Is there any way to authenticate SER users in LDAP without the use of RADIUS?
If there is, could anyone point out where I could find information about it?
I've searched some documents but found nothing about authentication
with LDAP without using RADIUS....
Regards,
Felipe
--
Master Student - Electrical Engineering Department
Computer Engineering and Telecommunications Research Group
Universidade Federal de Minas Gerais - Brazil
"Humanly speaking it is impossible; but with God anything is possible!"
Jesus Christ in Matthews 19:26
Hi,
I am using SER as a an entry point for the requests from the network
and every request from the network is being relayed to another
( clusterized ) SIP server ( not a SER ) with multiple IP addresses in
DNS. The server is running on 4 machines, any number of which can be
down at any moment of time.
Suppose, the DNS name is "sip.myserver.com".
The incoming requests from the network have SER as host:port of RURI..
I was trying to relay the request using
t_relay_to_udp("sip.myserver.com", "5060"),
but all requests would always go to the same IP.
A question:
Is there any way to make SER relay requests to those IPs in round-robin
manner? Or can I force SER to make DNS requests before processing each
request?
Another problem related to this situation, if the SER relays all
requests to the same IP, and the server represented by that IP goes
down, I have 100% call failure. Is there any way to avoid that?
thanks,
Sergei
Is anyone using mediaproxy for INCOMING calls?
What I mean is: is SER capable of accepting INVITE messages from an unregistered UA that is behind a NAT Firewall and connecting them with a registered UA?
I would like to be able to receive incoming calls for my domain from anyone on the internet and connect them to the proper user. Please tell me anyone if you are successfully doing this.
Thanks,
George
hi all,
i'm quite new to sip and i'm trying to setup ser with nat support.
i read about stun but to rewrite contact with received and rport tags
i guess i need nathelper module that, in turn, needs rtpproxy, doesn't it?
i got ser-0.9.0, i downloaded rtpproxy from
cvs.ser.berlios.de<http://cvs.ser.berlios.de>and
i use the same nathelper module configuation and nat routing you can find
here:
http://www.informatik.uni-bremen.de/~prelle/terena/cookbook/main/ch04s07.ht…
unlucky ser.log tells me:
ERROR: send_rtpp_command: can't connect to RTP proxy
WARNING: rtpp_test: can't get version of the RTP proxy
WARNING: rtpp_test: support for RTP proxyhas been disabled temporarily
i've been searching google and mail.iptel.org <http://lists.iptel.org>
there is a very similar thread:
http://lists.iptel.org/pipermail/serusers/2005-July/thread.html#22154
but i'm forced to ask my own question, hoping someone can help me.
maybe i just need to compile rtpproxy with particular parameters... but i
couldn't find enough documentation about it.
thank you so much!!
Thanks for the immediate reply. We have this on the
file ser.cfg:
modparam("acc", "radius_flag", 2)
setflag(2); ---->>> could this be on the wrong
location?
