[Serusers] Onsip.org ser.cfg + pstn + uac - can't authenticate ongateway

Greger V. Teigre greger at teigre.com
Thu Jun 16 08:59:39 CEST 2005


Cameron,
I'm pussled by your error:
SIP/2.0 500 I'm terribly sorry, server error occurred (1/SL)
that comes *before* you send the message to Asterisk.  Hopefully you have 
been able to get log messages in messages by now (your ser.cfg had 
log_stderror=yes, which is probably why you didn't get anything). If not, 
try changing ser.cfg to
debug=7
fork=no
log_stderror=yes

and then start ser with 'ser' (not serctl).

Also, as you say, it seems that Asterisk does not challenge SER. Your 
provider should be able to tell you the format of the ruri required to get a 
challenge.
g-)

Cameron Beattie wrote:
> I am trying the get the uac module working with the onsip.org ser.cfg
> (the pstn + mediaproxy version). I think the problem is related to the
> authentication on the gateway device. It doesn't seem to be
> challenging SER. Below is the SIP traffic and then the ser.cfg file. Any 
> suggestions
> would be appreciated. For information, the gateway (198.22.67.70) is
> provided by Nufone.net and is an Asterisk server, I believe.
>
> Thanks in advance for any advice.
>
> Regards
>
> Cameron
>
> U 147.202.xx.xxx:5060 -> 60.234.xxx.xxx:5060
>  SIP/2.0 100 trying -- your call is important to us..Via: SIP/2.0/UDP
> 192.168.0.11:5060;branch=z9hG4bK-fff17e3f;rport=5060;received=60.234
>  .xxx.xxx..From: <sip:user1 at mydomain.com>;tag=f9493da2f8a6d10ao0..To:
> <sip:00442070800000 at mydomain.com>..Call-ID: ce674b
>  82-e2fd1caa at 192.168.0.11..CSeq: 102 INVITE..Server: Sip EXpress
> router (0.9.2 (i386/linux))..Content-Length: 0..Warning: 392
> 147.202.xx.xxx:5060 "Noisy feedback tells:  pid=6752
> req_src_ip=60.234.xxx.xxx req_src_port=5060
>  in_uri=sip:00442070800000 at mydomain.com out_uri
> =sip:00442070800000 at 198.22.67.70 via_cnt==1".... ##
> U 147.202.xx.xxx:5060 -> 198.22.67.70:5060
>  INVITE sip:00442070800000 at 198.22.67.70 SIP/2.0..Record-Route:
> <sip:00442070800000 at 147.202.xx.xxx:5060;nat=yes;ftag=f9493da2f8a6d10ao0;lr=on>.
>  .Via: SIP/2.0/UDP 147.202.xx.xxx;branch=z9hG4bK8b0a.2871d5c2.0..Via:
> SIP/2.0/UDP 192.168.0.11:5060;rport=5060;received=60.234.xxx.xxx;bran
>  ch=z9hG4bK-fff17e3f..From:
> <sip:user1 at mydomain.com>;tag=f9493da2f8a6d10ao0..To:
> <sip:00442070800000 at mydomain.com>..Cal
>  l-ID: ce674b82-e2fd1caa at 192.168.0.11..CSeq: 102 INVITE..Max-Forwards:
> 16..Contact: <sip:user1 at 60.234.xxx.xxx:5060>..Expires: 240..User-
>  Agent: Sipura/SPA3000-3.1.3(GWa)..Content-Length: 424..Allow: ACK,
> BYE, CANCEL, INFO, INVITE, NOTIFY, OPTIONS, REFER..Supported: x-sipura
>  ..Content-Type: application/sdp....v=0..o=- 757701 757701 IN IP4
> 192.168.0.11..s=-..c=IN IP4 147.202.xx.xxx..t=0 0..m=audio 35026
>   RTP/AVP 0 2 4 8 18 96 97 98 100 101..a=rtpmap:0
> PCMU/8000..a=rtpmap:2 G726-32/8000..a=rtpmap:4 G723/8000..a=rtpmap:8
>  PCMA/8000..a=rtpmap:18 G729 a/8000..a=rtpmap:96
> G726-40/8000..a=rtpmap:97 G726-24/8000..a=rtpmap:98
>  G726-16/8000..a=rtpmap:100 NSE/8000..a=rtpmap:101 telephone-event
> /8000..a=fmtp:101 0-15..a=ptime:30..a=sendrecv.. #
> U 147.202.xx.xxx:5060 -> 60.234.xxx.xxx:5060
>  SIP/2.0 500 I'm terribly sorry, server error occurred (1/SL)..Via:
> SIP/2.0/UDP 192.168.0.11:5060;branch=z9hG4bK-fff17e3f;rport=5060;recei
>  ved=60.234.xxx.xxx..From:
> <sip:user1 at mydomain.com>;tag=f9493da2f8a6d10ao0..To:
> <sip:00442070800000 at mydomain.com>;tag=66
>  9cac32ae43cfbf664b867e0fb4dd5a.572f..Call-ID:
> ce674b82-e2fd1caa at 192.168.0.11..CSeq: 102 INVITE..Server: Sip EXpress
> router (0.9.2 (i386/l
>  inux))..Content-Length: 0..Warning: 392 147.202.xx.xxx:5060 "Noisy
> feedback tells:  pid=6752 req_src_ip=60.234.xxx.xxx req_src_port=5060
>  i n_uri=sip:00442070800000 at mydomain.com
> out_uri=sip:00442070800000 at 198.22.67.70 via_cnt==1"....
> ##
> U 198.22.67.70:5060 -> 147.202.xx.xxx:5060
>  SIP/2.0 404 Not Found..Via: SIP/2.0/UDP
> 147.202.xx.xxx;branch=z9hG4bK8b0a.2871d5c2.0..Via: SIP/2.0/UDP
