[SR-Users] Can't Auth against Kamailio 3.1.1 - fresh install

Daniel-Constantin Mierla miconda at gmail.com
Thu Dec 16 07:30:49 CET 2010



On 12/15/10 4:29 AM, Graham Wooden wrote:
> This has been resolved.  Apparently my broad-band NAT router was screwing up
> and wasn't getting the www digest back to the Q/A phone.
ALG are always a pain. This tool written by Inaki may help in such cases:
http://dev.sipdoc.net/projects/sip-stuff/wiki/SIP-ALG-Detector

Cheers,
Daniel

> Thanks,
>
> -graham
>
> On 12/14/10 4:18 PM, "Graham Wooden"<graham at g-rock.net>  wrote:
>
>>> Hello,
>>>
>>> run kamailio from console with -E -ddd command line parameters and read
>>> the printed log messages. You should be able to figure out whether is
>>> reaching authentication part of configuration file. Also, adding
>>> xlog(...) calls in config file might be useful for you to troubleshoot.
>>>
>>>  From the logs you sent, looks like auth db is enabled. Maybe the
>>> from/r-uri don't match myself condition, are you using hostnames or IP
>>> addresses?
>>>
>>> Cheers,
>>> Daniel
>> Thanks for sharing the debugging parameters; I believe it helpped shed
>> some light. But my xlog placements so far hasn't produced much of
>> anything.
>>
>> I am doing everything by IPs at the moment.  From the below, kamailio
>> thinks that my IP, 1.1.1.1, is not part of the realm. I even went
>> through and changed the entry in the domain table and the domain for
>> the subscriber to reflect this IP.  Still the same results.
>>
>> What is the best/proper way for kamailio to think that it's IP is part
>> of the realm?  Or am I chasing the wrong rabbit here?  I going to add
>> some more xlogs tonight to see what is going wrong here. It's such
>> plain install, surely something has gotten out of whack here ...
>>
>>
>>    5(10312) DEBUG: tm [t_lookup.c:1150]: DEBUG: t_check_msg: msg id=5
>> global id=5 T end=(nil)
>>    5(10312) DEBUG:<core>  [socket_info.c:501]: grep_sock_info -
>> checking if host==us: 13==9&&   [1.1.1.1] == [127.0.0.1]
>>    5(10312) DEBUG:<core>  [socket_info.c:504]: grep_sock_info -
>> checking if port 5060 matches port 5060
>>    5(10312) DEBUG:<core>  [socket_info.c:501]: grep_sock_info -
>> checking if host==us: 13==13&&   [1.1.1.1] == [1.1.1.1]
>>    5(10312) DEBUG:<core>  [socket_info.c:504]: grep_sock_info -
>> checking if port 5060 matches port 5060
>>    5(10312) DEBUG: auth_db [authorize.c:239]: realm value [1.1.1.1]
>>    5(10312) DEBUG: auth [api.c:85]: auth:pre_auth: Credentials with
>> realm '1.1.1.1' not found
>>    5(10312) DEBUG: auth_db [authorize.c:257]: not authenticated
>>    5(10312) DEBUG: auth [challenge.c:102]: build_challenge_hf: realm='1.1.1.1'
>>    5(10312) DEBUG: auth [challenge.c:236]: auth: 'Proxy-Authenticate:
>> Digest realm="1.1.1.1", nonce="TQfqfk0H6VJOTqVJEddjXqo4/PysNAPn"
>> '
>>
>>
>>
>>
>>
>> _______________________________________________
>> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
>> sr-users at lists.sip-router.org
>> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
>
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users

-- 
Daniel-Constantin Mierla
Kamailio (OpenSER) Advanced Training
Jan 24-26, 2011, Irvine, CA, USA
http://www.asipto.com




More information about the sr-users mailing list