[Kamailio-Users] Kamailio 1.5.0 and NAT

Путято Денис denis7979 at mail.ru
Tue Nov 3 13:20:10 CET 2009 

Hello everybody

 

I have such problem with kamailio and client which behind NAT

 

This is REGISTER message which came from client. This message came from
public IP (for example, 1.1.1.1) and source port 44197. (This information I
got from sip_trace)

 

REGISTER sip:sip.ptl.ru:5060;transport=UDP SIP/2.0

From: <sip:xxxxxxx at sip.ptl.ru:5060>;tag=a82eda3-13c4-47798948-1a1296-5259a46

To: <sip:xxxxxxx at sip.ptl.ru:5060>

Call-ID: a82eda3-13c4-47798948-1a1296-9641c88 at sip.ptl.ru

CSeq: 446229198 REGISTER

Via: SIP/2.0/UDP 10.130.237.163:5060;branch=z9hG4bK-47799e27-6b9841-84448db

Max-Forwards: 70

Supported: timer

Contact: <sip:xxxxxxx at 10.130.237.163:5060;transport=UDP>

Expires: 60

Content-Length: 0

 

This is Unauthorized message was sent by kamailio to 1.1.1.1 and:
destination port not 44197 (as I expected) but 5060!!!

 

SIP/2.0 401 Unauthorized

From: <sip:xxxxxxx at sip.ptl.ru:5060>;tag=a82eda3-13c4-47798948-1a1296-5259a46

To: <sip:xxxxxxx at sip.ptl.ru:5060>;tag=fdc454a3cdd8f9e5718382b74f33aeed.3b81

Call-ID: a82eda3-13c4-47798948-1a1296-9641c88 at sip.ptl.ru

CSeq: 446229198 REGISTER

Via: SIP/2.0/UDP
10.130.237.163:5060;branch=z9hG4bK-47799e27-6b9841-84448db;received=1.1.1.1

WWW-Authenticate: Digest realm="domain name",
nonce="4af0129b000000047c1020258f9f0efc4de1b76663dd2ab4"

Server: Kamailio (1.5.0-notls (i386/linux))

Content-Length: 0

 

And as you understand 401 reply, which was sent to 1.1.1.1:5060 can't reach
client's equipment.

 

A piece of kamailio.cfg relating to REGISTER processing:

route(0) {

:.

if (!is_method("INVITE")) route(8);

:.

   if (is_method("REGISTER")) {

    route(11);

    exit;

 }

:..

}

route(8) {

            if (nat_uac_test("5")) {

              if (method=="REGISTER") {

                fix_nated_register();

          } else {

                fix_nated_contact();

         }

        setflag(5);

        }

        return;

}

route(11) {

        if (!www_authorize("", "subscriber")) {

            www_challenge("", "0");

                exit;

         }

            if ($au!=$tU)  {

           sl_send_reply("403","Forbidden auth ID");

            exit;

            }

        if (isflagset(5)) setbflag(6);

        if (!save("location")) {

            sl_reply_error();

            exit;

         }

}

 

Hearty thanks for any help.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/users/attachments/20091103/7a3bafd9/attachment.htm>

More information about the Users mailing list