[Kamailio-Users] No Audio with clients Behind NAT, audio is fine with clients using public IPs (Im using rtpproxy)
Hello everyone, this is my first post on this list,
I have installed kamailio 1.5.1 and set up a vanilla default kamailio.cfg, then I have modified the cfg to activate mysql, domain, presence, nathelper and authentication with md5, everything works as supposed to, and the clients can register, send txt messages and talk to each other. The only problem is with the audio when the two clients are behind a NAT, the phones can make a call and it does ring too, but when you pick up there is no audio both ways.
when the phones have a public IP everything goes fine, it also works when I use a Linksys PAP2T whith the options to "Insert VIA received", "Insert VIA rport", "Handle VIA received", "Handle VIA rport" and "NAT mapping enable" turned on, with the Qutecom softphone works too.
This is happening with thomson phones (model ST 2022), and GrandStream Budge Tone 200, it happens no matter what options I set for NATting on the phones, I've even used stun with stunserver.org or the ekiga stunserver, the phones register and can make and recieve calls, but there is no audio when you pick up the call.
With a kamctl ul show, you can see that the phones have registered the Contact with their local IPs and the Received have the public IPs and ports for the NAT The only difference with the working Linksys is that they register the Contact with the public IP. Here you can see two NATed phones on the proxy
Domain:: location table=512 records=2 max_slot=1 AOR:: 20000004@212.4.107.250 Contact:: sip:20000004@192.168.254.110:5060;transport=udp;user=phone Q= Expires:: 1150 Callid:: 72ed03f6d2f390f9@192.168.254.110 Cseq:: 10003 User-agent:: Grandstream BT200 1.1.6.27 Received:: sip:212.4.97.115:35379 State:: CS_NEW Flags:: 0 Cflag:: 0 Socket:: udp:212.4.107.250:5060 Methods:: 7807 AOR:: 20000000@212.4.107.250 Contact:: sip:20000000@192.168.254.101:5060;user=phone Q= Expires:: 2945 Callid:: 17fe-c0a80101-5-1@192.168.254.101 Cseq:: 6 User-agent:: THOMSON ST2022 hw2 fw3.56 00-18-F6-B5-7E-06 Received:: sip:212.4.97.115:55128 State:: CS_NEW Flags:: 0 Cflag:: 0 Socket:: udp:212.4.107.250:5060 Methods:: 4294967295
Im using rtpproxy and there is no log error that indicates that rttpproxy isn't working, in fact doing a SIP trace shows rtpproxy setting ports for the audio. I run rtpproxy with this command:
rtpproxy -l 212.4.107.250 -s udp:localhost:7722 -F
Any help would be greatly appreciated, I've been two weeks looking for a solution
Im attaching my kamailio.cfg so you can take a look, at the end of the message Im gonna attache the SIP Trace of a call between two NATed phones (a Thomson and a GrandStream) in case anyone can help me decypher whats wrong here:
this is my cfg file **************************************************************************************************
# # $Id: kamailio.cfg 5800 2009-04-20 11:01:49Z miconda $ # # Kamailio (OpenSER) SIP Server - basic configuration script # - web: http://www.kamailio.org # - svn: http://openser.svn.sourceforge.net/viewvc/openser/ # # Direct your questions about this file to: users@lists.kamailio.org # # Refer to the Core CookBook at http://www.kamailio.org/dokuwiki/doku.php # for an explanation of possible statements, functions and parameters. # # There are comments showing how to enable different features in th econfig # file. Such commented code starts with #X# where X is a letter to identify # a feature. Delete entire #X# if you want to enable that feature. Next are # sed commands that help you enable such features. # # *** To enamble mysql execute: # sed -i 's/#m#//g' kamailio.cfg # # *** To enamble authentication execute: # - enable mysql # sed -i 's/#a#//g' kamailio.cfg # - add users using 'kamctl' # # *** To enamble persistent user location execute: # - enable mysql # sed -i 's/#u#//g' kamailio.cfg # # *** To enamble presence server execute: # - enable mysql # sed -i 's/#p#//g' kamailio.cfg # # *** To enamble nat traversal execute: # sed -i 's/#n#//g' kamailio.cfg # - install RTPProxy: http://www.rtpproxy.org # - start RTPProxy: # rtpproxy -l _your_public_ip_ -s udp:localhost:7722 # # *** To enhance accounting execute: # - enable mysql # sed -i 's/#c#//g' kamailio.cfg # - add following columns to database # ALTER TABLE acc ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT ''; # ALTER TABLE acc ADD COLUMN src_domain VARCHAR(128) NOT NULL DEFAULT ''; # ALTER TABLE acc ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT ''; # ALTER TABLE acc ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT ''; # ALTER TABLE acc ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT ''; # ALTER TABLE missed_calls ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT ''; # ALTER TABLE missed_calls ADD COLUMN src_domain VARCHAR(128) NOT NULL DEFAULT ''; # ALTER TABLE missed_calls ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT ''; # ALTER TABLE missed_call ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT ''; # ALTER TABLE missed_calls ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT ''; #
####### Global Parameters #########
debug=3 log_stderror=no log_facility=LOG_LOCAL0
fork=yes children=4
/* uncomment the following lines to enable debugging */ #debug=6 #fork=no #log_stderror=yes
/* uncomment the next line to disable TCP (default on) */ #disable_tcp=yes
/* uncomment the next line to enable the auto temporary blacklisting of not available destinations (default disabled) */ #disable_dns_blacklist=no
/* uncomment the next line to enable IPv6 lookup after IPv4 dns lookup failures (default disabled) */ #dns_try_ipv6=yes
/* uncomment the next line to disable the auto discovery of local aliases based on revers DNS on IPs (default on) */ #auto_aliases=no
/* uncomment the following lines to enable TLS support (default off) */ #disable_tls = no #listen = tls:your_IP:5061 #tls_verify_server = 1 #tls_verify_client = 1 #tls_require_client_certificate = 0 #tls_method = TLSv1 #tls_certificate = "/usr/local/etc/kamailio/tls/user/user-cert.pem" #tls_private_key = "/usr/local/etc/kamailio/tls/user/user-privkey.pem" #tls_ca_list = "/usr/local/etc/kamailio/tls/user/user-calist.pem"
port=5060
/* uncomment and configure the following line if you want Kamailio to bind on a specific interface/port/proto (default bind on all available) */ #listen=udp:192.168.1.2:5060
####### Modules Section ########
#set module path mpath="/usr/local/lib/kamailio/modules/"
/* uncomment next line for MySQL DB support */ loadmodule "db_mysql.so" loadmodule "mi_fifo.so" loadmodule "sl.so" loadmodule "tm.so" loadmodule "rr.so" loadmodule "pv.so" loadmodule "maxfwd.so" loadmodule "usrloc.so" loadmodule "registrar.so" loadmodule "textops.so" loadmodule "uri_db.so" loadmodule "siputils.so" loadmodule "xlog.so" loadmodule "acc.so" /* uncomment next lines for MySQL based authentication support NOTE: a DB (like db_mysql) module must be also loaded */ loadmodule "auth.so" loadmodule "auth_db.so" /* uncomment next line for aliases support NOTE: a DB (like db_mysql) module must be also loaded */ #loadmodule "alias_db.so" /* uncomment next line for multi-domain support NOTE: a DB (like db_mysql) module must be also loaded NOTE: be sure and enable multi-domain support in all used modules (see "multi-module params" section ) */ loadmodule "domain.so" /* uncomment the next two lines for presence server support NOTE: a DB (like db_mysql) module must be also loaded */ loadmodule "presence.so" loadmodule "presence_xml.so" loadmodule "presence_mwi.so"#manually added
