[SR-Users] Using Kamailio as UAC on any PBX
Jöran Vinzens
vinzens at sipgate.de
Wed May 4 10:38:05 CEST 2016
Hi All,
we are trying to use the Kamailio as an UAC on a PBX. It should behave just
like a normal SIP UAC (e.g. an SNOM phone).
The reason why we want that, is connecting a service to any other PBX with
Client features and security (DA).
Our setup looks like:
Kamailio UAC w/ register <-> Kamailio OBP/SBC <-> PBX
The register is working fine. We insert the credentials into DB and trigger
kamailio to reload the config (kamctl uac.reload).
Then the register is sent out including the unauth (401) handling. After
than we are registered on the PBX. The Register is sent though the OBP as
configured in DB.
We are trying to make calls:
Calls from PBX to Kamailio are working fine but we struggle with calls from
kamailio torwards PBX.
We have the l_uuid in a variable and we try to get the PV ready for the
invite.
First we need to do is rewrite the "from" URI. We thought we can get a
proper FROM URI with the uuid we have. But the uac_replace_from just sets
the $fu as given and does not make any logic with UAC credentials.
To handle the RURI, we trigger uac_reg_lookup with the uuid and it replaces
the $ru with user-name and domain from the data stored in DB. In this case
that makes no sense. The $rU should be what the user had dialed, the $rd
should be the server given in uacreg DB table. The OBP given in DB is
ignored completely.
After we managed to rewrite everything in SIP as needed we try to catch the
407 as it's shown in the module documentation with failure route. Here we
have not found any way to get the credentials for the uuid.
Now we wonder if we have missed any global setting which sets everything
right. If anybody has a similar setup and a working config, we appreciate
any help we can get.
our config looks like:
...
loadmodule "uac.so"
....
modparam("uac","auth_realm_avp","$avp(arealm)")
modparam("uac","auth_username_avp","$avp(auser)")
modparam("uac","auth_password_avp","$avp(apass)")
modparam("uac","restore_from_avp","$avp(original_uri_from)")
modparam("uac","restore_to_avp","$avp(original_uri_to)")
modparam("uac","credential","username:domain:password")
modparam("uac", "reg_db_url","DBURI")
modparam("uac", "reg_timer_interval", 60)
modparam("uac", "reg_retry_interval", 300)
modparam("uac", "reg_contact_addr", "1.2.3.4:5060")
...
route {
xlog("L_NOTICE", "INVITE: F=$fu T=$tu R=$ru\n");
route("QUERY_UUID"); # <- sets $var(UUID) to l_uuid of the DB
$var(request_user) = $rU;
uac_reg_lookup("$var(UUID)", "$ru");
$var(request_from_user) = $rU;
$rU = $var(request_user);
uac_replace_from("$var(request_from_user)","sip:$var(request_from_user)@
1.2.3.4");
t_on_failure("TRUNKAUTH");
xlog("L_NOTICE", "INVITE: F=$fu T=$tu R=$ru $avp(auser)
$avp(apass)\n"); # avp "auser and apass are "<null>"
if (!t_relay()) {
xlog("L_ERR", "error to <$tu> from <$fu>\n");
sl_reply_error();
};
}
failure_route[TRUNKAUTH] {
if (t_is_canceled()) {
exit;
}
if(t_check_status("401|407")) {
# $avp(auser) = "test"; <-should be set from the l_uuid profile
anyhow
# $avp(apass) = "test";
$var(request_user) = $rU;
if (uac_auth()) {
# We do never get here since uac_auth never returns true.
$rU = $var(request_user);
route("FORWARD_MESSAGE");
exit;
}
xlog("L_NOTICE", "DAMN!!!");
}
}
--
Jöran Vinzens - vinzens[at]sipgate.de <vinzens at sipgate.de>
sipgate GmbH - Gladbacher Str. 74 - 40219 Düsseldorf
HRB Düsseldorf 39841 - Geschäftsführer: Thilo Salmon, Tim Mois
Steuernummer: 106/5724/7147, Umsatzsteuer-ID: DE219349391
www.sipgate.de - www.sipgate.co.uk
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20160504/9d12d676/attachment.html>
More information about the sr-users
mailing list