<div>I don't believe the ACL works for registrations, only for phone calls. You'll still need to auth for the registration part. For the ACL, though, you can do "reloadacl" and confirm that your CIDR is getting added. When you send calls from TB to FS they should be let in via the ACL without an auth challenge.</div>
<div><br></div><div>-MC<br><br><div class="gmail_quote">On Tue, Feb 22, 2011 at 11:30 AM, Johannes Jakob <span dir="ltr"><<a href="mailto:jjj@3js.de">jjj@3js.de</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
Fellow FreeSWITCH Admins,<br>
<br>
I'm having a hard time, getting a Trixbox 2.8 box to register with our FreeSWITCH SBCs.<br>
<br>
The FreeSWITCHes are running FreeSWITCH-mod_sofia/1.0.head-git-7847289, the asterisk on the trixbox is Asterisk 1.6.0.22-samy-r60.<br>
<br>
<br>
The user's directory entry looks like this:<br>
<br>
<br>
<include><br>
<user id="748732" cidr="<a href="http://10.16.153.163/32" target="_blank">10.16.153.163/32</a>"><br>
<params><br>
<!--<br>
<param name="password" value="Idsd67Hsa"/><br>
--><br>
<param name="t38-passthru" value="true"/><br>
</params><br>
<variables><br>
<variable name="client_asserted_identity" value="03023671836"/><br>
<variable name="accountcode" value="748732"/><br>
<variable name="contract" value="2253"/><br>
<variable name="nibble_rate" value="1"/><br>
<variable name="nibble_account" value="2253"/><br>
<br>
<variable name="proxy_media" value="true"/><br>
<variable name="bypass_media" value="false"/><br>
<variable name="user_context" value="<a href="http://mysip.net" target="_blank">mysip.net</a>"/><br>
<variable name="default_language" value="de"/><br>
<variable name="language" value="de"/><br>
</variables><br>
</user><br>
</include><br>
<br>
<br>
Asterisk's register string: <a href="mailto:748732@mysip.net">748732@mysip.net</a>@<a href="http://sbc1.mysip.net/748732" target="_blank">sbc1.mysip.net/748732</a><br>
<br>
<br>
I'm getting the "normal" FS errors for wrong credentials:<br>
<br>
2011-02-22 18:03:57.484939 [WARNING] sofia_reg.c:1246 SIP auth challenge (REGISTER) on sofia profile 'internal' for [<a href="mailto:748732@mysip.net">748732@mysip.net</a>] from ip 10.16.153.163<br>
2011-02-22 18:03:57.491471 [WARNING] sofia_reg.c:1204 SIP auth failure (REGISTER) on sofia profile 'internal' for [<a href="mailto:748732@mysip.net">748732@mysip.net</a>] from ip 10.16.153.163<br>
<br>
<br>
but why am I getting these? I specified the right address in the cidr statement! Why is it even bothering with anything else but the right user@domain and IP-address?<br>
<br>
<br>
There are some other asterisk boxes (> 1.8.2) registering to this SBC with equal settings just fine, what's wrong with this little trixbox system? ;)<br>
<br>
<br>
<br>
Of course I did get you some SIP traces as well:<br>
<br>
<br>
18:00:37.063410 IP 10.16.153.163.5060 > 10.16.133.66.5060: UDP, length: 419<br>
E`..f...>.7.^...^..B.......-REGISTER sip:<a href="http://mysip.net" target="_blank">mysip.net</a> SIP/2.0<br>
Via: SIP/2.0/UDP 10.16.153.163:5060;branch=z9hG4bK3e70680b;rport<br>
Max-Forwards: 70<br>
From: <<a href="mailto:sip%3A748732@mysip.net">sip:748732@mysip.net</a>>;tag=as77c8852d<br>