> 192.168.0.11:5060;received=60.234.
>  xxx.xxx;branch=z9hG4bK-fff17e3f..From:
> <sip:user1 at mydomain.com>;tag=f9493da2f8a6d10ao0..To:
> <sip:00442070800000 at mydomain.com>;tag=as40c6caec..Call-ID:
> ce674b82-e2fd1caa at 192.168.0.11..CSeq: 102 INVITE..User-Agent: Asterisk
> PBX..Allow: INVITE, ACK, CANCEL, O
>  PTIONS, BYE, REFER, NOTIFY..Contact:
> <sip:00442070800000 at 198.22.67.70>..Content-Length: 0....
> #
> U 147.202.xx.xxx:5060 -> 198.22.67.70:5060
>  ACK sip:00442070800000 at 198.22.67.70 SIP/2.0..Via: SIP/2.0/UDP
> 147.202.xx.xxx;branch=z9hG4bK8b0a.2871d5c2.0..From:
> <sip:user1 at mydomain.com>;tag=f9493da2f8a6d10ao0..Call-ID:
> ce674b82-e2fd1caa at 192.168.0.11..To:
> <sip:00442070800000 at mydomain.com>;tag=as40c6caec.
>  .CSeq: 102 ACK..User-Agent: Sip EXpress router(0.9.2
> (i386/linux))..Content-Length: 0....
>
> My ser.cfg is below:
> debug=3
> fork=yes
> #fork=no
> log_stderror=yes
> check_via=no
> dns=no
> rev_dns=no
> fifo="/tmp/ser_fifo"
> fifo_db_url="mysql://user:password@localhost/ser"
> sock_mode=0666
> #fifo_mode=0666
> #fifo_user=root
> listen=147.202.xx.xxx
> port=5060
> children=4
>
> loadmodule "/usr/local/lib/ser/modules/mysql.so"
> loadmodule "/usr/local/lib/ser/modules/sl.so"
> loadmodule "/usr/local/lib/ser/modules/tm.so"
> loadmodule "/usr/local/lib/ser/modules/rr.so"
> loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
> loadmodule "/usr/local/lib/ser/modules/usrloc.so"
> loadmodule "/usr/local/lib/ser/modules/registrar.so"
> loadmodule "/usr/local/lib/ser/modules/auth.so"
> loadmodule "/usr/local/lib/ser/modules/auth_db.so"
> loadmodule "/usr/local/lib/ser/modules/uri.so"
> loadmodule "/usr/local/lib/ser/modules/uri_db.so"
> loadmodule "/usr/local/lib/ser/modules/avpops.so"
> loadmodule "/usr/local/lib/ser/modules/mediaproxy.so"
> loadmodule "/usr/local/lib/ser/modules/nathelper.so"
> loadmodule "/usr/local/lib/ser/modules/textops.so"
> loadmodule "/usr/local/lib/ser/modules/domain.so"
> loadmodule "/usr/local/lib/ser/modules/permissions.so"
>
> loadmodule "/usr/local/lib/ser/modules/acc.so"
> loadmodule "/usr/local/lib/ser/modules/uac.so"
>
> modparam("auth_db|permissions|uri_db|usrloc|acc", "db_url", "mysql://
> user:password @localhost/ser")
> modparam("auth_db", "calculate_ha1", 1)
> modparam("auth_db", "password_column", "password")
>
> modparam("nathelper", "rtpproxy_disable", 1)
> modparam("nathelper", "natping_interval", 0)
>
> modparam("mediaproxy","natping_interval", 30)
> modparam("mediaproxy","mediaproxy_socket", "/var/run/mediaproxy.sock")
> modparam("mediaproxy","sip_asymmetrics","/usr/local/etc/ser/sip-clients")
> modparam("mediaproxy","rtp_asymmetrics","/usr/local/etc/ser/rtp-clients")
>
> modparam("usrloc", "db_mode", 2)
>
> modparam("registrar", "nat_flag", 6)
>
> modparam("rr", "enable_full_lr", 1)
>
> modparam("tm", "fr_inv_timer", 27)
> modparam("tm", "fr_inv_timer_avp", "inv_timeout")
>
> modparam("permissions", "db_mode", 1)
> modparam("permissions", "trusted_table", "trusted")
>
> modparam("acc", "db_flag", 1)
> modparam("acc", "db_missed_flag", 3)
>
> modparam("uac","credential","user:asterisk:password")
>
> route {
>
>            #
>           ----------------------------------------------------------------- 
> #
> Sanity Check Section #
> ----------------------------------------------------------------- if
> (!mf_process_maxfwd_header("10")) { sl_send_reply("483", "Too Many
> Hops"); break; };
>            if (msg:len > max_len) {
>                        sl_send_reply("513", "Message Overflow");
>                        break;
>            };
>
>            #
>           ----------------------------------------------------------------- 
> #
>            Record Route Section #
>                       ----------------------------------------------------------------- 
> if
> (method=="INVITE" && client_nat_test("3")) {
> record_route_preset("147.202.xx.xxx:5060;nat=yes"); # insert IP
> address } else if (method!="REGISTER") { record_route(); };
>            #