To route traffic to PSTN, we have this on the ser
config:
-----
if (uri=~"^sip:90087(.+)@.*") {
rewritehostport("XXX.XXX.XXX.XXX:5060");
forward(uri:host, uri:port);
exec_msg('(/usr/local/etc/ser/logs.csh)');
break;
------
Here is our ser.cfg file:
--------------------------
debug=3
fork=yes
log_stderror=yes
check_via=no
dns=no
rev_dns=no
port=5060
children=4
fifo="/tmp/ser_fifo"
fifo_db_url="mysql://XXXX:XXXX@localhost/ser"
loadmodule "/usr/local/lib/ser/modules/mysql.so"
loadmodule "/usr/local/lib/ser/modules/sl.so"
loadmodule "/usr/local/lib/ser/modules/tm.so"
loadmodule "/usr/local/lib/ser/modules/rr.so"
loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
loadmodule "/usr/local/lib/ser/modules/usrloc.so"
loadmodule "/usr/local/lib/ser/modules/registrar.so"
loadmodule "/usr/local/lib/ser/modules/textops.so"
loadmodule "/usr/local/lib/ser/modules/nathelper.so"
loadmodule "/usr/local/lib/ser/modules/uri.so"
loadmodule "/usr/local/lib/ser/modules/acc.so"
loadmodule "/usr/local/lib/ser/modules/auth.so"
loadmodule "/usr/local/lib/ser/modules/auth_db.so"
loadmodule "/usr/local/lib/ser/modules/exec.so"
modparam("usrloc", "db_mode", 2) # 0 Disable
Authentication ; 2 Enable Authentication
modparam("usrloc", "db_url",
"mysql://XXXX:XXXX@localhost/ser")
modparam("auth_db", "db_url",
"mysql://XXXX:XXXX@localhost/ser")
modparam("rr", "enable_full_lr", 1)
modparam("registrar", "nat_flag", 6)
modparam("nathelper", "natping_interval", 30)
modparam("nathelper", "ping_nated_only", 1)
modparam("acc",
"radius_config","/usr/local/etc/radiusclient-ng/radiusclient.conf")
modparam("acc", "service_type", 15)
modparam("acc", "radius_flag", 2)
modparam("acc", "radius_missed_flag", 3)
modparam("acc", "failed_transactions", 1)
modparam("acc", "report_ack", 0)
route{
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483","Too Many Hops");
break;
};
if (msg:len >= max_len ) {
sl_send_reply("513", "Message too
big");
break;
};
if (nat_uac_test("3")) {
if (method == "REGISTER" || !
search("^Record-Route:")) {
fix_nated_contact();
if (method == "INVITE") {
fix_nated_sdp("1");
};
force_rport();
setflag(6);
};
};
lookup("aliases");
if (!method=="REGISTER") record_route();
if (loose_route()) {
append_hf("P-hint: rr-enforced\r\n");
route(1);
break;
};
setflag(2);
setflag(5);
if (method=="INVITE") {
exec_msg('(/usr/local/etc/ser/record.pl)');
};
if (!uri==myself) {
append_hf("P-hint: outbound\r\n");
route(1);
break;
};
if (uri=~"^sip:90087(.+)@.*") {
rewritehostport("202.64.248.209:5060");
forward(uri:host, uri:port);
exec_msg('(/usr/local/etc/ser/logs.csh)');
break;
};
#--------- IVR Start -----------
if (uri=~"^sip:222@.*") {
if (!t_newtran()) {
log("could not create new
transaction\n");
sl_send_reply("500","could not
create new transaction");
break;
};
if (method=="ACK"){
t_relay();
break;
};
t_reply("100","Trying -- just wait a
minute !");
if(!t_write_unix("/tmp/am_sock","ivr")) {
t_reply("500","error contacting
sems");
};
break;
};
#--------- IVR End -----------
if (uri==myself) {
if (method=="REGISTER") {
if
(!www_authorize("sip.easy.net.ph","subscriber")) {
www_challenge("sip.easy.net.ph", "0");
break;
};
save("location");
break;
};
if (method=="INVITE") {
exec_msg('(/usr/local/etc/ser/record.pl)');
};
lookup("aliases");
if (!uri==myself) {
append_hf("P-hint: outbound
alias\r\n");
route(1);
break;
};
if (!lookup("location")) {
sl_send_reply("404", "Not
Found");
break;
};
};
append_hf("P-hint: usrloc applied\r\n");
route(1);
}
route[1]
{
if (method=="INVITE") {
exec_msg('/usr/local/etc/ser/record.pl');
};
if (method=="CANCEL") {
exec_msg('/usr/local/etc/ser/record.pl');
};
if (method=="BYE") {
exec_msg('/usr/local/etc/ser/record.pl');
};
if (method=="ACK") {
exec_msg('/usr/local/etc/ser/record.pl');
};
setflag(2);
if
(uri=~"[@:](192\.168\.|10\.|172\.(1[6-9]|2[0-9]|3[0-1])\.)"
