<div>I don&#39;t believe the ACL works for registrations, only for phone calls. You&#39;ll still need to auth for the registration part. For the ACL, though, you can do &quot;reloadacl&quot; and confirm that your CIDR is getting added. When you send calls from TB to FS they should be let in via the ACL without an auth challenge.</div>
<div><br></div><div>-MC<br><br><div class="gmail_quote">On Tue, Feb 22, 2011 at 11:30 AM, Johannes Jakob <span dir="ltr">&lt;<a href="mailto:jjj@3js.de">jjj@3js.de</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
Fellow FreeSWITCH Admins,<br>
<br>
I&#39;m having a hard time, getting a Trixbox 2.8 box to register with our FreeSWITCH SBCs.<br>
<br>
The FreeSWITCHes are running FreeSWITCH-mod_sofia/1.0.head-git-7847289, the asterisk on the trixbox is Asterisk 1.6.0.22-samy-r60.<br>
<br>
<br>
The user&#39;s directory entry looks like this:<br>
<br>
<br>
&lt;include&gt;<br>
  &lt;user id=&quot;748732&quot; cidr=&quot;<a href="http://10.16.153.163/32" target="_blank">10.16.153.163/32</a>&quot;&gt;<br>
    &lt;params&gt;<br>
&lt;!--<br>
      &lt;param name=&quot;password&quot; value=&quot;Idsd67Hsa&quot;/&gt;<br>
--&gt;<br>
      &lt;param name=&quot;t38-passthru&quot; value=&quot;true&quot;/&gt;<br>
    &lt;/params&gt;<br>
    &lt;variables&gt;<br>
      &lt;variable name=&quot;client_asserted_identity&quot; value=&quot;03023671836&quot;/&gt;<br>
      &lt;variable name=&quot;accountcode&quot; value=&quot;748732&quot;/&gt;<br>
      &lt;variable name=&quot;contract&quot; value=&quot;2253&quot;/&gt;<br>
      &lt;variable name=&quot;nibble_rate&quot; value=&quot;1&quot;/&gt;<br>
      &lt;variable name=&quot;nibble_account&quot; value=&quot;2253&quot;/&gt;<br>
<br>
      &lt;variable name=&quot;proxy_media&quot; value=&quot;true&quot;/&gt;<br>
      &lt;variable name=&quot;bypass_media&quot; value=&quot;false&quot;/&gt;<br>
      &lt;variable name=&quot;user_context&quot; value=&quot;<a href="http://mysip.net" target="_blank">mysip.net</a>&quot;/&gt;<br>
      &lt;variable name=&quot;default_language&quot; value=&quot;de&quot;/&gt;<br>
      &lt;variable name=&quot;language&quot; value=&quot;de&quot;/&gt;<br>
    &lt;/variables&gt;<br>
  &lt;/user&gt;<br>
&lt;/include&gt;<br>
<br>
<br>
Asterisk&#39;s register string: <a href="mailto:748732@mysip.net">748732@mysip.net</a>@<a href="http://sbc1.mysip.net/748732" target="_blank">sbc1.mysip.net/748732</a><br>
<br>
<br>
I&#39;m getting the &quot;normal&quot; FS errors for wrong credentials:<br>
<br>
2011-02-22 18:03:57.484939 [WARNING] sofia_reg.c:1246 SIP auth challenge (REGISTER) on sofia profile &#39;internal&#39; for [<a href="mailto:748732@mysip.net">748732@mysip.net</a>] from ip 10.16.153.163<br>
2011-02-22 18:03:57.491471 [WARNING] sofia_reg.c:1204 SIP auth failure (REGISTER) on sofia profile &#39;internal&#39; for [<a href="mailto:748732@mysip.net">748732@mysip.net</a>] from ip 10.16.153.163<br>
<br>
<br>
but why am I getting these? I specified the right address in the cidr statement! Why is it even bothering with anything else but the right user@domain and IP-address?<br>
<br>
<br>
There are some other asterisk boxes (&gt; 1.8.2) registering to this SBC with equal settings just fine, what&#39;s wrong with this little trixbox system? ;)<br>
<br>
<br>
<br>
Of course I did get you some SIP traces as well:<br>
<br>
<br>
18:00:37.063410 IP 10.16.153.163.5060 &gt; 10.16.133.66.5060: UDP, length: 419<br>
E`..f...&gt;.7.^...^..B.......-REGISTER sip:<a href="http://mysip.net" target="_blank">mysip.net</a> SIP/2.0<br>
Via: SIP/2.0/UDP 10.16.153.163:5060;branch=z9hG4bK3e70680b;rport<br>
Max-Forwards: 70<br>
From: &lt;<a href="mailto:sip%3A748732@mysip.net">sip:748732@mysip.net</a>&gt;;tag=as77c8852d<br>
To: &lt;<a href="mailto:sip%3A748732@mysip.net">sip:748732@mysip.net</a>&gt;<br>