loadmodule "nathelper.so"
# ----------------- setting module-specific parameters ---------------
# ----- mi_fifo params ----- modparam("mi_fifo", "fifo_name", "/tmp/kamailio_fifo")
# ----- rr params ----- # add value to ;lr param to cope with most of the UAs modparam("rr", "enable_full_lr", 1) # do not append from tag to the RR (no need for this script) modparam("rr", "append_fromtag", 0)
# ----- rr params ----- modparam("registrar", "method_filtering", 1) /* uncomment the next line to disable parallel forking via location */ # modparam("registrar", "append_branches", 0) /* uncomment the next line not to allow more than 10 contacts per AOR */ #modparam("registrar", "max_contacts", 10)
# ----- uri_db params ----- /* by default we disable the DB support in the module as we do not need it in this configuration */ modparam("uri_db", "use_uri_table", 0) modparam("uri_db", "db_url", "")
# ----- acc params ----- /* what sepcial events should be accounted ? */ modparam("acc", "early_media", 1) modparam("acc", "report_ack", 1) modparam("acc", "report_cancels", 1) /* by default ww do not adjust the direct of the sequential requests. if you enable this parameter, be sure the enable "append_fromtag" in "rr" module */ modparam("acc", "detect_direction", 0) /* account triggers (flags) */ modparam("acc", "failed_transaction_flag", 3) modparam("acc", "log_flag", 1) modparam("acc", "log_missed_flag", 2) modparam("acc", "log_extra", "src_user=$fU;src_domain=$fd;dst_ouser=$tU;dst_user=$rU;dst_domain=$rd") /* uncomment the following lines to enable DB accounting also */ #c#modparam("acc", "db_flag", 1) #c#modparam("acc", "db_missed_flag", 2) #c#modparam("domain", "db_url", #c# "mysql://openser:openserrw@localhost/openser") #c#modparam("acc", "db_extra", #c# "src_user=$fU;src_domain=$fd;dst_ouser=$tU;dst_user=$rU;dst_domain=$rd")
# ----- usrloc params ----- /* uncomment the following lines if you want to enable DB persistency for location entries */ #u#modparam("usrloc", "db_mode", 2) #u#modparam("usrloc", "db_url", #u# "mysql://openser:openserrw@localhost/openser")
# ----- auth_db params ----- /* uncomment the following lines if you want to enable the DB based authentication */ #a#modparam("auth_db", "calculate_ha1", yes) #a#modparam("auth_db", "password_column", "password") #a#modparam("auth_db", "db_url", #a# "mysql://openser:openserrw@localhost/openser") #a#modparam("auth_db", "load_credentials", "")
#parametros de autentificacion modificados manualmente modparam("auth_db", "user_column", "username") modparam("auth_db", "domain_column", "domain") modparam("auth_db", "password_column", "ha1") modparam("auth_db", "password_column_2", "ha1b") modparam("auth_db", "calculate_ha1", 0) #modparam("auth_db", "use_domain", 0) modparam("auth_db", "use_domain", 1)#0 encendemos con 1 porque utilizaremos multi-domain modparam("auth_db", "load_credentials", "rpid") modparam("auth_db", "db_url", "mysql://openser:openserrw@localhost/openser")
# ----- alias_db params ----- /* uncomment the following lines if you want to enable the DB based aliases */ #modparam("alias_db", "db_url", # "mysql://openser:openserrw@localhost/openser")
# ----- domain params ----- /* uncomment the following lines to enable multi-domain detection support */ modparam("domain", "db_url", "mysql://openser:openserrw@localhost/openser") modparam("domain", "db_mode", 1) # Use caching
# ----- multi-module params ----- /* uncomment the following line if you want to enable multi-domain support in the modules (dafault off) */ modparam("alias_db|auth_db|usrloc|uri_db", "use_domain", 1)
# ----- presence params ----- /* uncomment the following lines if you want to enable presence */ modparam("presence|presence_xml", "db_url", "mysql://openser:openserrw@localhost/openser") modparam("presence_xml", "force_active", 1) modparam("presence", "server_address", "sip:212.4.107.250:5060")
# -- nathelper modparam("nathelper", "rtpproxy_sock", "udp:127.0.0.1:7722") modparam("nathelper", "natping_interval", 15) modparam("nathelper", "ping_nated_only", 0) modparam("nathelper", "sipping_bflag", 7) modparam("nathelper", "sipping_from", "sip:pinger@212.4.107.250") modparam("registrar|nathelper", "received_avp", "$avp(i:80)") modparam("usrloc", "nat_bflag", 6) modparam("nathelper", "sipping_method", "OPTIONS")
####### Routing Logic ########
# main request routing logic
route{
if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); exit; }
# NAT detection route(4);
if (has_totag()) { # sequential request withing a dialog should # take the path determined by record-routing if (loose_route()) { if (is_method("BYE")) { setflag(1); # do accounting ... setflag(3); # ... even if the transaction fails } route(1); } else { if (is_method("SUBSCRIBE") && uri == myself) { # in-dialog subscribe requests route(2); exit; } if ( is_method("ACK") ) { if ( t_check_trans() ) { # non loose-route, but stateful ACK; must be an ACK after a 487 or e.g. 404 from upstream server t_relay(); exit; } else { # ACK without matching transaction ... ignore and discard.\n"); exit; } } sl_send_reply("404","Not here"); } exit; }
#initial requests
# CANCEL processing if (is_method("CANCEL")) { if (t_check_trans()) { t_relay(); } exit; }
t_check_trans();
# authentication route(3);
# record routing if (!is_method("REGISTER|MESSAGE")) { record_route(); }
# account only INVITEs if (is_method("INVITE")) { setflag(1); # do accounting } ##if (!uri==myself) /* replace with following line if multi-domain support is used */ if (!is_uri_host_local()) { append_hf("P-hint: outbound\r\n"); # if you have some interdomain connections via TLS ##if($rd=="tls_domain1.net") { ## t_relay("tls:domain1.net"); ## exit; ##} else if($rd=="tls_domain2.net") { ## t_relay("tls:domain2.net"); ## exit; ##} route(1); }
# requests for my domain
if( is_method("PUBLISH|SUBSCRIBE")) { route(2); }
if (is_method("REGISTER")) { if (!save("location")) { sl_reply_error(); } exit; }
if ($rU==NULL) { # request with no Username in RURI sl_send_reply("484","Address Incomplete"); exit; }
# apply DB based aliases (uncomment to enable) ##alias_db_lookup("dbaliases");
if (!lookup("location")) { switch ($retcode) { case -1: case -3: t_newtran(); t_reply("404", "Not Found"); exit; case -2: sl_send_reply("405", "Method Not Allowed"); exit; } }
# when routing via usrloc, log the missed calls also setflag(2);
route(1); }
route[1] { if (check_route_param("nat=yes")) { setbflag(6); setbflag(7);# sipping } if (isflagset(5) || isbflagset(6)) { route(5); }
/* example how to enable some additional event routes */ if (is_method("INVITE")) { #t_on_branch("1"); t_on_reply("1"); t_on_failure("1"); }
if (!t_relay()) { sl_reply_error(); } exit; }
# Presence route /* uncomment the whole following route for enabling presence server */ route[2] { if (!t_newtran()) { sl_reply_error(); exit; };
if(is_method("PUBLISH")) { handle_publish(); t_release(); } else if( is_method("SUBSCRIBE")) { handle_subscribe(); t_release(); } exit; # if presence enabled, this part will not be executed if (is_method("PUBLISH") || $rU==null) { sl_send_reply("404", "Not here"); exit; } return; }