&& !search("^Route:")){
sl_send_reply("479", "We don't forward
to private IP addresses");
break;
};
if (isflagset(6)) {
force_rtp_proxy();
};
t_on_reply("1");
if (!t_relay()) {
sl_reply_error();
};
}
onreply_route[1] {
if (isflagset(6) && status =~
"(183)|2[0-9][0-9]") {
fix_nated_contact();
force_rtp_proxy();
} else if (nat_uac_test("1")) {
fix_nated_contact();
};
}
--- Matt Simpson <msimpson(a)commpartners.us> wrote:
>
> >My question:
> >What triggers the SER to send START accounting
> request
> >to the RADIUS?
> >
> >Thanks,
> >
> >Rommel
>
> Rommel, there should be a statement at the top like:
> modparam("acc","radius_flag",1)
>
> The "1" is the flag to account for a call in radius
>
> Then you would use:
> setflag(1);
>
> to account for the call. It is hard to tell you
> where to put the
> statement without seeing your conf but that should
> help.
>
>
__________________________________
Yahoo! Mail - PC Magazine Editors' Choice 2005
http://mail.yahoo.com
I'm using SER to shuttle calls between softswitches. I have "softswitch
A" sending calls to the SER proxy, which then does an enum lookup to
make a routing decision and then passes the call on to the appropriate
softswitch. I have been having some strange problems with the setup and
some questions about my config. I sometimes get:
Nov 10 21:14:01 cpser ser[22087]: 483 Too many Hops
Nov 10 21:14:01 cpser ser[22087]: Warning: sl_send_reply: I won't send a
reply for ACK!!
This mostly happens after I do a serctl restart to reload my config. I
assume that is because ACKs are coming in that the stateful transaction
processor doesn't know where to forward them to since I restarted?
There's no other way to reload a config other than a full restart,
correct?
Also I see a lot of "408 Request Timeout" from far end gateways. Is
there something wrong with my config?
Here is my config:
modparam("acc","radius_flag",1)
modparam("acc","failed_transactions",0)
modparam("tm", "fr_inv_timer", 5 )
route{
if ( !mf_process_maxfwd_header("10") )
{
xlog("L_ERR","483 Too many Hops");
sl_send_reply("483","Too Many Hops");
drop();
};
if (msg:len >= 2048 ) {
xlog("L_ERR","513 Message too Big");
sl_send_reply("513", "Message too big");
break;
};
setflag(1);
if (loose_route())
{
t_relay();
break;
};
if (method =="BYE")
{
if ( !t_relay())
{
sl_reply_error();
}
break;
};
if (method =="CANCEL")
{
if ( !t_relay())
{
sl_reply_error();
}
break;
};
if (method =="ACK")
{
if ( !t_relay())
{
sl_reply_error();
}
break;
};
if (method =="INVITE")
{
record_route();
if (uri=~"^sip:[2-9]+@*")
{
prefix("+");
if ( !enum_query("e164.internal.net"))
{
strip(1);
prefix("1");
rewritehost("192.168.10.5");
xlog("L_ERR","NANPA number to %tu from
%fu carrier %ru\n");
t_on_failure("1");
t_relay();
break;
}
xlog("L_ERR","NANPA-ENUM number to %tu from %fu
carrier %ru\n");
t_on_failure("1");
t_relay();
};
# end if block method = invite
}
}
failure_route[1]
{
if(t_check_status("501|502|503|504|505|513"))
{
setflag(1);
revert_uri();
rewritehost("192.168.50.3");
append_branch();
xlog("L_ERR","FAIL-5XX number to %tu from %fu carrier
%ru\n");
t_relay();
}
}
Hi,
I was making test call from a UA1(10.0.2.12) via SER (192.168.168.87) to
another UA2 (192.168.168.33) where UA1 is a program written by us and
UA2 is a softphone.
When I cancel the call, I am having problem sending an Ack to SER.
In the trace attached, when UA1 send a Cancel, it replies with 200
canceling in response to this Cancel, and 487 in response to the
original INVITE message. Then UA1 send back an ACK in response to 487
but SER keep resending 487 message. It seems like SER doesn't recognize
the ACK message for some reasons.
