[Serusers] SER + Asterisk
sip
sip at infinideas.com
Thu May 25 21:17:29 CEST 2006
You have a proxy authorize block in your INVITE block, which will require the
client to send auth credentials. If it doesn't, it gets that error (which
usually is a signal to the client to then go ahead and send the credentials).
On Thu, 25 May 2006 19:43:46 +0100, Edgar Barbosa wrote
> Hi all,
>
> I'm trying to deploy a scenario where I have an openser as a sip proxy
> (taking care of registrations) in front of an asterisk (to handle
> pstn call routing/billing/etc).
>
> Both openser and asterisk authenticate users on the same database,
> and I'm able to register a UA on both.
>
> The problem is when I try to relay calls from openser to asterisk. I
> always get the following error: SIP/2.0 407 Proxy Authentication Required
>
> What am I missing here?
>
> My openser.cfg is the following:
>
> debug=3 # debug level (cmd line: -dddddddddd)
> fork=yes
> #log_stderror=no # (cmd line: -E)
>
> # Uncomment these lines to enter debugging mode
> #fork=no
> log_stderror=yes
>
> listen=192.168.64.102
> sip_warning=no
>
> #advertised_address=192.168.1.102
>
> reply_to_via=no
> check_via=no # (cmd. line: -v)
> dns=no # (cmd. line: -r)
> rev_dns=no # (cmd. line: -R)
> port=5060
> children=4
> fifo="/tmp/ser_fifo"
>
> # ------------------ module loading ----------------------------------
>
> # Uncomment this if you want to use SQL database
> loadmodule "/usr/lib/openser/modules/mysql.so"
>
> loadmodule "/usr/lib/openser/modules/sl.so"
> loadmodule "/usr/lib/openser/modules/tm.so"
> loadmodule "/usr/lib/openser/modules/rr.so"
> loadmodule "/usr/lib/openser/modules/maxfwd.so"
> loadmodule "/usr/lib/openser/modules/usrloc.so"
> loadmodule "/usr/lib/openser/modules/registrar.so"
> loadmodule "/usr/lib/openser/modules/nathelper.so"
> loadmodule "/usr/lib/openser/modules/textops.so"
> loadmodule "/usr/lib/openser/modules/xlog.so"
> loadmodule "/usr/lib/openser/modules/auth.so"
> loadmodule "/usr/lib/openser/modules/auth_db.so"
>
> # -- usrloc params --
> # Flush every 60 sec
> modparam("usrloc", "db_mode", 0)
>
> # -- auth params --
> modparam("auth_db", "db_url", "XXX")
> modparam("auth_db", "user_column", "accountcode")
> #modparam("auth_db", "domain_column", "accountcode")
> modparam("auth_db", "calculate_ha1", 1)
> modparam("auth_db", "password_column", "secret")
>
> # -- replication auth param --
> modparam("auth", "secret", "mysecret")
>
> # -- rr params --
> # add value to ;lr param to make some broken UAs happy
> modparam("rr", "enable_full_lr", 1)
>
> route{
>
> # initial sanity checks -- messages with
> # max_forwards==0, or excessively long requests
> if (!mf_process_maxfwd_header("10")) {
> sl_send_reply("483","Too Many Hops");
> return;
> };
> if ( msg:len > max_len ) {
> sl_send_reply("513", "Message too big");
> return;
> };
>
> force_rport();
> fix_nated_contact();
>
> if(uri == myself)
> {
> if(method == "REGISTER")
> {
> # Make sure they are a valid user on our
> proxy if(!www_authorize("", "astaccount"))
> { xlog("L_INFO",
> "Req Auth For %ct, URI = %ru\n");
> www_challenge("", "1"); return;
> };
>
> xlog("L_INFO", "Registered Contact %ct, URI
> = %ru\n"); save("location");
>
> return;
> };
> };
>
> record_route();
>
> # -----------------------------------------------------------
> -------
>
> # loose-route processing
> if(loose_route())
> {
> xlog("L_INFO", "loose_route(): Looking up %rm URI
> %ru from %is\n"); lookup("location");
> xlog("L_INFO", "loose_route(): t_relay() %rm to URI %ru\n");
> t_relay(); return; };
>
> if(method == "INVITE")
> {
>
> # Assume it came from one of our VoIP phones, all
> routing is done by Asterisk xlog("L_INFO",
> "%rm came from a VoIP phone (%is), attempting to authorize %fu\n");
>
> # Make sure they are a valid user on our
> proxy if (!www_authorize("", "astaccount"))
> {
> www_challenge("", "0");
> xlog("L_INFO", "Failed to authorize %fu
> (%is)\n"); return;
> };
>
> # Found a match, this is going to a VoIP
> phone xlog("L_INFO", "Auth OK, sending URI
> %ru to Asterisk for routing\n");
> rewritehostport("192.168.64.103:5060");
>
> xlog("L_INFO", "INVITE New URI = %ru, t_relay()ing
> now\n"); t_relay(); # forward(uri:host,
> uri:port); return; };
>
> # -----------------------------------------------------------
> -------
>
> # forward to current uri now; use stateful forwarding; that
> # works reliably even if we forward from TCP to UDP
> lookup("location");
> xlog("L_INFO", "Default t_relay() (method = %rm, URI = %ru,
> >From = %is)\n"); if(!t_relay()) {
> xlog("L_INFO", "Failed sending requesting %rm URI (%ru)\n");
> sl_reply_error(); }; }
>
> Thanks for your help
>
> _______________________________________________
> Serusers mailing list
> Serusers at lists.iptel.org
> http://lists.iptel.org/mailman/listinfo/serusers
More information about the sr-users
mailing list