Hello,
run Kamailio with higher debug value (debug=4) and watch the syslog, you should get some hints about authentication failure - can be wrong password, invalid nonce, etc
Also, you should consider using 3.0 directly if you just start the configuration. It has lot of improvements and next major release 3.1 is approaching, upgrade from 3.0 is far easier than from 1.5.
Cheers, Daniel
On 8/18/10 12:37 AM, Toyima Dias wrote:
HEllo community,
I'm having some problems with my kamailio configuration, following is the section of my authentication process on my /etc/kamailio/kamailio.cfg
route [3] { if (is_method("REGISTER")) { if (!www_authorize("", "subscriber")) { www_challenge("", "0"); exit; }
if ($au!=$tU) { sl_send_reply("403", "Forbidden auth ID"); exit; } } else { if (from_uri==myself) { if(!proxy_authorize("", "subscriber")) { proxy_challenge("", "0"); exit; } if (is_method("PUBLISH")) { if ($au!=$tU) { sl_send_reply("403", "Forbiddenauth ID"); exit; } } else { if ($au!=$fU) { sl_send_reply("403", "Forbidden auth ID"); exit; } } consume_credentials(); } } return; }
I added a user with the following command:
# kamctl add 1102 123456
And then i checked on mysql, table subscriber:
mysql> select * from subscriber; +----+----------+---------------+----------+---------------+----------------------------------+----------------------------------+------+ | id | username | domain | password | email_address | ha1 | ha1b | rpid | +----+----------+---------------+----------+---------------+----------------------------------+----------------------------------+------+ | 3 | 1102 | dannydias.com http://dannydias.com | | | fe7a80817383cfd90950dea03d37eccf | dbb9b6ef93d4f3417038a6bf5cd176db | NULL | +----+----------+---------------+----------+---------------+----------------------------------+----------------------------------+------+ 1 row in set (0.00 sec)
By the way, the domain field does not exist (dannydias.com http://dannydias.com) i'm not sure how this could affect the authentication process, this migh be the problem?
And finally, ngrep-sip to check what is going on:
# U 2010/08/17 22:28:38.548357 80.26.81.96:26932 http://80.26.81.96:26932 -> 212.230.19.191:5060 http://212.230.19.191:5060 *_REGISTER sip:212.230.19.191 SIP/2.0'_* Via: SIP/2.0/UDP 80.26.81.96:26932;branch=z9hG4bK-d2ee4e38' From: "1102" <sip:1102@212.230.19.191 mailto:sip%3A1102@212.230.19.191>;tag=36dcc698cfc16210o1' To: "1102" <sip:1102@212.230.19.191 mailto:sip%3A1102@212.230.19.191>' Call-ID: 4aab2f50-775b4d34@80.26.81.96 mailto:4aab2f50-775b4d34@80.26.81.96' CSeq: 10409 REGISTER' Max-Forwards: 70' Authorization: Digest username="1102",realm="212.230.19.191",nonce="4c6b0d34000000c9c4e2068de2d41bec38c6d23029696501",uri="sip:212.230.19.191",algorithm=MD5,response="a09ea335a01051d714d2cbfe95e17820"' Contact: "1102" <sip:1102@80.26.81.96:26932 http://sip:1102@80.26.81.96:26932>;expires=180' User-Agent: Linksys/SPA942-5.1.15(a)' Content-Length: 0' Allow: ACK, BYE, CANCEL, INFO, INVITE, NOTIFY, OPTIONS, REFER' Supported: replaces' '
# U 2010/08/17 22:28:38.548357 212.230.19.191:5060 http://212.230.19.191:5060 -> 80.26.81.96:26932 http://80.26.81.96:26932 *_SIP/2.0 401 Unauthorized'_* Via: SIP/2.0/UDP 80.26.81.96:26932;branch=z9hG4bK-d2ee4e38' From: "1102" <sip:1102@212.230.19.191 mailto:sip%3A1102@212.230.19.191>;tag=36dcc698cfc16210o1' To: "1102" <sip:1102@212.230.19.191 mailto:sip%3A1102@212.230.19.191>;tag=00f209f5fddbfe1aa952cd699e41d531.97e5' Call-ID: 4aab2f50-775b4d34@80.26.81.96 mailto:4aab2f50-775b4d34@80.26.81.96' CSeq: 10409 REGISTER' WWW-Authenticate: Digest realm="212.230.19.191", nonce="4c6b0d34000000caa164dcad25dbc5b4c6baefcef6dc84ae"' Server: Kamailio (1.5.4-notls (x86_64/linux))' Content-Length: 0' '
Could somebody help me? i can't find the real problem
Thanks in advance
DD
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users