Hi All
It's something strange with my setup, I can make calls to and from and connect, but it's no sound. I use Ser as my registrar with Rptproxy and Asterisk has my PSTN gateway.
Ser and Rtpproxy is on the same server and has a public ip Asterisk is on a private ip
A friend of mine will like to connect to my network. He is behind NAT and trying to call me from his W2000 Zyxel sip phone. Her I'm enclosing my new ser.cfg file
# $Id: ser.cfg,v 1.21 2003/06/04 13:47:36 jiri Exp $ # # simple quick-start config script #
# ----------- global configuration parameters ------------------------
debug=7 # debug level (cmd line: -dddddddddd) fork=no log_stderror=yes # (cmd line: -E)
listen=public ip #listen=127.0.0.1
# hostname matching an alias will satisfy the condition uri==myself". alias=my.domain.com alias=domain.com
# Uncomment these lines to enter debugging mode /* debug=7 fork=no log_stderror=yes */
check_via=no # (cmd. line: -v) dns=no # (cmd. line: -r) rev_dns=no # (cmd. line: -R) port=5060 children=4 fifo="/tmp/ser_fifo" alias=my.domain.com domain.com localhost
# ------------------ module loading ----------------------------------
# Uncomment this if you want to use SQL database loadmodule "/usr/local/lib/ser/modules/mysql.so"
loadmodule "/usr/local/lib/ser/modules/sl.so" loadmodule "/usr/local/lib/ser/modules/tm.so" loadmodule "/usr/local/lib/ser/modules/rr.so" loadmodule "/usr/local/lib/ser/modules/maxfwd.so" loadmodule "/usr/local/lib/ser/modules/usrloc.so" loadmodule "/usr/local/lib/ser/modules/registrar.so" loadmodule "/usr/local/lib/ser/modules/textops.so"
# Uncomment this if you want digest authentication # mysql.so must be loaded ! loadmodule "/usr/local/lib/ser/modules/auth.so" loadmodule "/usr/local/lib/ser/modules/auth_db.so"
# load the voicemail module #loadmodule "/usr/local/lib/ser/modules/vm.so"
# load the enum module loadmodule "/usr/local/lib/ser/modules/enum.so"
# load the group module, to verify if a user forwards to voicemail loadmodule "/usr/local/lib/ser/modules/group.so"
# load the nathelper module loadmodule "/usr/local/lib/ser/modules/nathelper.so"
# ----------------- setting module-specific parameters ---------------
# -- registrar parameter # special NAT flag indicates that a registered client is behind NAT modparam("registrar", "nat_flag", 6)
# -- usrloc params --
#modparam("usrloc", "db_mode", 0)
# Uncomment this if you want to use SQL database # for persistent storage and comment the previous line modparam("usrloc", "db_mode", 2) #modparam("usrloc", "db_url", "mysql://ser:heslo@localhost/ser") modparam("usrloc|auth_db|acc|group|msilo|uri","db_url","mysql://ser:heslo@lo calhost/ser")
# -- auth params -- # Uncomment if you are using auth module # modparam("auth_db", "calculate_ha1", yes) # # If you set "calculate_ha1" parameter to yes (which true in this config), # uncomment also the following parameter) # modparam("auth_db", "password_column", "password") #modparam("auth_db", "db_url", "mysql://ser:heslo@localhost/ser")
# -- rr params -- # add value to ;lr param to make some broken UAs happy modparam("rr", "enable_full_lr", 1)
# -- voicemail params -- #modparam("voicemail", "db_url","mysql://ser:heslo@localhost/ser")
# -- voicemail params -- #modparam("group", "db_url","mysql://serro:heslo@localhost/ser")
# -- nathelper params -- modparam("nathelper", "natping_interval", 60) modparam("nathelper", "ping_nated_only", 1)
modparam("tm", "fr_inv_timer", 30 ) #modparam("tm", "fr_inv_timer", 8 )
# ------------------------- request routing logic -------------------
# main routing logic
route{ log(1, "-------------------------------------------\n"); log(1, "entering main loop\n");
