[Users] Re: Double Registration with Openser proxy and Openser registrar

Sat Oct 14 20:17:41 CEST 2006

did you use fix_nated_contact()? Any error message in the log?

Cheers,
Daniel

On 10/13/06 13:18, Lindsey Hans Joseph Lao wrote:
> It worked!  :-)       Thanks! Unfortunately, I'm still not able to 
> make calls... Must be the routing logic in my transparent proxy... 
> Anyway, how come the nathelper module in my transparent proxy did not 
> change the contact headers? any ideas? Thanks!
>
> Daniel-Constantin Mierla wrote:
>> This is quite tough to achieve, try save_noreply("location") instead 
>> of save("location") on the transparent proxy. Alternative is to look 
>> at the path module and PATH extension in SIP.
>>
>> Cheers,
>> Daniel
>>
>>
>> On 10/13/06 10:51, Lindsey Hans Joseph Lao wrote:
>>> Hello Daniel,
>>>
>>> Yes, the authentication happens in the registrar. Basically, this is 
>>> what I wanted to happen:
>>>
>>> client's sip phone is only configured with the registrar's IP. we 
>>> are deploying openser as a transparent proxy (since client does not 
>>> know sip traffic is routed to a proxy with only the registrar's IP 
>>> configured in their sip phone) and as an application level gateway 
>>> (since we intend that private IP to public IP translation happens in 
>>> the openser proxy). Unfortunately, fix_nated_contact and 
>>> fix_nated_register won't work which led me to use subst function 
>>> from textops module. I only need to save userlocation in the Openser 
>>> proxy since it will be used to route calls for clients behind NAT.
>>>
>>> I am able to save userlocation in openser. However, registration 
>>> does not complete in the registrar side. The registrar responds with 
>>> a 401 Unauthoriezed message and my client/proxy no longer responds 
>>> with a register message containing credentials, thus no completing 
>>> the register process. I tried placing a save("location") in my 
>>> onreply route but it won't allow me. Can you help me on this?
>>>
>>> Best Regards,
>>> Hans
>>>
>>> Daniel-Constantin Mierla wrote:
>>>>
>>>>
>>>> On 10/12/06 09:41, Lindsey Hans Joseph Lao wrote:
>>>>> Hello,
>>>>>
>>>>> I currently have this setup
>>>>>
>>>>> client --> (private interface) OpenSER (public interface) --> 
>>>>> registrar (public)
>>>>>
>>>>> In this scenario, I am configuring OpenSER to function as an 
>>>>> application level gateway and at the same time a proxy server. I 
>>>>> was able to successfully manipulate the contact headers thru 
>>>>> textops module such a way that the IP registering in the registrar 
>>>>> is the public one.  NAThelper's fix_nated_contact and 
>>>>> fix_nated_register won't work. No idea why...  What I want to 
>>>>> happen is that registration requests from the client would 
>>>>> register with OpenSER (save in userlocation) and also register 
>>>>> with the registrar, is there a way to do this?
>>>> it is possible, who is doing the authentication? the registrar? In 
>>>> this case is is a bit complicated and you may need to do some 
>>>> development, because you will have to take care of the replies to 
>>>> REGISTERs, if they are not 200OK you have to remove the contact 
>>>> from OpenSER. You can use save_noreply() in OpenSER not to sent the 
>>>> reply.
>>>>
>>>> Cheers,
>>>> Daniel
>>>>
>>>>>
>>>>> I'm using this script in the my proxy server such that if the 
>>>>> destination uri is not intended for my proxy, it would substitute 
>>>>> the contact headers and save it in "location" then relay the 
>>>>> register request to its destination:
>>>>>
>>>>>       lookup("aliases");
>>>>>       if(uri != myself)
>>>>>       {
>>>>>
>>>>>                if(is_method("REGISTER"))
>>>>>                {
>>>>>                        append_hf("P-hint: Registration applied\r\n");
>>>>>                        
>>>>> subst('/Contact:(.*)<sip:(.*)@(.*)>/Contact:<sip:\1 at 10.3.2.38:5060>/ig'); 
>>>>>
>>>>>                        save("location");
>>>>>                         t_relay();
>>>>>                        exit;
>>>>>                };
>>>>>
>>>>> My problem is I am able to log in (i'm using xlite softphone) but 
>>>>> upon checking the sip messages, it shows an 401 unauthorized 
>>>>> message response from the server. Can anyone help me on this?
>>>>>
>>>>> Thanks much!
>>>>> Hans
>>>
>>>
>