# Authentication route /* uncomment the whole following route for enabling authentication */ route[3] { if (is_method("REGISTER")) { # authenticate the REGISTER requests (uncomment to enable auth) if (!www_authorize("", "subscriber")) { www_challenge("", "0"); exit; }
if ($au!=$tU) { sl_send_reply("403","Forbidden auth ID"); exit; } } # Auth only on registration #a# } else { #a# # authenticate if from local subscriber (uncomment to enable auth) #a# if (from_uri==myself) #a# { #a# if (!proxy_authorize("", "subscriber")) { #a# proxy_challenge("", "0"); #a# exit; #a# } #a# if (is_method("PUBLISH")) #a# { #a# if ($au!=$tU) { #a# sl_send_reply("403","Forbidden auth ID"); #a# exit; #a# } #a# } else { #a# if ($au!=$fU) { #a# sl_send_reply("403","Forbidden auth ID"); #a# exit; #a# } #a# } #a# #a# consume_credentials(); #a# # caller authenticated #a# } #a# } return; }
# Caller NAT detection route /* uncomment the whole following route for enabling Caller NAT Detection */ route[4]{ force_rport(); if (nat_uac_test("19")) { if (method=="REGISTER") { fix_nated_register(); } else { fix_nated_contact(); } setflag(5); } return; }
# RTPProxy control /* uncomment the whole following route for enabling RTPProxy Control */ route[5] { if (is_method("BYE")) { unforce_rtp_proxy(); } else if (is_method("INVITE")){ force_rtp_proxy(); } if (!has_totag()) add_rr_param(";nat=yes"); return; }
branch_route[1] { xdbg("new branch at $ru\n"); }
onreply_route[1] { xdbg("incoming reply\n");
if ((isflagset(5) || isbflagset(6)) && status=~"(183)|(2[0-9][0-9])") { force_rtp_proxy(); } if (isbflagset(6)) { fix_nated_contact(); } }
failure_route[1] { if (is_method("INVITE") && (isbflagset(6) || isflagset(5))) { unforce_rtp_proxy(); }
if (t_was_cancelled()) { exit; }
# uncomment the following lines if you want to block client # redirect based on 3xx replies. ##if (t_check_status("3[0-9][0-9]")) { ##t_reply("404","Not found"); ## exit; ##}
# uncomment the following lines if you want to redirect the failed # calls to a different new destination ##if (t_check_status("486|408")) { ## sethostport("192.168.2.100:5060"); ## append_branch(); ## # do not set the missed call flag again ## t_relay(); ##} }
************************************************************************************************** **************************************************************************************************
And here goes the SIP Trace for a NATed to NATed hardphones: ************************************************************************************************** U +0.161561 212.4.97.115:35379 -> 212.4.107.250:5060 INVITE sip:20000000@212.4.107.250;user=phone SIP/2.0 Via: SIP/2.0/UDP 192.168.254.110:5060;branch=z9hG4bK8f809670adc00668 From: "20000004" sip:20000004@212.4.107.250;user=phone;tag=ab6ba13b2f38a04e To: sip:20000000@212.4.107.250;user=phone Contact: sip:20000004@192.168.254.110:5060;transport=udp;user=phone Supported: replaces, timer, path Call-ID: c177cae013da224d@192.168.254.110 CSeq: 29653 INVITE User-Agent: Grandstream BT200 1.1.6.27 Max-Forwards: 70 Allow: INVITE,ACK,CANCEL,BYE,NOTIFY,REFER,OPTIONS,INFO,SUBSCRIBE,UPDATE,PRACK Content-Type: application/sdp Content-Length: 332
v=0 o=20000004 8000 8000 IN IP4 192.168.254.110 s=SIP Call c=IN IP4 192.168.254.110 t=0 0 m=audio 40000 RTP/AVP 4 3 18 0 8 9 97 a=sendrecv a=rtpmap:4 G723/8000 a=rtpmap:3 GSM/8000 a=rtpmap:18 G729/8000 a=rtpmap:0 PCMU/8000 a=rtpmap:8 PCMA/8000 a=rtpmap:9 G722/8000 a=rtpmap:97 iLBC/8000 a=fmtp:97 mode=20 a=ptime:60
# U +0.000407 212.4.107.250:5060 -> 212.4.97.115:35379 SIP/2.0 100 Giving a try Via: SIP/2.0/UDP 192.168.254.110:5060;branch=z9hG4bK8f809670adc00668;rport=35379;received=212.4.97.115 From: "20000004" sip:20000004@212.4.107.250;user=phone;tag=ab6ba13b2f38a04e To: sip:20000000@212.4.107.250;user=phone Call-ID: c177cae013da224d@192.168.254.110 CSeq: 29653 INVITE Server: Kamailio (1.5.1-notls (i386/linux)) Content-Length: 0
# U +0.000034 212.4.107.250:5060 -> 212.4.97.115:55128 INVITE sip:20000000@192.168.254.101:5060;user=phone SIP/2.0 Record-Route: sip:212.4.107.250;lr=on;nat=yes Via: SIP/2.0/UDP 212.4.107.250;branch=z9hG4bK5974.c5c9aa24.0 Via: SIP/2.0/UDP 192.168.254.110:5060;rport=35379;received=212.4.97.115;branch=z9hG4bK8f809670adc00668 From: "20000004" sip:20000004@212.4.107.250;user=phone;tag=ab6ba13b2f38a04e To: sip:20000000@212.4.107.250;user=phone Contact: sip:20000004@212.4.97.115:35379;transport=udp;user=phone Supported: replaces, timer, path Call-ID: c177cae013da224d@192.168.254.110 CSeq: 29653 INVITE User-Agent: Grandstream BT200 1.1.6.27 Max-Forwards: 69 Allow: INVITE,ACK,CANCEL,BYE,NOTIFY,REFER,OPTIONS,INFO,SUBSCRIBE,UPDATE,PRACK Content-Type: application/sdp Content-Length: 348
v=0 o=20000004 8000 8000 IN IP4 192.168.254.110 s=SIP Call c=IN IP4 212.4.107.250 t=0 0 m=audio 35752 RTP/AVP 4 3 18 0 8 9 97 a=sendrecv a=rtpmap:4 G723/8000 a=rtpmap:3 GSM/8000 a=rtpmap:18 G729/8000 a=rtpmap:0 PCMU/8000 a=rtpmap:8 PCMA/8000 a=rtpmap:9 G722/8000 a=rtpmap:97 iLBC/8000 a=fmtp:97 mode=20 a=ptime:60 a=nortpproxy:yes
# U +0.019311 212.4.97.115:55128 -> 212.4.107.250:5060 SIP/2.0 100 Trying Via: SIP/2.0/UDP 212.4.107.250;branch=z9hG4bK5974.c5c9aa24.0 Via: SIP/2.0/UDP 192.168.254.110:5060;rport=35379;received=212.4.97.115;branch=z9hG4bK8f809670adc00668 From: "20000004"sip:20000004@212.4.107.250;user=phone;tag=ab6ba13b2f38a04e To: sip:20000000@212.4.107.250;user=phone Call-ID: c177cae013da224d@192.168.254.110 CSeq: 29653 INVITE Content-Length: 0
# U +0.030480 212.4.97.115:55128 -> 212.4.107.250:5060 SIP/2.0 180 Ringing Via: SIP/2.0/UDP 212.4.107.250;branch=z9hG4bK5974.c5c9aa24.0 Via: SIP/2.0/UDP 192.168.254.110:5060;rport=35379;received=212.4.97.115;branch=z9hG4bK8f809670adc00668 From: "20000004"sip:20000004@212.4.107.250;user=phone;tag=ab6ba13b2f38a04e To: sip:20000000@212.4.107.250;user=phone;tag=c0a80101-21188 Call-ID: c177cae013da224d@192.168.254.110 CSeq: 29653 INVITE Allow: INVITE,ACK,BYE,CANCEL,OPTIONS,PRACK,SUBSCRIBE,NOTIFY,UPDATE,REFER,REGISTER,INFO Contact: sip:20000000@192.168.254.101:5060;user=phone Record-Route: sip:212.4.107.250;lr=on;nat=yes Allow-Events: refer,dialog,message-summary,check-sync,talk,hold Content-Length: 0
# U +0.000083 212.4.107.250:5060 -> 212.4.97.115:35379 SIP/2.0 180 Ringing Via: SIP/2.0/UDP 192.168.254.110:5060;rport=35379;received=212.4.97.115;branch=z9hG4bK8f809670adc00668 From: "20000004"sip:20000004@212.4.107.250;user=phone;tag=ab6ba13b2f38a04e To: sip:20000000@212.4.107.250;user=phone;tag=c0a80101-21188 Call-ID: c177cae013da224d@192.168.254.110 CSeq: 29653 INVITE Allow: INVITE,ACK,BYE,CANCEL,OPTIONS,PRACK,SUBSCRIBE,NOTIFY,UPDATE,REFER,REGISTER,INFO Contact: sip:20000000@192.168.254.101:5060;user=phone Record-Route: sip:212.4.107.250;lr=on;nat=yes Allow-Events: refer,dialog,message-summary,check-sync,talk,hold Content-Length: 0
# U +6.510103 212.4.97.115:55128 -> 212.4.107.250:5060 SIP/2.0 200 OK Via: SIP/2.0/UDP 212.4.107.250;branch=z9hG4bK5974.c5c9aa24.0 Via: SIP/2.0/UDP 192.168.254.110:5060;rport=35379;received=212.4.97.115;branch=z9hG4bK8f809670adc00668 From: "20000004"sip:20000004@212.4.107.250;user=phone;tag=ab6ba13b2f38a04e To: sip:20000000@212.4.107.250;user=phone;tag=c0a80101-21188 Call-ID: c177cae013da224d@192.168.254.110 CSeq: 29653 INVITE Require: timer Session-Expires: 100;refresher=uac Allow: INVITE,ACK,BYE,CANCEL,OPTIONS,PRACK,SUBSCRIBE,NOTIFY,UPDATE,REFER,REGISTER,INFO Contact: sip:20000000@192.168.254.101:5060;user=phone Record-Route: sip:212.4.107.250;lr=on;nat=yes Allow-Events: refer,dialog,message-summary,check-sync,talk,hold Content-Type: application/sdp Content-Length: 151
v=0 o=20000000 138812 138812 IN IP4 192.168.254.101 s=- c=IN IP4 192.168.254.101 t=0 0 m=audio 32448 RTP/AVP 0 a=rtpmap:0 PCMU/8000 a=sendrecv