Call-ID: <a href="mailto:53d04cc277cfe60301bddb6d79033420@10.16.153.163">53d04cc277cfe60301bddb6d79033420@10.16.153.163</a><br>
CSeq: 102 REGISTER<br>
User-Agent: Asterisk PBX 1.6.0.22-samy-r60<br>
Expires: 1800<br>
Contact: &lt;<a href="mailto:sip%3A748732@10.16.153.163">sip:748732@10.16.153.163</a>&gt;<br>
Event: registration<br>
Content-Length: 0<br>
<br>
<br>
<br>
18:00:37.074085 IP 10.16.133.66.5060 &gt; 10.16.153.163.5060: UDP, length: 657<br>
E...F...?.Vc^..B^...........SIP/2.0 401 Unauthorized<br>
Via: SIP/2.0/UDP 10.16.153.163:5060;branch=z9hG4bK3e70680b;rport=5060<br>
From: &lt;<a href="mailto:sip%3A748732@mysip.net">sip:748732@mysip.net</a>&gt;;tag=as77c8852d<br>
To: &lt;<a href="mailto:sip%3A748732@mysip.net">sip:748732@mysip.net</a>&gt;;tag=5jD9Qcg3N9S6p<br>
Call-ID: <a href="mailto:53d04cc277cfe60301bddb6d79033420@10.16.153.163">53d04cc277cfe60301bddb6d79033420@10.16.153.163</a><br>
CSeq: 102 REGISTER<br>
User-Agent: FreeSWITCH-mod_sofia/1.0.head-git-7847289 2011-02-19 23-38-04 +0100<br>
Allow: INVITE, ACK, BYE, CANCEL, OPTIONS, MESSAGE, UPDATE, INFO, REGISTER, REFER, NOTIFY, PUBLISH, SUBSCRIBE<br>
Supported: timer, precondition, path, replaces<br>
WWW-Authenticate: Digest realm=&quot;<a href="http://mysip.net" target="_blank">mysip.net</a>&quot;, nonce=&quot;ce2bccbf-a27b-43c8-b7b0-a89ab429d8a7&quot;, algorithm=MD5, qop=&quot;auth&quot;<br>
Content-Length: 0<br>
<br>
<br>
<br>
18:00:37.074969 IP 10.16.153.163.5060 &gt; 10.16.133.66.5060: UDP, length: 672<br>
E`..f...&gt;.6.^...^..B........REGISTER sip:<a href="http://mysip.net" target="_blank">mysip.net</a> SIP/2.0<br>
Via: SIP/2.0/UDP 10.16.153.163:5060;branch=z9hG4bK30df5010;rport<br>
Max-Forwards: 70<br>
From: &lt;<a href="mailto:sip%3A748732@mysip.net">sip:748732@mysip.net</a>&gt;;tag=as03431ba4<br>
To: &lt;<a href="mailto:sip%3A748732@mysip.net">sip:748732@mysip.net</a>&gt;<br>
Call-ID: <a href="mailto:53d04cc277cfe60301bddb6d79033420@10.16.153.163">53d04cc277cfe60301bddb6d79033420@10.16.153.163</a><br>
CSeq: 103 REGISTER<br>
User-Agent: Asterisk PBX 1.6.0.22-samy-r60<br>
Authorization: Digest username=&quot;<a href="mailto:748732@mysip.net">748732@mysip.net</a>&quot;, realm=&quot;<a href="http://mysip.net" target="_blank">mysip.net</a>&quot;, algorithm=MD5, uri=&quot;sip:<a href="http://mysip.net" target="_blank">mysip.net</a>&quot;, nonce=&quot;ce2bccbf-a27b-43c8-b7b0-a89ab429d8a7&quot;, response=&quot;133a0ba843fe9f5afba67d1377fa8c11&quot;, qop=auth, cnonce=&quot;119cf18c&quot;, nc=00000001<br>

Expires: 1800<br>
Contact: &lt;<a href="mailto:sip%3A748732@10.16.153.163">sip:748732@10.16.153.163</a>&gt;<br>
Event: registration<br>
Content-Length: 0<br>
<br>
<br>
18:00:37.081517 IP 10.16.133.66.5060 &gt; 10.16.153.163.5060: UDP, length: 532<br>
E..0F...?.V.^..B^.........1.SIP/2.0 403 Forbidden<br>
Via: SIP/2.0/UDP 10.16.153.163:5060;branch=z9hG4bK30df5010;rport=5060<br>
From: &lt;<a href="mailto:sip%3A748732@mysip.net">sip:748732@mysip.net</a>&gt;;tag=as03431ba4<br>
To: &lt;<a href="mailto:sip%3A748732@mysip.net">sip:748732@mysip.net</a>&gt;;tag=6U61S706jjgSj<br>
Call-ID: <a href="mailto:53d04cc277cfe60301bddb6d79033420@10.16.153.163">53d04cc277cfe60301bddb6d79033420@10.16.153.163</a><br>
CSeq: 103 REGISTER<br>
User-Agent: FreeSWITCH-mod_sofia/1.0.head-git-7847289 2011-02-19 23-38-04 +0100<br>
Allow: INVITE, ACK, BYE, CANCEL, OPTIONS, MESSAGE, UPDATE, INFO, REGISTER, REFER, NOTIFY, PUBLISH, SUBSCRIBE<br>
Supported: timer, precondition, path, replaces<br>
Content-Length: 0<br>
<br>
<br>
Can somebody point me in the right direction?<br>
<br>
<br>
Thanks and best regards,<br>
<br>
  John<br>
<br>
<br>
_______________________________________________<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
</blockquote></div><br></div>