[Serusers] SER & Asterisk (IVR problem)

Thu Sep 7 16:52:43 CEST 2006

Hi,
Well I don't think I could skip the authorization process because there are
analogical devices which need to be authenticated, so it would create
problems.
How do I add the Asterisk Server to the trust tables?
I'm actually thinking of adding Asterisk as a RADIUS client to the RADIUS
server (freeRadius)
What do you think?
Thanks in advance,
Roberto

So... if I understand this correctly, you're having problems with diverted
calls FROM the Asterisk IVR not being able to authenticate on SER?

Could you just add the Asterisk server to the trust tables and skip the auth
process for calls coming back or would that create problems?

N.
*
On Tue, 5 Sep 2006 21:16:45 +0100, Roberto Lopes wrote*

> Hi to all!
> I've a big problem with SER & Asterisk
> I've a network where i put them working together.
> Asterisk is the media gateway with PSTN as well as being the server which
is making all the services available (IVR, voicemail, conference calls,
etc).
> SER just routes calls either to the softphones, VoIP phones or to Asterisk
who will just forward the calls to PSTN (via Asterisk).
> Till now everything works well except the service IVR which is working on
Asterisk.
>
> Details:
> *MailScanner has detected a possible fraud attempt from "192.168.226.13"
claiming to be* *MailScanner warning: numerical links are often malicious:
192.168.226.13 - IP SER
> **MailScanner has detected a possible fraud attempt from "192.168.226.45"
claiming to be* *MailScanner warning: numerical links are often malicious:
192.168.226.45 - IP Asterisk *
***
>
> The problem is only after the user (roberto at 192.168.226.13 - authenticated
and authorized in RADIUS) calls IVR.
> Till then the user calls, IVR gives some information to the user and
everything goes well.
> Problem is when he presses a number which will have to redirect the call
to another user.
> And why is there a problem.
*
*> Because the initially roberto at 192.168.226.13 to be able to call IVR had
to rewrite host & port **MailScanner has detected a possible fraud attempt
from "192.168.226.45" claiming to be* *MailScanner warning: numerical links
are often malicious: 192.168.226.45 so that the call would reach Asterisk
who would then call to the IVR. *
***
> That rewriting turned roberto at 192.168.226.13 into roberto at 192.168.226.45.
That is, I can say, that it became a "new user".
> While it's on the IVR there's no problem, but when call is diverted it has
to give its credentials...
*
*> Credentials that don't exist in RADIUS cause it only accepts usernames
that end in @ **MailScanner has detected a possible fraud attempt from "
192.168.226.13" claiming to be* *MailScanner warning: numerical links are
often malicious: 192.168.226.13 (IP of SER) *
***
>
> Here is the following code, both of extensions file in Asterisk and
configure file of SER
> I hope somebody knows how to solve it or at least find a way how to.
>
> extensions.conf - Asterisk
>
[sip]
exten => 74001,1,Answer
exten => 74001,2,SetMusicOnHold(default)
exten => 74001,3,Set(TIMEOUT(digit)=5)
exten => 74001,4,Set(TIMEOUT(response)=10)
exten => 74001,5,Background(menu)

> exten => 1,1,Dial(SIP/roberto at 192.168.226.13:5060,,r)
...
exten => 7,1,Goto(sip,74001,1)
exten => 8,1,Hangup

>
> ser.cfg - SER
>
> ...
> if ((uri=~"^sip:7[0-9]{4}@.*")) {
>         route(5);
>         break;
> };
...
> route[5] {     # Redirecting to Asterisk
>     # MsgLog
>     xlog("L_ALERT","(WARNING) Sending to Asterisk request of %fu to
%tu\n");
*
***>     rewritehostport("**MailScanner has detected a possible fraud
attempt from " 192.168.226.45:5060" claiming to be* *MailScanner warning:
numerical links are often malicious: 192.168.226.45:5060"); *
*
>     route(1);
> }
>
>
> Thanks for your help,
> Roberto Lopes

*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20060907/5600b6d4/attachment.htm>