# U +0.000365 212.4.107.250:5060 -> 212.4.97.115:35379 SIP/2.0 200 OK Via: SIP/2.0/UDP 192.168.254.110:5060;rport=35379;received=212.4.97.115;branch=z9hG4bK8f809670adc00668 From: "20000004"sip:20000004@212.4.107.250;user=phone;tag=ab6ba13b2f38a04e To: sip:20000000@212.4.107.250;user=phone;tag=c0a80101-21188 Call-ID: c177cae013da224d@192.168.254.110 CSeq: 29653 INVITE Require: timer Session-Expires: 100;refresher=uac Allow: INVITE,ACK,BYE,CANCEL,OPTIONS,PRACK,SUBSCRIBE,NOTIFY,UPDATE,REFER,REGISTER,INFO Contact: sip:20000000@192.168.254.101:5060;user=phone Record-Route: sip:212.4.107.250;lr=on;nat=yes Allow-Events: refer,dialog,message-summary,check-sync,talk,hold Content-Type: application/sdp Content-Length: 167
v=0 o=20000000 138812 138812 IN IP4 192.168.254.101 s=- c=IN IP4 212.4.107.250 t=0 0 m=audio 35754 RTP/AVP 0 a=rtpmap:0 PCMU/8000 a=sendrecv a=nortpproxy:yes
# U +0.034122 212.4.97.115:35379 -> 212.4.107.250:5060 ACK sip:20000000@192.168.254.101:5060;user=phone SIP/2.0 Via: SIP/2.0/UDP 192.168.254.110:5060;branch=z9hG4bKdf5e0ceed72f3797 Route: sip:212.4.107.250;lr=on;nat=yes From: "20000004" sip:20000004@212.4.107.250;user=phone;tag=ab6ba13b2f38a04e To: sip:20000000@212.4.107.250;user=phone;tag=c0a80101-21188 Contact: sip:20000004@192.168.254.110:5060;transport=udp;user=phone Supported: path Call-ID: c177cae013da224d@192.168.254.110 CSeq: 29653 ACK User-Agent: Grandstream BT200 1.1.6.27 Max-Forwards: 70 Allow: INVITE,ACK,CANCEL,BYE,NOTIFY,REFER,OPTIONS,INFO,SUBSCRIBE,UPDATE,PRACK Content-Length: 0
# U +0.000245 212.4.107.250:5060 -> 192.168.254.101:5060 ACK sip:20000000@192.168.254.101:5060;user=phone SIP/2.0 Via: SIP/2.0/UDP 212.4.107.250;branch=z9hG4bK5974.c5c9aa24.2 Via: SIP/2.0/UDP 192.168.254.110:5060;rport=35379;received=212.4.97.115;branch=z9hG4bKdf5e0ceed72f3797 From: "20000004" sip:20000004@212.4.107.250;user=phone;tag=ab6ba13b2f38a04e To: sip:20000000@212.4.107.250;user=phone;tag=c0a80101-21188 Contact: sip:20000004@212.4.97.115:35379;transport=udp;user=phone Supported: path Call-ID: c177cae013da224d@192.168.254.110 CSeq: 29653 ACK User-Agent: Grandstream BT200 1.1.6.27 Max-Forwards: 69 Allow: INVITE,ACK,CANCEL,BYE,NOTIFY,REFER,OPTIONS,INFO,SUBSCRIBE,UPDATE,PRACK Content-Length: 0
# U +0.458031 212.4.97.115:55128 -> 212.4.107.250:5060 SIP/2.0 200 OK Via: SIP/2.0/UDP 212.4.107.250;branch=z9hG4bK5974.c5c9aa24.0 Via: SIP/2.0/UDP 192.168.254.110:5060;rport=35379;received=212.4.97.115;branch=z9hG4bK8f809670adc00668 From: "20000004"sip:20000004@212.4.107.250;user=phone;tag=ab6ba13b2f38a04e To: sip:20000000@212.4.107.250;user=phone;tag=c0a80101-21188 Call-ID: c177cae013da224d@192.168.254.110 CSeq: 29653 INVITE Require: timer Session-Expires: 100;refresher=uac Allow: INVITE,ACK,BYE,CANCEL,OPTIONS,PRACK,SUBSCRIBE,NOTIFY,UPDATE,REFER,REGISTER,INFO Contact: sip:20000000@192.168.254.101:5060;user=phone Record-Route: sip:212.4.107.250;lr=on;nat=yes Allow-Events: refer,dialog,message-summary,check-sync,talk,hold Content-Type: application/sdp Content-Length: 151
v=0 o=20000000 138812 138812 IN IP4 192.168.254.101 s=- c=IN IP4 192.168.254.101 t=0 0 m=audio 32448 RTP/AVP 0 a=rtpmap:0 PCMU/8000 a=sendrecv
# U +0.000246 212.4.107.250:5060 -> 212.4.97.115:35379 SIP/2.0 200 OK Via: SIP/2.0/UDP 192.168.254.110:5060;rport=35379;received=212.4.97.115;branch=z9hG4bK8f809670adc00668 From: "20000004"sip:20000004@212.4.107.250;user=phone;tag=ab6ba13b2f38a04e To: sip:20000000@212.4.107.250;user=phone;tag=c0a80101-21188 Call-ID: c177cae013da224d@192.168.254.110 CSeq: 29653 INVITE Require: timer Session-Expires: 100;refresher=uac Allow: INVITE,ACK,BYE,CANCEL,OPTIONS,PRACK,SUBSCRIBE,NOTIFY,UPDATE,REFER,REGISTER,INFO Contact: sip:20000000@192.168.254.101:5060;user=phone Record-Route: sip:212.4.107.250;lr=on;nat=yes Allow-Events: refer,dialog,message-summary,check-sync,talk,hold Content-Type: application/sdp Content-Length: 167
v=0 o=20000000 138812 138812 IN IP4 192.168.254.101 s=- c=IN IP4 212.4.107.250 t=0 0 m=audio 35754 RTP/AVP 0 a=rtpmap:0 PCMU/8000 a=sendrecv a=nortpproxy:yes
# U +0.999724 212.4.97.115:55128 -> 212.4.107.250:5060 SIP/2.0 200 OK Via: SIP/2.0/UDP 212.4.107.250;branch=z9hG4bK5974.c5c9aa24.0 Via: SIP/2.0/UDP 192.168.254.110:5060;rport=35379;received=212.4.97.115;branch=z9hG4bK8f809670adc00668 From: "20000004"sip:20000004@212.4.107.250;user=phone;tag=ab6ba13b2f38a04e To: sip:20000000@212.4.107.250;user=phone;tag=c0a80101-21188 Call-ID: c177cae013da224d@192.168.254.110 CSeq: 29653 INVITE Require: timer Session-Expires: 100;refresher=uac Allow: INVITE,ACK,BYE,CANCEL,OPTIONS,PRACK,SUBSCRIBE,NOTIFY,UPDATE,REFER,REGISTER,INFO Contact: sip:20000000@192.168.254.101:5060;user=phone Record-Route: sip:212.4.107.250;lr=on;nat=yes Allow-Events: refer,dialog,message-summary,check-sync,talk,hold Content-Type: application/sdp Content-Length: 151
v=0 o=20000000 138812 138812 IN IP4 192.168.254.101 s=- c=IN IP4 192.168.254.101 t=0 0 m=audio 32448 RTP/AVP 0 a=rtpmap:0 PCMU/8000 a=sendrecv
# U +0.000295 212.4.107.250:5060 -> 212.4.97.115:35379 SIP/2.0 200 OK Via: SIP/2.0/UDP 192.168.254.110:5060;rport=35379;received=212.4.97.115;branch=z9hG4bK8f809670adc00668 From: "20000004"sip:20000004@212.4.107.250;user=phone;tag=ab6ba13b2f38a04e To: sip:20000000@212.4.107.250;user=phone;tag=c0a80101-21188 Call-ID: c177cae013da224d@192.168.254.110 CSeq: 29653 INVITE Require: timer Session-Expires: 100;refresher=uac Allow: INVITE,ACK,BYE,CANCEL,OPTIONS,PRACK,SUBSCRIBE,NOTIFY,UPDATE,REFER,REGISTER,INFO Contact: sip:20000000@192.168.254.101:5060;user=phone Record-Route: sip:212.4.107.250;lr=on;nat=yes Allow-Events: refer,dialog,message-summary,check-sync,talk,hold Content-Type: application/sdp Content-Length: 167
v=0 o=20000000 138812 138812 IN IP4 192.168.254.101 s=- c=IN IP4 212.4.107.250 t=0 0 m=audio 35754 RTP/AVP 0 a=rtpmap:0 PCMU/8000 a=sendrecv a=nortpproxy:yes
I've just setup a similar configuration as yours.
Could you check the SDP payload of the SIP INVITE that goes from kamailio to the callee ? It should contains the IP address of rtpproxy and the port allocated by the proxy.
Regards, Pascal
On Thu, Jun 25, 2009 at 12:41 PM, rubenrojas - Trc.es rubenrojas@trc.eswrote:
Hello everyone, this is my first post on this list,
I have installed kamailio 1.5.1 and set up a vanilla default kamailio.cfg, then I have modified the cfg to activate mysql, domain, presence, nathelper and authentication with md5, everything works as supposed to, and the clients can register, send txt messages and talk to each other. The only problem is with the audio when the two clients are behind a NAT, the phones can make a call and it does ring too, but when you pick up there is no audio both ways.
when the phones have a public IP everything goes fine, it also works when I use a Linksys PAP2T whith the options to "Insert VIA received", "Insert VIA rport", "Handle VIA received", "Handle VIA rport" and "NAT mapping enable" turned on, with the Qutecom softphone works too.
This is happening with thomson phones (model ST 2022), and GrandStream Budge Tone 200, it happens no matter what options I set for NATting on the phones, I've even used stun with stunserver.org or the ekiga stunserver, the phones register and can make and recieve calls, but there is no audio when you pick up the call.
