[Serusers] Problem with PSTN calls from Asterisk towards SIP clients registered in SER

Max Weltz max at opticall.se
Thu Oct 11 15:29:32 CEST 2007 

OK,

thank you for the hint. It works now even though for some reason I  
need to have the IP of Asterisk both in the 'trusted' table and the  
'permissions.allow' file.

Thanks

Max


On Oct 11, 2007, at 6:39 , Greger V. Teigre wrote:

> You can use allow_trusted() to allow calls from your Asterisk. see  
> the chapter you referred to (Getting Started) for an example of how  
> to use it.
> Just add the IP of your Asterisk to the table of trusted IPs.
> g-)
>
> Max Weltz wrote:
>>      Hello,
>>
>>    I am working on a project in which calls are placed from an   
>> Asterisk server towards the PSTN or SIP clients and then connected  
>> to  another phone of the PSTN or another SIP client. Those calls  
>> are  placed by a user (caller) through an interface. First a call  
>> is  placed towards the caller from an extension in Asterisk and  
>> once the  caller picks up the phone, the second call is placed and  
>> both are  connected.
>>
>>    In a first time all SIP clients were registered to Asterisk  
>> and  there was no SER on the picture. Everything was working fine.  
>> But I  have decided to use SER as SIP proxy now. So the SIP  
>> clients are  registered with SER and Asterisk is still the  
>> originating point of  all calls and provides the connection to the  
>> PSTN. Asterisk and SER  are running on the same machine (Asterisk  
>> has port 5061 and SER port  5060) and Asterisk is registered to SER:
>>
>> ==sip.conf==
>>
>> [general]
>> port=5061
>> bindport=5061
>> bindaddr=0.0.0.0
>> disallow=all
>> ;allow=gsm
>> allow=ulaw
>> allow=alaw
>> ;context=bogon-calls
>> context=from-sip
>> autocreatepeer=yes
>>
>> register=> asterisk:password at 192.168.1.24:5060/maxAS
>>
>> [SERADDRESS]
>> type=friend
>> username=asterisk
>> secret=password
>> host=192.168.1.24
>> fromdomain=192.168.1.24
>>
>> [maxAS]
>> type=friend
>> secret=password2
>> qualify=yes
>> nat=no
>> host=dynamic
>> canreinvite=no
>> context=from-sip
>>
>>
>>    Most things work fine:
>> * a user can ask Asterisk to call a SIP client and connect it to   
>> another SIP client: Asterisk finds its way to SER and both calls  
>> are  happily connected.
>> * a user can also ask a call to be placed towards a SIP client  
>> and  then this call is connected to a PSTN call, no problem either.
>>
>> The problem is when the user wants a call towards the PSTN to be   
>> connected to a SIP client. Once the call going towards the PSTN  
>> has  been answered, Asterisk attempts to contact a SIP client  
>> which is  registered in SER but SER sees the call coming from "sip: 
>> (PSTN phone  number of the first call)@hostIP". There is no such  
>> client in the  database and it is therefore not allowed to  
>> connect. In the following  example Zap/1-1 is the interface  
>> towards the PSTN, 0761111111 the  phone number dialled, and 6644  
>> an extension registered with SER. Here  is the Asterisk output.
>>
>>      > Channel Zap/1-1 was answered.
>>      -- Executing Answer("Zap/1-1", "") in new stack
>>      -- Executing Goto("Zap/1-1", "from-sip|6644|1") in new stack
>>      -- Goto (from-sip,6644,1)
>>      -- Executing Answer("Zap/1-1", "") in new stack
>>      -- Executing Dial("Zap/1-1", "SIP/6644 at SERADDRESS||r") in new  
>> stack
>>      -- Called 6644 at SERADDRESS
>> Oct 10 11:41:16 WARNING[4264]: chan_sip.c:7972 handle_response:   
>> Forbidden - wrong password on authentication for INVITE to   
>> '"0761111111" <sip:0761111111 at 192.168.1.24>;tag=as537d1ed7'
>>      -- SIP/SERADDRESS-50e7 is circuit-busy
>>
>> Here is the portion of the Asterisk Dialplan that is relevant and  
>> the  ser.cfg (which comes from http://siprouter.onsip.org/doc/  
>> gettingstarted/):
>>
>> ==extensions.conf==
>> [context1]
>> exten => 666,1,Answer()
>> exten => 666,2,Goto(from-sip,6644,1)
>>
>> [from-sip]
>> exten => _.,1,Answer
>> exten => _.,2,Dial(SIP/${EXTEN}@SERADDRESS,,r)
>> exten => _.,3,Hangup
>>
>> ==ser.cfg==
>> debug=3
>> fork=no
>> log_stderror=yes
>>
>> listen=192.168.1.24   # INSERT YOUR IP ADDRESS HERE
>> port=5060
>> children=4
>>
>> dns=no
>> rev_dns=no
>> fifo="/tmp/ser_fifo"
>> fifo_db_url="mysql://ser:password@192.168.1.26/ser"
>>
>> loadmodule "/usr/lib/ser/modules/mysql.so"
>> loadmodule "/usr/lib/ser/modules/sl.so"
>> loadmodule "/usr/lib/ser/modules/tm.so"
>> loadmodule "/usr/lib/ser/modules/rr.so"
>> loadmodule "/usr/lib/ser/modules/maxfwd.so"
>> loadmodule "/usr/lib/ser/modules/usrloc.so"
