName | Attribute | op | Value |
>+----+-----------+-----------+----+--------+
>| 6 | Dialin | Auth-Type | := | Accept |
>+----+-----------+-----------+----+--------+
>
>+----+-----------+---------------+----+----------------------------------+--
>----+
>| id | GroupName | Attribute | op | Value |
>prio |
>+----+-----------+---------------+----+----------------------------------+--
>----+
>| 1 | Dialin | Reply-Message | = | "Authenticated by group Dialin" |
>0 |
>| 2 | Dialin2 | Reply-Message | = | "Authenticated by group Dialin2" |
>0 |
>+----+-----------+---------------+----+----------------------------------+--
>----+
>
>+----+----------+---------------+----+------------------+
>| id | UserName | Attribute | op | Value |
>+----+----------+---------------+----+------------------+
>| 1 | 1000 | Reply-Message | = | "Authenticated" |
>| 2 | 1000 | Sip-Group | = | Dialin |
>| 3 | 1000 | SIP-AVP | = | Sip-Group:Dialin |
>+----+----------+---------------+----+------------------+
>
>+----+----------+------------+
>| id | UserName | GroupName |
>+----+----------+------------+
>| 1 | Jhassell | Dialin |
>| 2 | Rneis | Staticdial |
>| 3 | 1000 | Dialin |
>| 4 | 2000 | Dialin |
>| 5 | 3000 | Dialin |
>| 6 | 3000 | Dialin2 |
>+----+----------+------------+
>
>------
>
>This is the debug I get from freeradius for the group check:
>
>rad_recv: Access-Request packet from host xx.xx.xx.xx:33025, id=15,
>length=67
> User-Name = "1000(a)xx.xx.xx.xx"
> Sip-Group = "Dialin2"
> Service-Type = Group-Check
> NAS-IP-Address = 127.0.0.1
> NAS-Port = 0
> Processing the authorize section of radiusd.conf
>modcall: entering group authorize for request 74
> modcall[authorize]: module "preprocess" returns ok for request 74
> modcall[authorize]: module "chap" returns noop for request 74
> modcall[authorize]: module "mschap" returns noop for request 74
> modcall[authorize]: module "digest" returns noop for request 74
> rlm_realm: Looking up realm "xx.xx.xx.xx" for User-Name =
>"1000(a)xx.xx.xx.xx"
> rlm_realm: Found realm "xx.xx.xx.xx"
> rlm_realm: Adding Stripped-User-Name = "1000"
> rlm_realm: Proxying request from user 1000 to realm xx.xx.xx.xx
> rlm_realm: Adding Realm = "xx.xx.xx.xx"
> rlm_realm: Authentication realm is LOCAL.
> modcall[authorize]: module "suffix" returns noop for request 74
> rlm_eap: No EAP-Message, not doing EAP
> modcall[authorize]: module "eap" returns noop for request 74
> users: Matched entry DEFAULT at line 152
> users: Matched entry DEFAULT at line 158
> modcall[authorize]: module "files" returns ok for request 74
>radius_xlat: '1000'
>rlm_sql (sql): sql_set_user escaped user --> '1000'
>rlm_sql (sql): Released sql socket id: 0
> modcall[authorize]: module "sql" returns ok for request 74
>modcall: group authorize returns ok for request 74
> rad_check_password: Found Auth-Type Digest
>auth: type "digest"
> Processing the authenticate section of radiusd.conf
>modcall: entering group authenticate for request 74
>ERROR: No Digest-Nonce: Cannot perform Digest authentication
> modcall[authenticate]: module "digest" returns invalid for request 74
>modcall: group authenticate returns invalid for request 74
>auth: Failed to validate the user.
>Delaying request 74 for 1 seconds
>Finished request 74
>Going to the next request
>--- Walking the entire request list ---
>Waking up in 1 seconds...
>--- Walking the entire request list ---
>Waking up in 1 seconds...
>--- Walking the entire request list ---
>Sending Access-Reject of id 15 to xx.xx.xx.xx:33025
> Reply-Message = "Authenticated"
>Waking up in 4 seconds...
>--- Walking the entire request list ---
>Cleaning up request 74 ID 15 with timestamp 434f1121
>Nothing to do. Sleeping until we see a request.
>
>
>
>
>
>Any help in this matter would be deeply appreciated,
>
>
>
>
>Lenir
>
>
>
>
>_______________________________________________
>Serdev mailing list
>Serdev(a)iptel.org
>http://mail.iptel.org/mailman/listinfo/serdev
>
>
>
>
Hi,
While experimenting with the example config nat-mediaproxy.5.0.cfg of
onsip.org's GettingStarted document I discovered a problem with NAT
handling. Don't blame me if I'm completely wrong, but here is what
happens and how it is solved:
I've two phones behind the same NAT (address of phone A is a:5060 and
that of phone B is b:5060, the NAT device has ip c) contacting a SER
with a public IP.
If A makes a call, it's NATed to c:5060, SER responds with 407 to
c:5060, and it's correctly forwarded to a:5060.
If B makes a call, it's NATed to c:1025, but SER responds to c:5060 too,
so B never gets the reply.
The original config looks like this:
181 # ----------------------------------------------------------
182 # INVITE Message Handler
183 # ----------------------------------------------------------
184
185 if (!proxy_authorize("","subscriber")) {
186 proxy_challenge("","0");
187 break;
188 } else if (!check_from()) {
189 sl_send_reply("403", "Use From=ID");
190 break;
191 };
192
193 consume_credentials();
194
195 if (client_nat_test("3")) {
196 setflag(7);
197 force_rport();
198 fix_nated_contact();
199 };
So the autorization is done before NAT is handled, and I think this is
the problem. Because if I move the lines 195-199 before 185, everything
works as expected.
Could anyone please be so kind and check that?
Andy