With a kamctl ul show, you can see that the phones have registered the Contact with their local IPs and the Received have the public IPs and ports for the NAT The only difference with the working Linksys is that they register the Contact with the public IP. Here you can see two NATed phones on the proxy
Domain:: location table=512 records=2 max_slot=1 AOR:: 20000004@212.4.107.250 Contact:: sip:20000004@192.168.254.110:5060;transport=udp;user=phone Q= Expires:: 1150 Callid:: 72ed03f6d2f390f9@192.168.254.110 Cseq:: 10003 User-agent:: Grandstream BT200 1.1.6.27 Received:: sip:212.4.97.115:35379 State:: CS_NEW Flags:: 0 Cflag:: 0 Socket:: udp:212.4.107.250:5060 Methods:: 7807 AOR:: 20000000@212.4.107.250 Contact:: sip:20000000@192.168.254.101:5060;user=phone Q= Expires:: 2945 Callid:: 17fe-c0a80101-5-1@192.168.254.101 Cseq:: 6 User-agent:: THOMSON ST2022 hw2 fw3.56 00-18-F6-B5-7E-06 Received:: sip:212.4.97.115:55128 State:: CS_NEW Flags:: 0 Cflag:: 0 Socket:: udp:212.4.107.250:5060 Methods:: 4294967295
Im using rtpproxy and there is no log error that indicates that rttpproxy isn't working, in fact doing a SIP trace shows rtpproxy setting ports for the audio. I run rtpproxy with this command:
rtpproxy -l 212.4.107.250 -s udp:localhost:7722 -F
Any help would be greatly appreciated, I've been two weeks looking for a solution
Im attaching my kamailio.cfg so you can take a look, at the end of the message Im gonna attache the SIP Trace of a call between two NATed phones (a Thomson and a GrandStream) in case anyone can help me decypher whats wrong here:
this is my cfg file
# # $Id: kamailio.cfg 5800 2009-04-20 11:01:49Z miconda $ # # Kamailio (OpenSER) SIP Server - basic configuration script # - web: http://www.kamailio.org # - svn: http://openser.svn.sourceforge.net/viewvc/openser/ # # Direct your questions about this file to: users@lists.kamailio.org # # Refer to the Core CookBook at http://www.kamailio.org/dokuwiki/doku.php # for an explanation of possible statements, functions and parameters. # # There are comments showing how to enable different features in th econfig # file. Such commented code starts with #X# where X is a letter to identify # a feature. Delete entire #X# if you want to enable that feature. Next are # sed commands that help you enable such features. # # *** To enamble mysql execute: # sed -i 's/#m#//g' kamailio.cfg # # *** To enamble authentication execute: # - enable mysql # sed -i 's/#a#//g' kamailio.cfg # - add users using 'kamctl' # # *** To enamble persistent user location execute: # - enable mysql # sed -i 's/#u#//g' kamailio.cfg # # *** To enamble presence server execute: # - enable mysql # sed -i 's/#p#//g' kamailio.cfg # # *** To enamble nat traversal execute: # sed -i 's/#n#//g' kamailio.cfg # - install RTPProxy: http://www.rtpproxy.org # - start RTPProxy: # rtpproxy -l _your_public_ip_ -s udp:localhost:7722 # # *** To enhance accounting execute: # - enable mysql # sed -i 's/#c#//g' kamailio.cfg # - add following columns to database # ALTER TABLE acc ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT ''; # ALTER TABLE acc ADD COLUMN src_domain VARCHAR(128) NOT NULL DEFAULT ''; # ALTER TABLE acc ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT ''; # ALTER TABLE acc ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT ''; # ALTER TABLE acc ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT ''; # ALTER TABLE missed_calls ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT ''; # ALTER TABLE missed_calls ADD COLUMN src_domain VARCHAR(128) NOT NULL DEFAULT ''; # ALTER TABLE missed_calls ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT ''; # ALTER TABLE missed_call ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT ''; # ALTER TABLE missed_calls ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT ''; #
####### Global Parameters #########
debug=3 log_stderror=no log_facility=LOG_LOCAL0
fork=yes children=4
/* uncomment the following lines to enable debugging */ #debug=6 #fork=no #log_stderror=yes
/* uncomment the next line to disable TCP (default on) */ #disable_tcp=yes
/* uncomment the next line to enable the auto temporary blacklisting of not available destinations (default disabled) */ #disable_dns_blacklist=no
/* uncomment the next line to enable IPv6 lookup after IPv4 dns lookup failures (default disabled) */ #dns_try_ipv6=yes
/* uncomment the next line to disable the auto discovery of local aliases based on revers DNS on IPs (default on) */ #auto_aliases=no
/* uncomment the following lines to enable TLS support (default off) */ #disable_tls = no #listen = tls:your_IP:5061 #tls_verify_server = 1 #tls_verify_client = 1 #tls_require_client_certificate = 0 #tls_method = TLSv1 #tls_certificate = "/usr/local/etc/kamailio/tls/user/user-cert.pem" #tls_private_key = "/usr/local/etc/kamailio/tls/user/user-privkey.pem" #tls_ca_list = "/usr/local/etc/kamailio/tls/user/user-calist.pem"
port=5060
/* uncomment and configure the following line if you want Kamailio to bind on a specific interface/port/proto (default bind on all available) */ #listen=udp:192.168.1.2:5060
####### Modules Section ########
#set module path mpath="/usr/local/lib/kamailio/modules/"
/* uncomment next line for MySQL DB support */ loadmodule "db_mysql.so" loadmodule "mi_fifo.so" loadmodule "sl.so" loadmodule "tm.so" loadmodule "rr.so" loadmodule "pv.so" loadmodule "maxfwd.so" loadmodule "usrloc.so" loadmodule "registrar.so" loadmodule "textops.so" loadmodule "uri_db.so" loadmodule "siputils.so" loadmodule "xlog.so" loadmodule "acc.so" /* uncomment next lines for MySQL based authentication support NOTE: a DB (like db_mysql) module must be also loaded */ loadmodule "auth.so" loadmodule "auth_db.so" /* uncomment next line for aliases support NOTE: a DB (like db_mysql) module must be also loaded */ #loadmodule "alias_db.so" /* uncomment next line for multi-domain support NOTE: a DB (like db_mysql) module must be also loaded NOTE: be sure and enable multi-domain support in all used modules (see "multi-module params" section ) */ loadmodule "domain.so" /* uncomment the next two lines for presence server support NOTE: a DB (like db_mysql) module must be also loaded */ loadmodule "presence.so" loadmodule "presence_xml.so" loadmodule "presence_mwi.so"#manually added
loadmodule "nathelper.so"
# ----------------- setting module-specific parameters ---------------
# ----- mi_fifo params ----- modparam("mi_fifo", "fifo_name", "/tmp/kamailio_fifo")
# ----- rr params ----- # add value to ;lr param to cope with most of the UAs modparam("rr", "enable_full_lr", 1) # do not append from tag to the RR (no need for this script) modparam("rr", "append_fromtag", 0)
# ----- rr params ----- modparam("registrar", "method_filtering", 1) /* uncomment the next line to disable parallel forking via location */ # modparam("registrar", "append_branches", 0) /* uncomment the next line not to allow more than 10 contacts per AOR */ #modparam("registrar", "max_contacts", 10)
# ----- uri_db params ----- /* by default we disable the DB support in the module as we do not need it in this configuration */ modparam("uri_db", "use_uri_table", 0) modparam("uri_db", "db_url", "")
# ----- acc params ----- /* what sepcial events should be accounted ? */ modparam("acc", "early_media", 1) modparam("acc", "report_ack", 1) modparam("acc", "report_cancels", 1) /* by default ww do not adjust the direct of the sequential requests. if you enable this parameter, be sure the enable "append_fromtag" in "rr" module */ modparam("acc", "detect_direction", 0) /* account triggers (flags) */ modparam("acc", "failed_transaction_flag", 3) modparam("acc", "log_flag", 1) modparam("acc", "log_missed_flag", 2) modparam("acc", "log_extra",
"src_user=$fU;src_domain=$fd;dst_ouser=$tU;dst_user=$rU;dst_domain=$rd") /* uncomment the following lines to enable DB accounting also */ #c#modparam("acc", "db_flag", 1) #c#modparam("acc", "db_missed_flag", 2) #c#modparam("domain", "db_url", #c# "mysql://openser:openserrw@localhost/openser") #c#modparam("acc", "db_extra", #c# "src_user=$fU;src_domain=$fd;dst_ouser=$tU;dst_user=$rU;dst_domain=$rd")