>           ----------------------------------------------------------------- 
> #
> Call Tear Down Section #
> ----------------------------------------------------------------- if
> (method=="BYE" || method=="CANCEL") { setflag(1);
> end_media_session(); };
>            #
>           ----------------------------------------------------------------- 
> #
> Loose Route Section #
> ----------------------------------------------------------------- if
> (loose_route()) {
>                        if (has_totag() && (method=="INVITE"  ||
> method=="ACK")) {
>
>                                    if (client_nat_test("3") ||
> search("^Route:.*;nat=yes")) {
>                                                setflag(6);
>                                                use_media_proxy();
>                                    };
>                        };
>
>                        route(1);
>                        break;
>            };
>
>            #
>           ----------------------------------------------------------------- 
> #
> Call Type Processing Section #
> ----------------------------------------------------------------- 
>            if (uri!=myself) {
>                        route(5);
>                        route(1);
>                        break;
>            };
>
>            if (uri==myself) {
>
>                        if (method=="ACK") {
>                                    route(6);
>                                    break;
>                        } else if (method=="CANCEL") {
>                                    route(3);
>                                    break;
>                        } else if (method=="INVITE") {
>                                    route(3);
>                                    break;
>                        } else   if (method=="REGISTER") {
>                                    route(2);
>                                    break;
>                        };
>
>                        lookup("aliases");
>                        if (uri!=myself) {
>                                    route(5);
>                                    route(1);
>                                    break;
>                        };
>
>                        if (!lookup("location")) {
>                                    sl_send_reply("404", "User Not
>                                    Found"); break;
>                        };
>            };
>
>            route(1);
>
> }
>
> route[1] {
>
>            #
>           ----------------------------------------------------------------- 
> #
> Default Message Handler #
> ----------------------------------------------------------------- 
>            if (!t_relay()) {
>
>                        if (method=="INVITE" || method=="ACK") {
>                                    end_media_session();
>                        };
>
>                        sl_reply_error();
>            };
> }
>
> route[2] {
>
>            #
>           ----------------------------------------------------------------- 
> #
> REGISTER Message Handler #
> ---------------------------------------------------------------- 
>            sl_send_reply("100", "Trying");
>
>            if (!search("^Contact: \*") && client_nat_test("7")) {
>                        setflag(6);
>                        fix_nated_register();
>                        force_rport();
>            };
>
>            if (!www_authorize("","subscriber")) {
>                        www_challenge("","0");
>                        break;
>            };
>
>            if (!check_to()) {
>                        sl_send_reply("401", "Unauthorized");
>                        break;
>            };
>
>            consume_credentials();
>
>            if (!save("location")) {
>                        sl_reply_error();
>            };
> }
>
> route[3] {
>
>            #
>           ----------------------------------------------------------------- 
> #
> CANCEL and INVITE Message Handler #
> ----------------------------------------------------------------- 
>            if (client_nat_test("3")) {