>> loadmodule "/usr/lib/ser/modules/registrar.so"
>> loadmodule "/usr/lib/ser/modules/auth.so"
>> loadmodule "/usr/lib/ser/modules/auth_db.so"
>> loadmodule "/usr/lib/ser/modules/uri_db.so"
>>
>> modparam("auth_db|uri_db|usrloc", "db_url", "mysql://  
>> ser:password at 192.168.1.26/ser")
>> modparam("auth_db", "calculate_ha1", 1)
>> modparam("auth_db", "password_column", "password")
>> modparam("usrloc", "db_mode", 2)
>> modparam("rr", "enable_full_lr", 1)
>>
>> route {
>>
>>    #  
>> -----------------------------------------------------------------
>>    # Sanity Check Section
>>    #  
>> -----------------------------------------------------------------
>>    if (!mf_process_maxfwd_header("10")) {
>>      sl_send_reply("483", "Too Many Hops");
>>      break;
>>    };
>>
>>    if (msg:len > max_len) {
>>      sl_send_reply("513", "Message Overflow");
>>      break;
>>    };
>>
>>    #  
>> -----------------------------------------------------------------
>>    # Record Route Section
>>    #  
>> -----------------------------------------------------------------
>>    if (method!="REGISTER") {
>>      record_route();
>>    };
>>
>>    #  
>> -----------------------------------------------------------------
>>    # Loose Route Section
>>    #  
>> -----------------------------------------------------------------
>>    if (loose_route()) {
>>      route(1);
>>      break;
>>    };
>>
>>    #  
>> -----------------------------------------------------------------
>>    # Call Type Processing Section
>>    #  
>> -----------------------------------------------------------------
>>    if (uri!=myself) {
>>      route(1);
>>      break;
>>    };
>>
>>    if (method=="ACK") {
>>      route(1);
>>      break;
>>    } if (method=="INVITE") {
>>      route(3);
>>      break;
>>    } else  if (method=="REGISTER") {
>>      route(2);
>>      break;
>>    };
>>
>>    lookup("aliases");
>>    if (uri!=myself) {
>>      route(1);
>>      break;
>>    };
>>
>>
>>    if (!lookup("location")) {
>>      sl_send_reply("404", "User Not Found");
>>      break;
>>    };
>>
>>    route(1);
>> }
>>
>> route[1] {
>>
>>    #  
>> -----------------------------------------------------------------
>>    # Default Message Handler
>>    #  
>> -----------------------------------------------------------------
>>    if (!t_relay()) {
>>      sl_reply_error();
>>    };
>> }
>>
>> route[2] {
>>
>>    #  
>> -----------------------------------------------------------------
>>    # REGISTER Message Handler
>>    # ----------------------------------------------------------------
>>    sl_send_reply("100", "Trying");
>>
>>    if (!www_authorize("192.168.1.24","subscriber")) {
>>      www_challenge("192.168.1.24","0");
>>      break;
>>    };
>>
>>    if (!check_to()) {
>>      sl_send_reply("401", "Unauthorized");
>>      break;
>>    };
>>
>>    consume_credentials();
>>
>>    if (!save("location")) {
>>      sl_reply_error();
>>    };
>> }
>>
>> route[3] {
>>    #  
>> -----------------------------------------------------------------
>>    # INVITE Message Handler
>>    #  
>> -----------------------------------------------------------------
>>    if (!proxy_authorize("192.168.1.24","subscriber")) {
>>      proxy_challenge("192.168.1.24","0");
>>      break;
>>    } else if (!check_from()) {
>>      sl_send_reply("403", "Use From=ID");
>>      break;
>>    };
>>
>>    consume_credentials();
>>
>>    lookup("aliases");
>>    if (uri!=myself) {
>>      route(1);
>>      break;
>>    };
>>
>>    if (!lookup("location")) {
>>      sl_send_reply("404", "User Not Found");
>>      break;
>>    };
>>
>>    route(1);
>> }
>>
>>
>> I guess (but I am new to SER) that the idea is to make the call  
>> be  placed as the SIP user "asterisk" and not as the SIP user   
>> "0761111111" but I don't know where to do that (inside asterisk   
>> before the SIP call is placed? inside ser.cfg?) or maybe just to  
>> skip  the authentication for SIP URIs that look like a phone  
>> number. I also  read in http://siprouter.onsip.org/doc/ 
>> gettingstarted/ch09.html how  to relay calls placed towards the  
>> PSTN from SER towards a gateway  (Asterisk here) but I think it  
>> wouldn't do any good to send back the  call to Asterisk. Asterisk  
>> would just end up placing another call  towards the PSTN and  
>> that's not what I want.
>>
>> Any suggestion will be greatly appreciated,
>>
>> Thanks,
>>
>> //Max
>> _______________________________________________
>> Serusers mailing list
>> Serusers at lists.iptel.org
>> http://lists.iptel.org/mailman/listinfo/serusers
>>
>>
>>
>

More information about the sr-users mailing list