So... if I understand this correctly, you're having problems with diverted calls FROM the Asterisk IVR not being able to authenticate on SER?

Could you just add the Asterisk server to the trust tables and skip the auth process for calls coming back or would that create problems?

N.

On Tue, 5 Sep 2006 21:16:45 +0100, Roberto Lopes wrote
> Hi to all!
> I've a big problem with SER & Asterisk
> I've a network where i put them working together.
> Asterisk is the media gateway with PSTN as well as being the server which is making all the services available (IVR, voicemail, conference calls, etc).
> SER just routes calls either to the softphones, VoIP phones or to Asterisk who will just forward the calls to PSTN (via Asterisk).
> Till now everything works well except the service IVR which is working on Asterisk.
>
> Details:
> MailScanner has detected a possible fraud attempt from "192.168.226.13" claiming to be MailScanner warning: numerical links are often malicious: 192.168.226.13 - IP SER
> MailScanner has detected a possible fraud attempt from "192.168.226.45" claiming to be MailScanner warning: numerical links are often malicious: 192.168.226.45 - IP Asterisk
>
> The problem is only after the user (roberto@192.168.226.13 - authenticated and authorized in RADIUS) calls IVR.
> Till then the user calls, IVR gives some information to the user and everything goes well.
> Problem is when he presses a number which will have to redirect the call to another user.
> And why is there a problem.
> Because the initially roberto@192.168.226.13 to be able to call IVR had to rewrite host & port MailScanner has detected a possible fraud attempt from "192.168.226.45" claiming to be MailScanner warning: numerical links are often malicious: 192.168.226.45 so that the call would reach Asterisk who would then call to the IVR.
> That rewriting turned roberto@192.168.226.13 into roberto@192.168.226.45. That is, I can say, that it became a "new user".
> While it's on the IVR there's no problem, but when call is diverted it has to give its credentials...
> Credentials that don't exist in RADIUS cause it only accepts usernames that end in @ MailScanner has detected a possible fraud attempt from "192.168.226.13" claiming to be MailScanner warning: numerical links are often malicious: 192.168.226.13 (IP of SER)
>
> Here is the following code, both of extensions file in Asterisk and configure file of SER
> I hope somebody knows how to solve it or at least find a way how to.
>
> extensions.conf - Asterisk
>
[sip]
exten => 74001,1,Answer
exten => 74001,2,SetMusicOnHold(default)
exten => 74001,3,Set(TIMEOUT(digit)=5)
exten => 74001,4,Set(TIMEOUT(response)=10)
exten => 74001,5,Background(menu)

> exten => 1,1,Dial(SIP/roberto@192.168.226.13:5060,,r)
...
exten => 7,1,Goto(sip,74001,1)
exten => 8,1,Hangup

>
> ser.cfg - SER
>
> ...
> if ((uri=~"^sip:7[0-9]{4}@.*")) {
>         route(5);
>         break;
> };
...
> route[5] {     # Redirecting to Asterisk
>     # MsgLog
>     xlog("L_ALERT","(WARNING) Sending to Asterisk request of %fu to %tu\n");
>     rewritehostport("MailScanner has detected a possible fraud attempt from "192.168.226.45:5060" claiming to be MailScanner warning: numerical links are often malicious: 192.168.226.45:5060");
>     route(1);
> }
>
>
> Thanks for your help,
> Roberto Lopes