# ----- usrloc params ----- /* uncomment the following lines if you want to enable DB persistency for location entries */ #u#modparam("usrloc", "db_mode", 2) #u#modparam("usrloc", "db_url", #u# "mysql://openser:openserrw@localhost/openser")
# ----- auth_db params ----- /* uncomment the following lines if you want to enable the DB based authentication */ #a#modparam("auth_db", "calculate_ha1", yes) #a#modparam("auth_db", "password_column", "password") #a#modparam("auth_db", "db_url", #a# "mysql://openser:openserrw@localhost/openser") #a#modparam("auth_db", "load_credentials", "")
#parametros de autentificacion modificados manualmente modparam("auth_db", "user_column", "username") modparam("auth_db", "domain_column", "domain") modparam("auth_db", "password_column", "ha1") modparam("auth_db", "password_column_2", "ha1b") modparam("auth_db", "calculate_ha1", 0) #modparam("auth_db", "use_domain", 0) modparam("auth_db", "use_domain", 1)#0 encendemos con 1 porque utilizaremos multi-domain modparam("auth_db", "load_credentials", "rpid") modparam("auth_db", "db_url", "mysql://openser:openserrw@localhost/openser")
# ----- alias_db params ----- /* uncomment the following lines if you want to enable the DB based aliases */ #modparam("alias_db", "db_url", # "mysql://openser:openserrw@localhost/openser")
# ----- domain params ----- /* uncomment the following lines to enable multi-domain detection support */ modparam("domain", "db_url", "mysql://openser:openserrw@localhost/openser") modparam("domain", "db_mode", 1) # Use caching
# ----- multi-module params ----- /* uncomment the following line if you want to enable multi-domain support in the modules (dafault off) */ modparam("alias_db|auth_db|usrloc|uri_db", "use_domain", 1)
# ----- presence params ----- /* uncomment the following lines if you want to enable presence */ modparam("presence|presence_xml", "db_url", "mysql://openser:openserrw@localhost/openser") modparam("presence_xml", "force_active", 1) modparam("presence", "server_address", "sip:212.4.107.250:5060")
# -- nathelper modparam("nathelper", "rtpproxy_sock", "udp:127.0.0.1:7722") modparam("nathelper", "natping_interval", 15) modparam("nathelper", "ping_nated_only", 0) modparam("nathelper", "sipping_bflag", 7) modparam("nathelper", "sipping_from", "sip:pinger@212.4.107.250sip%3Apinger@212.4.107.250 ") modparam("registrar|nathelper", "received_avp", "$avp(i:80)") modparam("usrloc", "nat_bflag", 6) modparam("nathelper", "sipping_method", "OPTIONS")
####### Routing Logic ########
# main request routing logic
route{
if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); exit; } # NAT detection route(4); if (has_totag()) { # sequential request withing a dialog should # take the path determined by record-routing if (loose_route()) { if (is_method("BYE")) { setflag(1); # do accounting ... setflag(3); # ... even if the transactionfails } route(1); } else { if (is_method("SUBSCRIBE") && uri == myself) { # in-dialog subscribe requests route(2); exit; } if ( is_method("ACK") ) { if ( t_check_trans() ) { # non loose-route, but stateful ACK; must be an ACK after a 487 or e.g. 404 from upstream server t_relay(); exit; } else { # ACK without matching transaction ... ignore and discard.\n"); exit; } } sl_send_reply("404","Not here"); } exit; }
#initial requests # CANCEL processing if (is_method("CANCEL")) { if (t_check_trans()) { t_relay(); } exit; } t_check_trans(); # authentication route(3); # record routing if (!is_method("REGISTER|MESSAGE")) { record_route(); } # account only INVITEs if (is_method("INVITE")) { setflag(1); # do accounting } ##if (!uri==myself) /* replace with following line if multi-domain support is used */ if (!is_uri_host_local()) { append_hf("P-hint: outbound\r\n"); # if you have some interdomain connections via TLS ##if($rd=="tls_domain1.net") { ## t_relay("tls:domain1.net"); ## exit; ##} else if($rd=="tls_domain2.net") { ## t_relay("tls:domain2.net"); ## exit; ##} route(1); } # requests for my domain if( is_method("PUBLISH|SUBSCRIBE")) { route(2); } if (is_method("REGISTER")) { if (!save("location")) { sl_reply_error(); } exit; } if ($rU==NULL) { # request with no Username in RURI sl_send_reply("484","Address Incomplete"); exit; } # apply DB based aliases (uncomment to enable) ##alias_db_lookup("dbaliases"); if (!lookup("location")) { switch ($retcode) { case -1: case -3: t_newtran(); t_reply("404", "Not Found"); exit; case -2: sl_send_reply("405", "Method Not Allowed"); exit; } } # when routing via usrloc, log the missed calls also setflag(2); route(1);}
route[1] { if (check_route_param("nat=yes")) { setbflag(6); setbflag(7);# sipping } if (isflagset(5) || isbflagset(6)) { route(5); }
/* example how to enable some additional event routes */ if (is_method("INVITE")) { #t_on_branch("1"); t_on_reply("1"); t_on_failure("1"); } if (!t_relay()) { sl_reply_error(); } exit;}
# Presence route /* uncomment the whole following route for enabling presence server */ route[2] { if (!t_newtran()) { sl_reply_error(); exit; };
if(is_method("PUBLISH")) { handle_publish(); t_release(); } else if( is_method("SUBSCRIBE")) { handle_subscribe(); t_release(); } exit; # if presence enabled, this part will not be executed if (is_method("PUBLISH") || $rU==null) { sl_send_reply("404", "Not here"); exit; } return;}
# Authentication route /* uncomment the whole following route for enabling authentication */ route[3] { if (is_method("REGISTER")) { # authenticate the REGISTER requests (uncomment to enable auth) if (!www_authorize("", "subscriber")) { www_challenge("", "0"); exit; }
if ($au!=$tU) { sl_send_reply("403","Forbidden auth ID"); exit; } }# Auth only on registration #a# } else { #a# # authenticate if from local subscriber (uncomment to enable auth) #a# if (from_uri==myself) #a# { #a# if (!proxy_authorize("", "subscriber")) { #a# proxy_challenge("", "0"); #a# exit; #a# } #a# if (is_method("PUBLISH")) #a# { #a# if ($au!=$tU) { #a# sl_send_reply("403","Forbidden auth ID"); #a# exit; #a# } #a# } else { #a# if ($au!=$fU) { #a# sl_send_reply("403","Forbidden auth ID"); #a# exit; #a# } #a# } #a# #a# consume_credentials(); #a# # caller authenticated #a# } #a# } return; }
