[Freeswitch-users] Gateway Authentication
Chad Vogel
cvogel at lyonl.com
Tue Sep 20 20:34:27 MSD 2011
Hello, I'm trying to make the move from Asterix, but I'm running into some difficulties. I'm try to bridge a call using our gateway however it doesn't work. In wireshark I can see I'm getting an SIP 401 Unauthorized error with a WWW-Authenticate header, after FS send the INVITE message to the gateway. However FS doesnt seem to respond to the request for Authentication. Asterix responds correctly however I cant seem to make FS to do the same. Any help would be appreciated
INVITE sip:+15618911806 at 4.55.35.60:5070 SIP/2.0
Via: SIP/2.0/UDP 207.67.30.226;rport;branch=z9hG4bKB49SZQHrgaaKc
Max-Forwards: 8
From: "LyonL" <sip:+14142211800 at 207.67.30.226:5060>;tag=eZe8gcQgXXv5c
To: <sip:+15618911806 at 4.55.35.60:5070>
Call-ID: 4f8edae0-5e45-122f-6399-07d4dbeff43f
CSeq: 17931324 INVITE
Contact: <sip:1-F2la9 at 207.67.30.226:5060;transport=udp;gw=level3>
User-Agent: FreeSWITCH
Allow: INVITE, ACK, BYE, CANCEL, OPTIONS, MESSAGE, UPDATE, INFO, REGISTER, REFER, NOTIFY
Supported: timer, precondition, path, replaces
Allow-Events: talk, hold, refer
Content-Type: application/sdp
Content-Disposition: session
Content-Length: 227
X-FS-Support: update_display
Remote-Party-ID: "LyonL" <sip:+14142211800 at 207.67.30.226:5060>;party=calling;screen=yes;privacy=off
v=0
o=FreeSWITCH 1316516832 1316516833 IN IP4 10.126.200.6
s=FreeSWITCH
c=IN IP4 10.126.200.6
t=0 0
m=audio 17944 RTP/AVP 0 8 18 101 13
a=fmtp:18 annexb=no
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-16
a=ptime:20
SIP/2.0 401 Unauthorized
Via: SIP/2.0/UDP 207.67.30.226;received=207.67.30.226;branch=z9hG4bKB49SZQHrgaaKc;rport=42534
From: "LyonL" <sip:+14142211800 at 207.67.30.226:5060>;tag=eZe8gcQgXXv5c
To: <sip:+15618911806 at 4.55.35.60:5070>;tag=SD6soqf99-1367649635-1316534779161
Call-ID: 4f8edae0-5e45-122f-6399-07d4dbeff43f
CSeq: 17931324 INVITE
WWW-Authenticate: DIGEST qop="auth",nonce="BroadWorksXgst2td09Tbihi2qBW",algorithm=MD5,realm="BroadWorks"
Content-Length: 0
<include>
<extension name="4142211800">
<condition field="destination_number" expression="^(\+?1)?(4142211800)$">
<action application="set" data="effective_caller_id_name=LyonL"/>
<action application="set" data="effective_caller_id_number=+14142211800"/>
<action application="bridge" data="sofia/gateway/level3/+15618911806"/>
</condition>
</extension>
</include>
<include>
<gateway name="level3">
<param name="apply-inbound-acl" value="level3"/>
<param name="username" value="1-F2la9"/>
<param name="password" value="password"/>>
<param name="realm" value="BroadWorks"/>
<param name="proxy" value="4.55.35.60:5070"/>
<param name="from-domain" value="207.67.30.226:5060"/>
<param name="dtmf-type" value="rfc2833"/>
<param name="extension-in-contact" value="true"/>
<param name="caller-id-in-from" value="true"/>
<param name="register" value="false"/>
</gateway>
</include>
<profile name="external">
<!-- http://wiki.freeswitch.org/wiki/Sofia_Configuration_Files -->
<!-- This profile is only for outbound registrations to providers -->
<gateways>
<X-PRE-PROCESS cmd="include" data="external/*.xml"/>
</gateways>
<aliases>
<!--
<alias name="outbound"/>
<alias name="nat"/>
-->
</aliases>
<domains>
<domain name="all" alias="false" parse="true"/>
</domains>
<settings>
<param name="debug" value="0"/>
<!-- If you want FreeSWITCH to shutdown if this profile fails to load, uncomment the next line. -->
<!-- <param name="shutdown-on-fail" value="true"/> -->
<param name="sip-trace" value="no"/>
<param name="sip-capture" value="no"/>
<param name="rfc2833-pt" value="101"/>
<param name="sip-port" value="$${external_sip_port}"/>
<param name="dialplan" value="XML"/>
<param name="context" value="public"/>
<param name="dtmf-duration" value="2000"/>
<param name="inbound-codec-prefs" value="$${global_codec_prefs}"/>
<param name="outbound-codec-prefs" value="$${outbound_codec_prefs}"/>
<param name="hold-music" value="$${hold_music}"/>
<param name="rtp-timer-name" value="soft"/>
<!--<param name="enable-100rel" value="true"/>-->
<!--<param name="disable-srv503" value="true"/>-->
<!-- This could be set to "passive" -->
<param name="local-network-acl" value="localnet.auto"/>
<param name="manage-presence" value="false"/>
<!-- used to share presence info across sofia profiles
manage-presence needs to be set to passive on this profile
if you want it to behave as if it were the internal profile
for presence.
-->
<!-- Name of the db to use for this profile -->
<!--<param name="dbname" value="share_presence"/>-->
<!--<param name="presence-hosts" value="$${domain}"/>-->
<!--<param name="force-register-domain" value="$${domain}"/>-->
<!--all inbound reg will stored in the db using this domain -->
<!--<param name="force-register-db-domain" value="$${domain}"/>-->
<!-- ************************************************* -->
<!--<param name="aggressive-nat-detection" value="true"/>-->
<param name="inbound-codec-negotiation" value="generous"/>
<param name="nonce-ttl" value="60"/>
<param name="auth-calls" value="false"/>
<!--<param name="challenge-realm" value="auto_from"/>-->
<param name="user-agent-string" value="FreeSWITCH"/>
<!--
DO NOT USE HOSTNAMES, ONLY IP ADDRESSES IN THESE SETTINGS!
-->
<param name="rtp-ip" value="$${local_ip_v4}"/>
<param name="sip-ip" value="$${local_ip_v4}"/>
<param name="ext-rtp-ip" value="auto-nat"/>
<param name="ext-sip-ip" value="$${external_sip_ip}"/>
<param name="rtp-timeout-sec" value="300"/>
<param name="rtp-hold-timeout-sec" value="1800"/>
<!--<param name="enable-3pcc" value="true"/>-->
<!-- TLS: disabled by default, set to "true" to enable -->
<param name="tls" value="$${external_ssl_enable}"/>
<!-- additional bind parameters for TLS -->
<param name="tls-bind-params" value="transport=tls"/>
<!-- Port to listen on for TLS requests. (5081 will be used if unspecified) -->
<param name="tls-sip-port" value="$${external_tls_port}"/>
<!-- Location of the agent.pem and cafile.pem ssl certificates (needed for TLS server) -->
<param name="tls-cert-dir" value="$${external_ssl_dir}"/>
<!-- TLS version ("sslv23" (default), "tlsv1"). NOTE: Phones may not work with TLSv1 -->
<param name="tls-version" value="$${sip_tls_version}"/>
</settings>
</profile>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20110920/2ade2f31/attachment-0001.html
Join us at ClueCon 2011 Aug 9-11, 2011
More information about the FreeSWITCH-users
mailing list