[Serusers] Newby: What am i doing wrong
Jan Janak
jan at iptel.org
Wed Aug 6 10:25:19 CEST 2003
Hello,
message "Credentials with given realm not found" means, that the server
was unable to find digest credentials with the realm you configured in
the configuration script ("casinoreality.co.uk" in your case).
Check if SIP messages sent by your useragents contain credentials with
this realm. You can use ngrep (http://ngrep.sourceforge.net ) to watch
the SIP traffic.
Maybe we can tell you more if you send us SIP message dumps.
Jan.
On 06-08 11:14, Nicholas Irving wrote:
> Hi all,
> Just did a check from within the internal network in London and I can
> connect fine.
>
> So it looks like it is an issue with either the PIX 515 or with my Dlink
> ADSL router.
>
> Has anybody experienced any problems and found solutions?
>
> Thanks
>
> Nicholas Irving
> nirving at casinoreality.com
>
> -----Original Message-----
> From: serusers-bounces at iptel.org [mailto:serusers-bounces at lists.iptel.org] On
> Behalf Of Nicholas Irving
> Sent: 06 August 2003 10:38
> To: serusers at lists.iptel.org
> Subject: [Serusers] Newby: What am i doing wrong
>
>
> Hi all,
> I have been hunting for a solution to my problem now for a couple of
> days. I am trying to set up connectivity so that we can have conference
> calling using X-Pro (http://www.xten.com/) as I live in Australia and
> our company is based in New York, London and Costa Rica. I have
> installed ser from the CVS file as I have read that it solves a number
> of bugs, but cannot get out of this problem of not being able to log
> into the service.
>
> Here is the setup.
> SER is installed in London on RedHat 7.1 with MYSQL / SerWeb and sits
> behind a Cisco PIX 515UR (NAT) with 5060 open and no fixup happening. I
> am located in Australia behind a DLINK 604+ router with NAT installed.
>
> I can connect to SER fine as I am running it now with debugging to the
> command line, but I keep getting the same error in the log file.
>
> 0(1464) pre_auth(): Credentials with given realm not found
>
> I have tried setting up using Windows Messenger and still get the same
> errror.
> I have configured the DNS server to return the correct IP 10.0.0.20 when
> It looks up casinoreality.co.uk as I thought that was a problem.
>
> Am I making a simple mistake?
>
> Thanks in advance.
>
> Nicholas Irving
> nirving at casinoreality.com
>
> Here is the log that is being produced.
>
> 0(1464) parse_headers: flags=-1
> 0(1464) check_via_address(220.240.68.206, 220.240.68.206, 0)
> 0(1464) receive_msg: cleaning up
> 0(1464) SIP Request:
> 0(1464) method: <REGISTER>
> 0(1464) uri: <sip:casinoreality.co.uk>
> 0(1464) version: <SIP/2.0>
> 0(1464) parse_headers: flags=1
> 0(1464) end of header reached, state=5
> 0(1464) parse_headers: Via found, flags=1
> 0(1464) parse_headers: this is the first via
> 0(1464) After parse_msg...
> 0(1464) preparing to run routing scripts...
> 0(1464) DEBUG : is_maxfwd_present: searching for max_forwards header
> 0(1464) parse_headers: flags=128
> 0(1464) end of header reached, state=9
> 0(1464) DEBUG: get_hdr_field: <To> [32];
> uri=[sip:8910 at casinoreality.co.uk]
> 0(1464) DEBUG: to body [<sip:8910 at casinoreality.co.uk>]
> 0(1464) get_hdr_field: cseq <CSeq>: <5620> <REGISTER>
> 0(1464) DEBUG: get_hdr_body : content_length=0
> 0(1464) found end of header
> 0(1464) DEBUG: is_maxfwd_present: max_forwards header not found!