# Caller NAT detection route /* uncomment the whole following route for enabling Caller NAT Detection */ route[4]{ force_rport(); if (nat_uac_test("19")) { if (method=="REGISTER") { fix_nated_register(); } else { fix_nated_contact(); } setflag(5); } return; }
# RTPProxy control /* uncomment the whole following route for enabling RTPProxy Control */ route[5] { if (is_method("BYE")) { unforce_rtp_proxy(); } else if (is_method("INVITE")){ force_rtp_proxy(); } if (!has_totag()) add_rr_param(";nat=yes"); return; }
branch_route[1] { xdbg("new branch at $ru\n"); }
onreply_route[1] { xdbg("incoming reply\n");
if ((isflagset(5) || isbflagset(6)) &&status=~"(183)|(2[0-9][0-9])") { force_rtp_proxy(); } if (isbflagset(6)) { fix_nated_contact(); } }
failure_route[1] { if (is_method("INVITE") && (isbflagset(6) || isflagset(5))) { unforce_rtp_proxy(); }
if (t_was_cancelled()) { exit; } # uncomment the following lines if you want to block client # redirect based on 3xx replies. ##if (t_check_status("3[0-9][0-9]")) { ##t_reply("404","Not found"); ## exit; ##} # uncomment the following lines if you want to redirect the failed # calls to a different new destination ##if (t_check_status("486|408")) { ## sethostport("192.168.2.100:5060"); ## append_branch(); ## # do not set the missed call flag again ## t_relay(); ##}}
And here goes the SIP Trace for a NATed to NATed hardphones:
U +0.161561 212.4.97.115:35379 -> 212.4.107.250:5060 INVITE sip:20000000@212.4.107.250 sip%3A20000000@212.4.107.250;user=phone SIP/2.0 Via: SIP/2.0/UDP 192.168.254.110:5060;branch=z9hG4bK8f809670adc00668 From: "20000004" <sip:20000004@212.4.107.250sip%3A20000004@212.4.107.250 ;user=phone>;tag=ab6ba13b2f38a04e To: <sip:20000000@212.4.107.250 sip%3A20000000@212.4.107.250;user=phone> Contact: sip:20000004@192.168.254.110:5060;transport=udp;user=phone Supported: replaces, timer, path Call-ID: c177cae013da224d@192.168.254.110 CSeq: 29653 INVITE User-Agent: Grandstream BT200 1.1.6.27 Max-Forwards: 70 Allow: INVITE,ACK,CANCEL,BYE,NOTIFY,REFER,OPTIONS,INFO,SUBSCRIBE,UPDATE,PRACK Content-Type: application/sdp Content-Length: 332
v=0 o=20000004 8000 8000 IN IP4 192.168.254.110 s=SIP Call c=IN IP4 192.168.254.110 t=0 0 m=audio 40000 RTP/AVP 4 3 18 0 8 9 97 a=sendrecv a=rtpmap:4 G723/8000 a=rtpmap:3 GSM/8000 a=rtpmap:18 G729/8000 a=rtpmap:0 PCMU/8000 a=rtpmap:8 PCMA/8000 a=rtpmap:9 G722/8000 a=rtpmap:97 iLBC/8000 a=fmtp:97 mode=20 a=ptime:60
# U +0.000407 212.4.107.250:5060 -> 212.4.97.115:35379 SIP/2.0 100 Giving a try Via: SIP/2.0/UDP 192.168.254.110:5060 ;branch=z9hG4bK8f809670adc00668;rport=35379;received=212.4.97.115 From: "20000004" <sip:20000004@212.4.107.250sip%3A20000004@212.4.107.250 ;user=phone>;tag=ab6ba13b2f38a04e To: <sip:20000000@212.4.107.250 sip%3A20000000@212.4.107.250;user=phone> Call-ID: c177cae013da224d@192.168.254.110 CSeq: 29653 INVITE Server: Kamailio (1.5.1-notls (i386/linux)) Content-Length: 0
# U +0.000034 212.4.107.250:5060 -> 212.4.97.115:55128 INVITE sip:20000000@192.168.254.101:5060;user=phone SIP/2.0 Record-Route: sip:212.4.107.250;lr=on;nat=yes Via: SIP/2.0/UDP 212.4.107.250;branch=z9hG4bK5974.c5c9aa24.0 Via: SIP/2.0/UDP 192.168.254.110:5060 ;rport=35379;received=212.4.97.115;branch=z9hG4bK8f809670adc00668 From: "20000004" <sip:20000004@212.4.107.250sip%3A20000004@212.4.107.250 ;user=phone>;tag=ab6ba13b2f38a04e To: <sip:20000000@212.4.107.250 sip%3A20000000@212.4.107.250;user=phone> Contact: sip:20000004@212.4.97.115:35379;transport=udp;user=phone Supported: replaces, timer, path Call-ID: c177cae013da224d@192.168.254.110 CSeq: 29653 INVITE User-Agent: Grandstream BT200 1.1.6.27 Max-Forwards: 69 Allow: INVITE,ACK,CANCEL,BYE,NOTIFY,REFER,OPTIONS,INFO,SUBSCRIBE,UPDATE,PRACK Content-Type: application/sdp Content-Length: 348
v=0 o=20000004 8000 8000 IN IP4 192.168.254.110 s=SIP Call c=IN IP4 212.4.107.250 t=0 0 m=audio 35752 RTP/AVP 4 3 18 0 8 9 97 a=sendrecv a=rtpmap:4 G723/8000 a=rtpmap:3 GSM/8000 a=rtpmap:18 G729/8000 a=rtpmap:0 PCMU/8000 a=rtpmap:8 PCMA/8000 a=rtpmap:9 G722/8000 a=rtpmap:97 iLBC/8000 a=fmtp:97 mode=20 a=ptime:60 a=nortpproxy:yes
# U +0.019311 212.4.97.115:55128 -> 212.4.107.250:5060 SIP/2.0 100 Trying Via: SIP/2.0/UDP 212.4.107.250;branch=z9hG4bK5974.c5c9aa24.0 Via: SIP/2.0/UDP 192.168.254.110:5060 ;rport=35379;received=212.4.97.115;branch=z9hG4bK8f809670adc00668 From: "20000004"<sip:20000004@212.4.107.250 sip%3A20000004@212.4.107.250 ;user=phone>;tag=ab6ba13b2f38a04e To: <sip:20000000@212.4.107.250 sip%3A20000000@212.4.107.250;user=phone> Call-ID: c177cae013da224d@192.168.254.110 CSeq: 29653 INVITE Content-Length: 0
# U +0.030480 212.4.97.115:55128 -> 212.4.107.250:5060 SIP/2.0 180 Ringing Via: SIP/2.0/UDP 212.4.107.250;branch=z9hG4bK5974.c5c9aa24.0 Via: SIP/2.0/UDP 192.168.254.110:5060 ;rport=35379;received=212.4.97.115;branch=z9hG4bK8f809670adc00668 From: "20000004"<sip:20000004@212.4.107.250 sip%3A20000004@212.4.107.250 ;user=phone>;tag=ab6ba13b2f38a04e To: <sip:20000000@212.4.107.250 sip%3A20000000@212.4.107.250 ;user=phone>;tag=c0a80101-21188 Call-ID: c177cae013da224d@192.168.254.110 CSeq: 29653 INVITE Allow: INVITE,ACK,BYE,CANCEL,OPTIONS,PRACK,SUBSCRIBE,NOTIFY,UPDATE,REFER,REGISTER,INFO Contact: sip:20000000@192.168.254.101:5060;user=phone Record-Route: sip:212.4.107.250;lr=on;nat=yes Allow-Events: refer,dialog,message-summary,check-sync,talk,hold Content-Length: 0
# U +0.000083 212.4.107.250:5060 -> 212.4.97.115:35379 SIP/2.0 180 Ringing Via: SIP/2.0/UDP 192.168.254.110:5060 ;rport=35379;received=212.4.97.115;branch=z9hG4bK8f809670adc00668 From: "20000004"<sip:20000004@212.4.107.250 sip%3A20000004@212.4.107.250 ;user=phone>;tag=ab6ba13b2f38a04e To: <sip:20000000@212.4.107.250 sip%3A20000000@212.4.107.250 ;user=phone>;tag=c0a80101-21188 Call-ID: c177cae013da224d@192.168.254.110 CSeq: 29653 INVITE Allow: INVITE,ACK,BYE,CANCEL,OPTIONS,PRACK,SUBSCRIBE,NOTIFY,UPDATE,REFER,REGISTER,INFO Contact: sip:20000000@192.168.254.101:5060;user=phone Record-Route: sip:212.4.107.250;lr=on;nat=yes Allow-Events: refer,dialog,message-summary,check-sync,talk,hold Content-Length: 0
# U +6.510103 212.4.97.115:55128 -> 212.4.107.250:5060 SIP/2.0 200 OK Via: SIP/2.0/UDP 212.4.107.250;branch=z9hG4bK5974.c5c9aa24.0 Via: SIP/2.0/UDP 192.168.254.110:5060 ;rport=35379;received=212.4.97.115;branch=z9hG4bK8f809670adc00668 From: "20000004"<sip:20000004@212.4.107.250 sip%3A20000004@212.4.107.250 ;user=phone>;tag=ab6ba13b2f38a04e To: <sip:20000000@212.4.107.250 sip%3A20000000@212.4.107.250 ;user=phone>;tag=c0a80101-21188 Call-ID: c177cae013da224d@192.168.254.110 CSeq: 29653 INVITE Require: timer Session-Expires: 100;refresher=uac Allow: INVITE,ACK,BYE,CANCEL,OPTIONS,PRACK,SUBSCRIBE,NOTIFY,UPDATE,REFER,REGISTER,INFO Contact: sip:20000000@192.168.254.101:5060;user=phone Record-Route: sip:212.4.107.250;lr=on;nat=yes Allow-Events: refer,dialog,message-summary,check-sync,talk,hold Content-Type: application/sdp Content-Length: 151
v=0 o=20000000 138812 138812 IN IP4 192.168.254.101 s=- c=IN IP4 192.168.254.101 t=0 0 m=audio 32448 RTP/AVP 0 a=rtpmap:0 PCMU/8000 a=sendrecv
