[SR-Users] register fails from openvpn clients
meres
meresgr at gmail.com
Wed Jan 15 16:41:41 CET 2014
The clients manage to authenticate successfully from remote subnets or from our local subnet but NOT while connected to our openvpn server, so it is not an authentication issue.
On Jan 15, 2014, at 4:16 PM, Andrew Mortensen <admorten at isc.upenn.edu> wrote:
>
> On Jan 15, 2014, at 5:35 AM, meres <meresgr at gmail.com> wrote:
>
>> Hello,
>>
>> Thank you for your help
>>
>> The REGISTER request is getting to kamailio.
>> I attach my tcpdump output:
>> http://pastebin.com/3RV9wG5G
>
> Your client is never responding to the authentication challenge returned by Kamailio in the WWW-Authenticate header. Your client should be attempting a second REGISTER with an Authorization header containing a response to Kamailio's challenge. Do the clients have authentication enabled?
>
> andrew
>
>
>
>> On Jan 15, 2014, at 11:09 AM, Daniel-Constantin Mierla <miconda at gmail.com> wrote:
>>
>>> Hello,
>>>
>>> what do you mean by "register fails"?
>>>
>>> Is the REGISTER request getting to kamailio? Is there a reply for it?
>>>
>>> A ngrep output taken on kamailio server for such registration would help to figure out where is the issue.
>>>
>>> Cheers,
>>> Daniel
>>>
>>> On 13/01/14 18:08, meres wrote:
>>>> I have kamailio 4.1.0 running on a server on a real ip and behind a firewall.
>>>> NAT detection is enabled on kamailio because many remote clients are behind NAT, so NAT is working fine along with rtpproxy.
>>>> Everything else (incoming, outgoing) is working fine except the following:
>>>>
>>>> Users who are connected to our openvpn server (bridged mode) which is on the same subnet with kamailio, fail to register.
>>>> I suspect that kamailio detects NAT on these clients as all of them are behind NAT, but they also have obtained a real ip from our openvpn server on their tap interface and as a result, REGISTER fails.
>>>>
>>>> One solution, but not the best is to exclude kamailio from our openvpn routes but I would not prefer this because I wil not be able to manage the server remotely
>>>>
>>>> My config: http://pastebin.com/JSxzgmKH
>>>>
>>>> Any suggestions?
>>>>
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
>>>>
>>>> sr-users at lists.sip-router.org
>>>> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
>>>
>>> --
>>> Daniel-Constantin Mierla -
>>> http://www.asipto.com
>>> http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
>>> _______________________________________________
>>> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
>>> sr-users at lists.sip-router.org
>>> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
>>
>>
>> _______________________________________________
>> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
>> sr-users at lists.sip-router.org
>> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
>
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
More information about the sr-users
mailing list