> 0(1464) end of header reached, state=9
> 0(1464) parse_headers: flags=256
> 0(1464) find_first_route(): No Route headers found
> 0(1464) loose_route(): There is no Route HF
> 0(1464) parse_headers: flags=4096
> 0(1464) pre_auth(): Credentials with given realm not found
> 0(1464) build_auth_hf(): 'WWW-Authenticate: Digest
> realm="casinoreality.co.uk",
> nonce="3f305b98bc1835283fec5e1c6b584776470624c5"
> '
> 0(1464) parse_headers: flags=-1
> 0(1464) check_via_address(220.240.68.206, 220.240.68.206, 0)
> 0(1464) receive_msg: cleaning up
>
> Here is a copy of my config
>
> #
> # $Id: ser.cfg,v 1.21 2003/06/04 13:47:36 jiri Exp $
> #
> # simple quick-start config script
> #
>
> # ----------- global configuration parameters ------------------------
>
> debug=7 # debug level (cmd line: -dddddddddd)
> fork=no
> log_stderror=yes # (cmd line: -E)
>
> /* Uncomment these lines to enter debugging mode
> debug=7
> fork=no
> log_stderror=yes
> */
>
> check_via=no # (cmd. line: -v)
> dns=no # (cmd. line: -r)
> rev_dns=no # (cmd. line: -R)
> port=5060
> children=4
> fifo="/tmp/ser_fifo"
>
> # ------------------ module loading ----------------------------------
>
> # Uncomment this if you want to use SQL database
> loadmodule "/usr/local/lib/ser/modules/mysql.so"
>
> loadmodule "/usr/local/lib/ser/modules/sl.so"
> loadmodule "/usr/local/lib/ser/modules/tm.so"
> loadmodule "/usr/local/lib/ser/modules/rr.so"
> loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
> loadmodule "/usr/local/lib/ser/modules/usrloc.so"
> loadmodule "/usr/local/lib/ser/modules/registrar.so"
>
> # Uncomment this if you want digest authentication
> # mysql.so must be loaded !
> loadmodule "/usr/local/lib/ser/modules/auth.so"
> loadmodule "/usr/local/lib/ser/modules/auth_db.so"
>
> # ----------------- setting module-specific parameters ---------------
>
> # -- usrloc params --
>
> #modparam("usrloc", "db_mode", 0)
>
> # Uncomment this if you want to use SQL database
> # for persistent storage and comment the previous line
> modparam("usrloc", "db_mode", 2)
>
> # -- auth params --
> # Uncomment if you are using auth module
> #
> modparam("auth_db", "calculate_ha1", yes)
> #
> # If you set "calculate_ha1" parameter to yes (which true in this
> config), # uncomment also the following parameter) # modparam("auth_db",
> "password_column", "password")
>
> # -- rr params --
> # add value to ;lr param to make some broken UAs happy modparam("rr",
> "enable_full_lr", 1)
>
> # ------------------------- request routing logic -------------------
>
> # main routing logic
>
> route{
>
> # initial sanity checks -- messages with
> # max_forwards==0, or excessively long requests
> if (!mf_process_maxfwd_header("10")) {
> sl_send_reply("483","Too Many Hops");
> break;
> };
> if (len_gt( max_len )) {
> sl_send_reply("513", "Message too big");
> break;
> };
>
> # we record-route all messages -- to make sure that
> # subsequent messages will go through our proxy; that's
> # particularly good if upstream and downstream entities
> # use different transport protocol
> record_route();
> # loose-route processing
> if (loose_route()) {
> t_relay();
> break;
> };
>
> # if the request is for other domain use UsrLoc
> # (in case, it does not work, use the following command
> # with proper names and addresses in it)
> if (uri=~"casinoreality.co.uk") {
>
> if (method=="REGISTER") {
>
> # Uncomment this if you want to use digest authentication
> if (!www_authorize("casinoreality.co.uk",
> "subscriber")) {
> www_challenge("casinoreality.co.uk",
> "0");
> break;
> };
>
> save("location");
> break;
> };
>
> # native SIP destinations are handled using our USRLOC
> DB
> if (!lookup("location")) {
> sl_send_reply("404", "Not Found");
> break;
> };
> };
> # forward to current uri now; use stateful forwarding; that
> # works reliably even if we forward from TCP to UDP
> if (!t_relay()) {
> sl_reply_error();
> };
>
> }
>
> _______________________________________________
> Serusers mailing list
> serusers at lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
>
> _______________________________________________
> Serusers mailing list
> serusers at lists.iptel.org
> http://lists.iptel.org/mailman/listinfo/serusers
More information about the sr-users
mailing list