Could anyone tell me what is the problem with this ACK message please?
Below are the only errors I can see in the /var/adm/message when I start
up ser. There is no error message during the test call.
Nov 11 09:07:12 TakeAway ./ser[5557]: [ID 212014 daemon.warning]
Warning: uac does not spread across the whole hash table
Nov 11 09:07:12 TakeAway ./ser[5557]: [ID 499528 daemon.notice] Maxfwd
module- initializing
Nov 11 09:07:12 TakeAway ./ser[5558]: [ID 827449 daemon.warning]
WARNING: no fifo_db_url given - fifo DB commands disabled!
OS version: Sparc Solaris 5.9
Ser version: ser 0.9.3
Thanks,
Eddie
Hi all,
How do I have SER rewrite the contact header of an INVITE message?
If I do that, will mediaproxy work for the session?
Thanks in advance,
George
Hi,
I was making test call from a UA1(10.0.2.12) via SER (192.168.168.87) to
another UA2 (192.168.168.33) where UA1 is a program written by us and
UA2 is a softphone.
When I cancel the call, I am having problem sending an Ack to SER.
In the trace attached, when UA1 send a Cancel, it replies with 200
canceling in response to this Cancel, and 487 in response to the
original INVITE message. Then UA1 send back an ACK in response to 487
but SER keep resending 487 message. It seems like SER doesn't recognize
the ACK message for some reasons.
Could anyone tell me what is the problem with this ACK message please?
Below are the only errors I can see in the /var/adm/message when I start
up ser. There is no error message during the test call.
Nov 11 09:07:12 TakeAway ./ser[5557]: [ID 212014 daemon.warning]
Warning: uac does not spread across the whole hash table
Nov 11 09:07:12 TakeAway ./ser[5557]: [ID 499528 daemon.notice] Maxfwd
module- initializing
Nov 11 09:07:12 TakeAway ./ser[5558]: [ID 827449 daemon.warning]
WARNING: no fifo_db_url given - fifo DB commands disabled!
OS version: Sparc Solaris 5.9
Ser version: ser 0.9.3
Thanks,
Eddie
We would be interested in numbers from ANYWHERE in the world, :)
How many can you give?
Minimum i would like to exchange is 50 number at a time.
Rehan
On 11/11/05, Victor Stanescu <victor.stanescu(a)gtstelecom.ro> wrote:
>
> Dear Rehan,
>
> Are you interested in Romanian numbers also?
>
> Rehan Ahmed wrote:
> > Dear Leon,
> >
> > We would like to exchange numbers from you, which numbers do you have
> > avaialble ?
> >
> > We can exchange numbers with you from the us, uk, and australia at this
> > time.
> >
> > We have 21 other countries also available for sale on www.didx.org<http://www.didx.org>
> > <http://www.didx.org> (wholesale) and virtualphoneline.com<http://virtualphoneline.com>
> > <http://virtualphoneline.com> ( retail web site)
> >
> > Please check it out.
> >
> > Rehan
> >
> >
> > On 11/11/05, *Leon Sun* <leon.sun(a)keywestcommunications.com
> > <mailto:leon.sun@keywestcommunications.com>> wrote:
> >
> > Hi, all
> >
> >
> >
> > I believe most of you are in Telecom. I like to see if any one can
> > provide DID service over the world. If so, please let me know, we
> > like to buy DIDs from different countries. At beginning, we can
> > start with one number as testing. Furthermore, we can sign contract
> > and make payment for more DIDs you provide.
> >
> >
> >
> > Regards
> >
> >
> >
> > Leon Sun
> >
> >
> > _______________________________________________
> > Serusers mailing list
> > serusers(a)lists.iptel.org <mailto:serusers@lists.iptel.org>
> > http://lists.iptel.org/mailman/listinfo/serusers
> >
> >
> >
> >
> > ------------------------------------------------------------------------
> >
> > _______________________________________________
> > Serusers mailing list
> > serusers(a)lists.iptel.org
> > http://lists.iptel.org/mailman/listinfo/serusers
>
