Hi everybody I'd like to implement this scenario:
----------- ------------------- --------------- | GW/FW |<----LAN1---->|eth0|Openser|eth1|<----LAN2---->|eth0|asterisk| -->PSTN ----------- ------------------- | --------------- |_______________________________________________|
Where: - Openser is reachable from the outside with a public IP forwarded to eth0 private address;
- Asterisk is connected to Openser using another separated LAN - Openser acts as proxy (for requests coming from the outside) and Asterisk act as registrar and gateway.
This is the description, now the questions: -since opneser has two different nics, how can configure it to properly send register request to asterisk? This is what currently happens: 192.168.40.68:5060: is eth0 Openser Address 192.168.12.165 is eth1 Openser Address 192.168.12.106 is Asterisk address 82.187.X.X is Openser public address Network 192.168.40.X is not reachable from net 192.168.12.X
<-- SIP read from 192.168.40.68:5060: REGISTER sip:192.168.12.106 SIP/2.0 // 12.106 is Asterisk address Via: SIP/2.0/UDP 82.187.X.X;branch=z9hG4bKfe0f.21364c47.0 Via: SIP/2.0/UDP 192.168.40.254:2660;rport=2265;received=82.187.Y.Ybranch=z9hG4bK532058BAC7C544E0961E038CC29B2106
From: Cfadda sip:225@82.187.90.68;tag=3189722840 To: Cfadda sip:225@82.187.90.68 Contact: "Cfadda" sip:225@192.168.40.254:2660 Call-ID: 487DA353295C484FA58B2FB1464A2210@82.187.X.X CSeq: 65140 REGISTER Expires: 1800 Max-Forwards: 69 User-Agent: X-PRO release 1105x Content-Length: 0
Nov 5 10:37:28 VERBOSE[23848] logger.c: --- (12 headers 0 lines) --- Nov 5 10:37:28 VERBOSE[23848] logger.c: Using latest REGISTER request as basis request Nov 5 10:37:28 VERBOSE[23848] logger.c: Sending to 82.187.X.X : 5060 (non-NAT) Nov 5 10:37:28 VERBOSE[23848] logger.c: Transmitting (NAT) to 192.168.40.68:5060: SIP/2.0 100 Trying Via: SIP/2.0/UDP 82.187.X.X ;branch=z9hG4bKfe0f.21364c47.0;received=192.168.40.68 Via: SIP/2.0/UDP 192.168.40.254:2660;rport=2265;received=82.187.Y.Y;branch=z9hG4bK532058BAC7C544E0961E038CC29B2106
From: Cfadda sip:225@82.187.90.68;tag=3189722840 To: Cfadda <sip:225@82.187.X.X > Call-ID: 487DA353295C484FA58B2FB1464A2210@82.187.X.X CSeq: 65140 REGISTER User-Agent: Asterisk PBX Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY Contact: sip:225@192.168.12.106 Content-Length: 0
--- Nov 5 10:37:28 VERBOSE[23848] logger.c: Transmitting (NAT) to 192.168.40.68:5060: SIP/2.0 401 Unauthorized Via: SIP/2.0/UDP 82.187.X.X ;branch=z9hG4bKfe0f.21364c47.0;received=192.168.40.68 Via: SIP/2.0/UDP 192.168.40.254:2660;rport=2265;received=82.187.Y.Y;branch=z9hG4bK532058BAC7C544E0961E038CC29B2106
From: Cfadda <sip:225@82.187.X.X >;tag=3189722840 To: Cfadda <sip:225@82.187.X.X >;tag=as4c420a53 Call-ID: 487DA353295C484FA58B2FB1464A2210@82.187.X.X CSeq: 65140 REGISTER User-Agent: Asterisk PBX Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY WWW-Authenticate: Digest algorithm=MD5, realm="asterisk", nonce="05f14a3e" Content-Length: 0
So asterisk sends response to the wrong interface.
How can I solve this?
Thanks in advance,
C.