if (nat_uac_test("2")) { log(1, "src address different than via header->NAT detected\n"); log(1, "force_rport and fix_nated_contact and setflag(5)\n"); #try NAT traversal, works only if the client is symmetrical force_rport(); fix_nated_contact(); append_hf("P-hint: fixed NAT contact for request\r\n"); # flag 5 indicates that incoming request is from NATed client setflag(5); };
if (method=="REGISTER") log(1, "REGISTER message received\n");
if (method=="INVITE") log(1, "INVITE message received\n");
if (method=="ACK") log(1, "ACK message received\n");
if (method=="BYE") log(1, "BYE message received\n");
if (method=="CANCEL") log(1, "CANCEL message received\n");
if (method=="SUBSCRIBE") log(1, "SUBSCRIBE message received\n");
if (method=="NOTIFY") log(1, "NOTIFY message received\n");
if (method=="OPTIONS") log(1, "OPTIONS message received\n");
if (method=="INFO") log(1, "INFO message received\n");
if (method=="MESSAGE") log(1, "MESSAGE message received\n");
if (method=="REFER") log(1, "REFER message received\n");
# initial sanity checks -- messages with # max_forwards==0, or excessively long requests if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); break; };
if (msg:len > max_len) { #if (len_gt( max_len )) { sl_send_reply("513", "Message too big"); break; };
# loose-route processing if (loose_route()) { log(1, "loose_route processing\n"); t_relay(); break; };
# create transaction state; abort if error occured # if ( !t_newtran()) { # sl_reply_error(); # break; # };
#new # now check if it's about PSTN destinations through our gateway; # note that 8.... is exempted for numerical non-gw destinations if (uri=~"sip:+?[0-79][0-9]*@.*") { route(3); break; };
#
# if the request is for other domain use UsrLoc # (in case, it does not work, use the following command # with proper names and addresses in it) if (uri==myself) {
if (method=="REGISTER") { log(1, "analyzing REGISTER request\n"); # Uncomment this if you want to use digest authentication if (!www_authorize("my.domain.com", "subscriber")) { www_challenge("my.domain.com", "0"); break; };
if (isflagset(5)) { #register from nated client, save nat_flag=6 #in location table setflag(6); }; if (!save("location")) { log(1, "save location error\n"); sl_reply_error(); }; break; };
lookup("aliases");
#mark transaction for voicemail if (is_user_in("Request-URI", "voicemail\n")) { log(1, "requested user is in voicemail group"); setflag(4); }; # native SIP destinations are handled using our USRLOC DB if (!lookup("location")) { # handle user which was not found log(1, "requested user not found\n"); route(4); break; }; };
#add failure route which should be performed if response code >=300 if (method=="INVITE" && isflagset(4)) { log(1, "invite for voicemail user->initiate failureroute[1]\n"); t_on_failure("1"); };
# forward to current uri now; use stateful forwarding; that # works reliably even if we forward from TCP to UDP
route(1); }
route[1]{ log(1, "-------------------------------------------\n"); log(1, "entering route[1] - relaying SIP message\n"); if ((isflagset(5)) || (isflagset(6))) { log(1, "at least one of the participants is NATed->record_route\n"); record_route(); log(1, " -->setting up reply processing ->onreply_route[1]"); t_on_reply("1"); if (method=="INVITE") { log(1, " INVITE request-->force_rtp_proxy, set NATED-INVITE flag(7)"); force_rtp_proxy(); append_hf("P-hint: request forced to rtp proxy\r\n"); setflag(7); }; };
log(1, "relaying message ...\n"); if (!t_relay()) { log(1, "t_relay error occured\n"); sl_reply_error(); };
