[Users] SER behind PIX
Ovidiu Sas
sip.nslu at gmail.com
Tue Feb 20 23:34:17 CET 2007
yup. Make sure that your subscriber's domain matches the one that you
created in openser db (see subscriber table).
Regards,
Ovidiu Sas
On 2/20/07, Diego Valencia <dvalencia at ip-tel.com.ar> wrote:
> Hi Ovidiu, I´m currently configured on this way on my openser:
>
> if (!www_authorize("ser.ip-tel.com.ar",
> "subscriber")) {
> www_challenge("ser.ip-tel.com.ar", "0");
> break;
> };
>
> Is it right?
>
> Thanks
>
> Diego
>
>
> ----- Original Message -----
> From: "Ovidiu Sas" <sip.nslu at gmail.com>
> To: "Diego Valencia" <dvalencia at ip-tel.com.ar>
> Cc: <users at openser.org>
> Sent: Tuesday, February 20, 2007 4:39 PM
> Subject: Re: [Users] SER behind PIX
>
>
> Hi Diego,
>
> When you challenge the SIP UA from openSER, provide the realm and
> configure the SIP UA to use that particular realm for authorization.
>
> see: http://openser.org/docs/modules/1.2.x/auth_db.html#AEN170
> (do not use an empty string for realm)
>
>
> Regards,
> Ovidiu Sas
>
> On 2/20/07, Diego Valencia <dvalencia at ip-tel.com.ar> wrote:
> > Hi everybody. In the topology:
> >
> > INTERNET
> > |
> > PIX (NAT static translate 200.x.x.2 to 10.1.1.2)
> > |
> > SER (10.1.1.2)
> >
> > I can´t register UA from internet.(unauthorized)
> >
> > The PIX is configured with the "fixup SIP" and "fixup udp SIP" commands.
> > I guess there is a problem when UA generates HA1 with the external IP,
> > then
> > de PIX translates this to internal IP, and the SER can´t authenticate it
> > by
> > the erroneous hash.
> >
> > Anybody know some solution for it?
> >
> > Thanks!
> >
> > Diego
> >
> >
> >
> > _______________________________________________
> > Users mailing list
> > Users at openser.org
> > http://openser.org/cgi-bin/mailman/listinfo/users
> >
>
>
More information about the sr-users
mailing list