Hello,
On 11/05/08 16:36, Cosimo Fadda wrote:
Hi everybody I'd like to implement this scenario:
| GW/FW |<----LAN1---->|eth0|Openser|eth1|<----LAN2---->|eth0|asterisk| -->PSTN ----------- ------------------- | --------------- |_______________________________________________|
Where:
- Openser is reachable from the outside with a public IP forwarded to
eth0 private address;
- Asterisk is connected to Openser using another separated LAN
- Openser acts as proxy (for requests coming from the outside) and
Asterisk act as registrar and gateway.
This is the description, now the questions: -since opneser has two different nics, how can configure it to properly send register request to asterisk?
if you want to force an interface for outgoing sip requests, see force_send_sock() function: http://www.kamailio.org/dokuwiki/doku.php/core-cookbook:1.4.x#force_send_soc...
This is what currently happens: 192.168.40.68:5060: is eth0 Openser Address 192.168.12.165 is eth1 Openser Address 192.168.12.106 is Asterisk address 82.187.X.X is Openser public address Network 192.168.40.X is not reachable from net 192.168.12.X
<-- SIP read from 192.168.40.68:5060: REGISTER sip:192.168.12.106 SIP/2.0 // 12.106 is Asterisk address Via: SIP/2.0/UDP 82.187.X.X;branch=z9hG4bKfe0f.21364c47.0 Via: SIP/2.0/UDP 192.168.40.254:2660;rport=2265;received=82.187.Y.Ybranch=z9hG4bK532058BAC7C544E0961E038CC29B2106
From: Cfadda sip:225@82.187.90.68;tag=3189722840 To: Cfadda sip:225@82.187.90.68 Contact: "Cfadda" sip:225@192.168.40.254:2660 Call-ID: 487DA353295C484FA58B2FB1464A2210@82.187.X.X CSeq: 65140 REGISTER Expires: 1800 Max-Forwards: 69 User-Agent: X-PRO release 1105x Content-Length: 0
Nov 5 10:37:28 VERBOSE[23848] logger.c: --- (12 headers 0 lines) --- Nov 5 10:37:28 VERBOSE[23848] logger.c: Using latest REGISTER request as basis request Nov 5 10:37:28 VERBOSE[23848] logger.c: Sending to 82.187.X.X : 5060 (non-NAT) Nov 5 10:37:28 VERBOSE[23848] logger.c: Transmitting (NAT) to 192.168.40.68:5060: SIP/2.0 100 Trying Via: SIP/2.0/UDP 82.187.X.X ;branch=z9hG4bKfe0f.21364c47.0;received=192.168.40.68 Via: SIP/2.0/UDP 192.168.40.254:2660;rport=2265;received=82.187.Y.Y;branch=z9hG4bK532058BAC7C544E0961E038CC29B2106
From: Cfadda sip:225@82.187.90.68;tag=3189722840 To: Cfadda <sip:225@82.187.X.X > Call-ID: 487DA353295C484FA58B2FB1464A2210@82.187.X.X CSeq: 65140 REGISTER User-Agent: Asterisk PBX Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY Contact: sip:225@192.168.12.106 Content-Length: 0
Nov 5 10:37:28 VERBOSE[23848] logger.c: Transmitting (NAT) to 192.168.40.68:5060: SIP/2.0 401 Unauthorized Via: SIP/2.0/UDP 82.187.X.X ;branch=z9hG4bKfe0f.21364c47.0;received=192.168.40.68 Via: SIP/2.0/UDP 192.168.40.254:2660;rport=2265;received=82.187.Y.Y;branch=z9hG4bK532058BAC7C544E0961E038CC29B2106
From: Cfadda <sip:225@82.187.X.X >;tag=3189722840 To: Cfadda <sip:225@82.187.X.X >;tag=as4c420a53 Call-ID: 487DA353295C484FA58B2FB1464A2210@82.187.X.X CSeq: 65140 REGISTER User-Agent: Asterisk PBX Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY WWW-Authenticate: Digest algorithm=MD5, realm="asterisk", nonce="05f14a3e" Content-Length: 0
So asterisk sends response to the wrong interface.
How can I solve this?
Probably the right answer you will get on the asterisk mailing lists.
Cheers, Daniel
-
Cosimo Fadda -
Daniel-Constantin Mierla