>                        setflag(7);
>                        force_rport();
>                        fix_nated_contact();
>            };
>
>            if (method=="INVITE" && !allow_trusted()) {
>
>                        if (!proxy_authorize("","subscriber")) {
>                                    proxy_challenge("","0");
>                                    break;
>                        } else if (!check_from()) {
>                                    sl_send_reply("403", "Use
>                                    From=ID"); break;
>                        };
>
>                        consume_credentials();
>            };
>
>            lookup("aliases");
>            if (uri!=myself) {
>                        route(5);
>                        route(1);
>                        break;
>            };
>
>            if (uri=~"^sip:[+|00][0-9]*@") {           # International
>                        PSTN route(4);
>                        break;
>            };
>
>            if (!lookup("location")) {
>                        if (uri=~"^sip:[0-9]{8}@") {     # Domestic
>                                    PSTN route(4);
>                                    break;
>                        };
>
>                        sl_send_reply("404", "User Not Found");
>                        break;
>            };
>
>            if (method=="CANCEL") {
>                        route(1);
>                        break;
>            };
>
>            setflag(1);
>            setflag(3);
>
>            route(5);
>            route(1);
> }
>
> route[4] {
>
>            #
>           ----------------------------------------------------------------- 
> #
> PSTN Handler #
> ----------------------------------------------------------------- 
>
>            avp_write("i:45", "inv_timeout");
>
>            route(5);
>            t_on_failure("4");
>            resetflag(8);
>            t_relay_to_udp("198.22.67.70","5060");
>            route(1);
> }
>
> route[5] {
>
>            #
>           ----------------------------------------------------------------- 
> #
> RTP Proxy Enabler #
> ----------------------------------------------------------------- 
>            if (isflagset(6) || isflagset(7)) {
>                        use_media_proxy();
>            };
> }
>
> route[6] {
>
>            #
>           ------------------------------------------------------------------------
> # ACK Handler #
> ------------------------------------------------------------------------
>
>            #
>           ------------------------------------------------------------------------
> # Aliases Section #
> ------------------------------------------------------------------------
> lookup("aliases"); if (uri!=myself) { route(1); break; };
>            lookup("location");
>
>            route(1);
> }
>
>
> onreply_route[1]
> {
>            if ((isflagset(6) || isflagset(7)) &&
> (status=~"(180)|(183)|2[0-9][0-9]")) {
>
>                        if (!search("^Content-Length:\ 0")) {
>                                    use_media_proxy();
>                        };
>            };
>
>            if (client_nat_test("1")) {
>                        fix_nated_contact();
>            };
> }
>
> failure_route[5]
> {
>            if (t_check_status("401|407"))
>            {
>                        if (isflagset(8))
>                        {
>                                    t_reply("503","Auth failed");
>                                    break;
>                        }
>                        if (uac_auth())
>                        {
>                                    setflag(8);
>                                    t_on_failure("5");
>                                    append_branch();
>                                    t_relay();
>                        }
>            }
> }
>
> _______________________________________________
> Serusers mailing list
> serusers at lists.iptel.org
> http://lists.iptel.org/mailman/listinfo/serusers 




More information about the sr-users mailing list