}
# all incoming replies for t_onrepli-ed transactions enter here onreply_route[1] { log(1, "-------------------------------------------\n"); log(1, "onreply_route[1] entered\n");
if (isflagset(6)) { log(1, "transaction was sent to a NATED client -> fix nated contact\n"); fix_nated_contact(); append_hf("P-hint: fixed NAT contact for response\r\n"); }
if ( (status=~"100") ) { log(1, "status 100 received\n"); };
if ( (status=~"180") ) { log(1, "status 180 received\n"); };
if ( (status=~"202") ) { log(1, "status 202 received\n"); };
if ( (status=~"200" || status=~"183") ) { log(1, "status 2xx or 183"); if ( isflagset(7) ) { log(1, "marked(7) as NATED-INVITE -> force_rtp_proxy\n"); force_rtp_proxy(); append_hf("P-hint: response forced to rtpproxy\r\n"); }; }; }
#new # logic for calls to the PSTN route[3] { # turn accounting on setflag(1);
/* require all who call PSTN to be members of the "int" group; apply ACLs only to INVITEs -- we don't need to protect other requests, as they don't imply charges; also it could cause troubles when a call comes in via PSTN and goes to a party that can't authenticate (voicemail, other domain) -- BYEs would fail then; exempt Cisco gateway from authentication by IP address -- it does not support digest */ if (method=="INVITE" && (!src_ip==public ip)) { if (!proxy_authorize("my.domain.com" /* realm */,"subscriber" /* table name */)) { proxy_challenge( "my.domain.com" /* realm */, "0" /* no qop */ ); break; }; # let's check from=id ... avoids accounting confusion
if(!is_user_in("credentials", "int")) { sl_send_reply("403", "NO PSTN Privileges..."); break; }; consume_credentials();
}; # INVITE to authorized PSTN
# if you have passed through all the checks, let your call go to GW! force_rtp_proxy(); record_route(); t_on_reply("1"); # snom conditioner if (method=="INVITE" && search("User-Agent: snom")) { replace("100rel, ", ""); };
append_hf("P-hint: GATEWAY\r\n"); # use UDP to guarantee well-known sender port (TCP ephemeral) t_relay_to_udp("192.168.0.200","5060"); }
route[4]{ log(1, "-------------------------------------------\n"); log(1, "entering route[4] = requested user not online\n"); # non-Voip -- just send "off-line" if (!(method == "INVITE" || method == "ACK" || method == "CANCEL" || method == "REFER" || method == "BYE")) { log(1, "no invite,ack,cancel,refer->return 404\n"); sl_send_reply("404", "Not Found"); break; };
# not voicemail subscriber and no echo/conference call if ( isflagset(4)) { log(1, "flag(4) active\n"); }; if (uri =~ "conference") { log(1, "conference call\n"); }; if (uri =~ "echo") { log(1, "echo call\n"); }; if ( !( isflagset(4) || (uri =~ "conference") || (uri =~ "echo") ) ) { log(1, "no voicemail subscriber->return 404"); sl_send_reply("404", "Not Found and no voicemail turned on"); break; };
if ( isflagset(5) ) { log(1, "caller is NATed->record_route\n"); record_route(); log(1, " -->setting up reply processing ->onreply_route[1]"); t_on_reply("1"); if (method=="INVITE") { log(1, " INVITE request-->force_rtp_proxy"); force_rtp_proxy(); }; };
# forward to voicemail now rewritehostport("212.17.35.184:5060"); log(1, "forward to voicemail\n"); t_relay_to_udp("212.17.35.184", "5060");
}
failure_route[1] { /* XX: note: unsafe if preloaded routes without username used */ log(1, "-------------------------------------------\n"); log(1, "failureroute[1] entered"); revert_uri(); rewritehostport("212.17.35.184:5060"); append_branch(); t_relay_to_udp("212.17.35.184", "5060");
}
--- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.701 / Virus Database: 458 - Release Date: 07.06.2004