# U +0.000365 212.4.107.250:5060 -> 212.4.97.115:35379 SIP/2.0 200 OK Via: SIP/2.0/UDP 192.168.254.110:5060 ;rport=35379;received=212.4.97.115;branch=z9hG4bK8f809670adc00668 From: "20000004"<sip:20000004@212.4.107.250 sip%3A20000004@212.4.107.250 ;user=phone>;tag=ab6ba13b2f38a04e To: <sip:20000000@212.4.107.250 sip%3A20000000@212.4.107.250 ;user=phone>;tag=c0a80101-21188 Call-ID: c177cae013da224d@192.168.254.110 CSeq: 29653 INVITE Require: timer Session-Expires: 100;refresher=uac Allow: INVITE,ACK,BYE,CANCEL,OPTIONS,PRACK,SUBSCRIBE,NOTIFY,UPDATE,REFER,REGISTER,INFO Contact: sip:20000000@192.168.254.101:5060;user=phone Record-Route: sip:212.4.107.250;lr=on;nat=yes Allow-Events: refer,dialog,message-summary,check-sync,talk,hold Content-Type: application/sdp Content-Length: 167
v=0 o=20000000 138812 138812 IN IP4 192.168.254.101 s=- c=IN IP4 212.4.107.250 t=0 0 m=audio 35754 RTP/AVP 0 a=rtpmap:0 PCMU/8000 a=sendrecv a=nortpproxy:yes
# U +0.034122 212.4.97.115:35379 -> 212.4.107.250:5060 ACK sip:20000000@192.168.254.101:5060;user=phone SIP/2.0 Via: SIP/2.0/UDP 192.168.254.110:5060;branch=z9hG4bKdf5e0ceed72f3797 Route: sip:212.4.107.250;lr=on;nat=yes From: "20000004" <sip:20000004@212.4.107.250sip%3A20000004@212.4.107.250 ;user=phone>;tag=ab6ba13b2f38a04e To: <sip:20000000@212.4.107.250 sip%3A20000000@212.4.107.250 ;user=phone>;tag=c0a80101-21188 Contact: sip:20000004@192.168.254.110:5060;transport=udp;user=phone Supported: path Call-ID: c177cae013da224d@192.168.254.110 CSeq: 29653 ACK User-Agent: Grandstream BT200 1.1.6.27 Max-Forwards: 70 Allow: INVITE,ACK,CANCEL,BYE,NOTIFY,REFER,OPTIONS,INFO,SUBSCRIBE,UPDATE,PRACK Content-Length: 0
# U +0.000245 212.4.107.250:5060 -> 192.168.254.101:5060 ACK sip:20000000@192.168.254.101:5060;user=phone SIP/2.0 Via: SIP/2.0/UDP 212.4.107.250;branch=z9hG4bK5974.c5c9aa24.2 Via: SIP/2.0/UDP 192.168.254.110:5060 ;rport=35379;received=212.4.97.115;branch=z9hG4bKdf5e0ceed72f3797 From: "20000004" <sip:20000004@212.4.107.250sip%3A20000004@212.4.107.250 ;user=phone>;tag=ab6ba13b2f38a04e To: <sip:20000000@212.4.107.250 sip%3A20000000@212.4.107.250 ;user=phone>;tag=c0a80101-21188 Contact: sip:20000004@212.4.97.115:35379;transport=udp;user=phone Supported: path Call-ID: c177cae013da224d@192.168.254.110 CSeq: 29653 ACK User-Agent: Grandstream BT200 1.1.6.27 Max-Forwards: 69 Allow: INVITE,ACK,CANCEL,BYE,NOTIFY,REFER,OPTIONS,INFO,SUBSCRIBE,UPDATE,PRACK Content-Length: 0
# U +0.458031 212.4.97.115:55128 -> 212.4.107.250:5060 SIP/2.0 200 OK Via: SIP/2.0/UDP 212.4.107.250;branch=z9hG4bK5974.c5c9aa24.0 Via: SIP/2.0/UDP 192.168.254.110:5060 ;rport=35379;received=212.4.97.115;branch=z9hG4bK8f809670adc00668 From: "20000004"<sip:20000004@212.4.107.250 sip%3A20000004@212.4.107.250 ;user=phone>;tag=ab6ba13b2f38a04e To: <sip:20000000@212.4.107.250 sip%3A20000000@212.4.107.250 ;user=phone>;tag=c0a80101-21188 Call-ID: c177cae013da224d@192.168.254.110 CSeq: 29653 INVITE Require: timer Session-Expires: 100;refresher=uac Allow: INVITE,ACK,BYE,CANCEL,OPTIONS,PRACK,SUBSCRIBE,NOTIFY,UPDATE,REFER,REGISTER,INFO Contact: sip:20000000@192.168.254.101:5060;user=phone Record-Route: sip:212.4.107.250;lr=on;nat=yes Allow-Events: refer,dialog,message-summary,check-sync,talk,hold Content-Type: application/sdp Content-Length: 151
v=0 o=20000000 138812 138812 IN IP4 192.168.254.101 s=- c=IN IP4 192.168.254.101 t=0 0 m=audio 32448 RTP/AVP 0 a=rtpmap:0 PCMU/8000 a=sendrecv
# U +0.000246 212.4.107.250:5060 -> 212.4.97.115:35379 SIP/2.0 200 OK Via: SIP/2.0/UDP 192.168.254.110:5060 ;rport=35379;received=212.4.97.115;branch=z9hG4bK8f809670adc00668 From: "20000004"<sip:20000004@212.4.107.250 sip%3A20000004@212.4.107.250 ;user=phone>;tag=ab6ba13b2f38a04e To: <sip:20000000@212.4.107.250 sip%3A20000000@212.4.107.250 ;user=phone>;tag=c0a80101-21188 Call-ID: c177cae013da224d@192.168.254.110 CSeq: 29653 INVITE Require: timer Session-Expires: 100;refresher=uac Allow: INVITE,ACK,BYE,CANCEL,OPTIONS,PRACK,SUBSCRIBE,NOTIFY,UPDATE,REFER,REGISTER,INFO Contact: sip:20000000@192.168.254.101:5060;user=phone Record-Route: sip:212.4.107.250;lr=on;nat=yes Allow-Events: refer,dialog,message-summary,check-sync,talk,hold Content-Type: application/sdp Content-Length: 167
v=0 o=20000000 138812 138812 IN IP4 192.168.254.101 s=- c=IN IP4 212.4.107.250 t=0 0 m=audio 35754 RTP/AVP 0 a=rtpmap:0 PCMU/8000 a=sendrecv a=nortpproxy:yes
# U +0.999724 212.4.97.115:55128 -> 212.4.107.250:5060 SIP/2.0 200 OK Via: SIP/2.0/UDP 212.4.107.250;branch=z9hG4bK5974.c5c9aa24.0 Via: SIP/2.0/UDP 192.168.254.110:5060 ;rport=35379;received=212.4.97.115;branch=z9hG4bK8f809670adc00668 From: "20000004"<sip:20000004@212.4.107.250 sip%3A20000004@212.4.107.250 ;user=phone>;tag=ab6ba13b2f38a04e To: <sip:20000000@212.4.107.250 sip%3A20000000@212.4.107.250 ;user=phone>;tag=c0a80101-21188 Call-ID: c177cae013da224d@192.168.254.110 CSeq: 29653 INVITE Require: timer Session-Expires: 100;refresher=uac Allow: INVITE,ACK,BYE,CANCEL,OPTIONS,PRACK,SUBSCRIBE,NOTIFY,UPDATE,REFER,REGISTER,INFO Contact: sip:20000000@192.168.254.101:5060;user=phone Record-Route: sip:212.4.107.250;lr=on;nat=yes Allow-Events: refer,dialog,message-summary,check-sync,talk,hold Content-Type: application/sdp Content-Length: 151
v=0 o=20000000 138812 138812 IN IP4 192.168.254.101 s=- c=IN IP4 192.168.254.101 t=0 0 m=audio 32448 RTP/AVP 0 a=rtpmap:0 PCMU/8000 a=sendrecv
# U +0.000295 212.4.107.250:5060 -> 212.4.97.115:35379 SIP/2.0 200 OK Via: SIP/2.0/UDP 192.168.254.110:5060 ;rport=35379;received=212.4.97.115;branch=z9hG4bK8f809670adc00668 From: "20000004"<sip:20000004@212.4.107.250 sip%3A20000004@212.4.107.250 ;user=phone>;tag=ab6ba13b2f38a04e To: <sip:20000000@212.4.107.250 sip%3A20000000@212.4.107.250 ;user=phone>;tag=c0a80101-21188 Call-ID: c177cae013da224d@192.168.254.110 CSeq: 29653 INVITE Require: timer Session-Expires: 100;refresher=uac Allow: INVITE,ACK,BYE,CANCEL,OPTIONS,PRACK,SUBSCRIBE,NOTIFY,UPDATE,REFER,REGISTER,INFO Contact: sip:20000000@192.168.254.101:5060;user=phone Record-Route: sip:212.4.107.250;lr=on;nat=yes Allow-Events: refer,dialog,message-summary,check-sync,talk,hold Content-Type: application/sdp Content-Length: 167
v=0 o=20000000 138812 138812 IN IP4 192.168.254.101 s=- c=IN IP4 212.4.107.250 t=0 0 m=audio 35754 RTP/AVP 0 a=rtpmap:0 PCMU/8000 a=sendrecv a=nortpproxy:yes
Kamailio (OpenSER) - Users mailing list Users@lists.kamailio.org http://lists.kamailio.org/cgi-bin/mailman/listinfo/users http://lists.openser-project.org/cgi-bin/mailman/listinfo/users
I've just setup a similar configuration as yours.
Could you check the SDP payload of the SIP INVITE that goes from kamailio to the callee ? It should contains the IP address of rtpproxy and the port allocated by the proxy.
Regards, Pascal
On Thu, Jun 25, 2009 at 12:41 PM, rubenrojas - Trc.es rubenrojas@trc.eswrote:
Hello everyone, this is my first post on this list,
I have installed kamailio 1.5.1 and set up a vanilla default kamailio.cfg, then I have modified the cfg to activate mysql, domain, presence, nathelper and authentication with md5, everything works as supposed to, and the clients can register, send txt messages and talk to each other. The only problem is with the audio when the two clients are behind a NAT, the phones can make a call and it does ring too, but when you pick up there is no audio both ways.
when the phones have a public IP everything goes fine, it also works when I use a Linksys PAP2T whith the options to "Insert VIA received", "Insert VIA rport", "Handle VIA received", "Handle VIA rport" and "NAT mapping enable" turned on, with the Qutecom softphone works too. [...]
-
hh174 -
olivier taylor -
olivier.taylor@gmail.com
-
Pascal Maugeri -
rubenrojas - Trc.es