To: <<a href="mailto:sip%3A748732@mysip.net">sip:748732@mysip.net</a>><br>
Call-ID: <a href="mailto:53d04cc277cfe60301bddb6d79033420@10.16.153.163">53d04cc277cfe60301bddb6d79033420@10.16.153.163</a><br>
CSeq: 102 REGISTER<br>
User-Agent: Asterisk PBX 1.6.0.22-samy-r60<br>
Expires: 1800<br>
Contact: <<a href="mailto:sip%3A748732@10.16.153.163">sip:748732@10.16.153.163</a>><br>
Event: registration<br>
Content-Length: 0<br>
<br>
<br>
<br>
18:00:37.074085 IP 10.16.133.66.5060 > 10.16.153.163.5060: UDP, length: 657<br>
E...F...?.Vc^..B^...........SIP/2.0 401 Unauthorized<br>
Via: SIP/2.0/UDP 10.16.153.163:5060;branch=z9hG4bK3e70680b;rport=5060<br>
From: <<a href="mailto:sip%3A748732@mysip.net">sip:748732@mysip.net</a>>;tag=as77c8852d<br>
To: <<a href="mailto:sip%3A748732@mysip.net">sip:748732@mysip.net</a>>;tag=5jD9Qcg3N9S6p<br>
Call-ID: <a href="mailto:53d04cc277cfe60301bddb6d79033420@10.16.153.163">53d04cc277cfe60301bddb6d79033420@10.16.153.163</a><br>
CSeq: 102 REGISTER<br>
User-Agent: FreeSWITCH-mod_sofia/1.0.head-git-7847289 2011-02-19 23-38-04 +0100<br>
Allow: INVITE, ACK, BYE, CANCEL, OPTIONS, MESSAGE, UPDATE, INFO, REGISTER, REFER, NOTIFY, PUBLISH, SUBSCRIBE<br>
Supported: timer, precondition, path, replaces<br>
WWW-Authenticate: Digest realm="<a href="http://mysip.net" target="_blank">mysip.net</a>", nonce="ce2bccbf-a27b-43c8-b7b0-a89ab429d8a7", algorithm=MD5, qop="auth"<br>
Content-Length: 0<br>
<br>
<br>
<br>
18:00:37.074969 IP 10.16.153.163.5060 > 10.16.133.66.5060: UDP, length: 672<br>
E`..f...>.6.^...^..B........REGISTER sip:<a href="http://mysip.net" target="_blank">mysip.net</a> SIP/2.0<br>
Via: SIP/2.0/UDP 10.16.153.163:5060;branch=z9hG4bK30df5010;rport<br>
Max-Forwards: 70<br>
From: <<a href="mailto:sip%3A748732@mysip.net">sip:748732@mysip.net</a>>;tag=as03431ba4<br>
To: <<a href="mailto:sip%3A748732@mysip.net">sip:748732@mysip.net</a>><br>
Call-ID: <a href="mailto:53d04cc277cfe60301bddb6d79033420@10.16.153.163">53d04cc277cfe60301bddb6d79033420@10.16.153.163</a><br>
CSeq: 103 REGISTER<br>
User-Agent: Asterisk PBX 1.6.0.22-samy-r60<br>
Authorization: Digest username="<a href="mailto:748732@mysip.net">748732@mysip.net</a>", realm="<a href="http://mysip.net" target="_blank">mysip.net</a>", algorithm=MD5, uri="sip:<a href="http://mysip.net" target="_blank">mysip.net</a>", nonce="ce2bccbf-a27b-43c8-b7b0-a89ab429d8a7", response="133a0ba843fe9f5afba67d1377fa8c11", qop=auth, cnonce="119cf18c", nc=00000001<br>
Expires: 1800<br>
Contact: <<a href="mailto:sip%3A748732@10.16.153.163">sip:748732@10.16.153.163</a>><br>
Event: registration<br>
Content-Length: 0<br>
<br>
<br>
18:00:37.081517 IP 10.16.133.66.5060 > 10.16.153.163.5060: UDP, length: 532<br>
E..0F...?.V.^..B^.........1.SIP/2.0 403 Forbidden<br>
Via: SIP/2.0/UDP 10.16.153.163:5060;branch=z9hG4bK30df5010;rport=5060<br>
From: <<a href="mailto:sip%3A748732@mysip.net">sip:748732@mysip.net</a>>;tag=as03431ba4<br>
To: <<a href="mailto:sip%3A748732@mysip.net">sip:748732@mysip.net</a>>;tag=6U61S706jjgSj<br>
Call-ID: <a href="mailto:53d04cc277cfe60301bddb6d79033420@10.16.153.163">53d04cc277cfe60301bddb6d79033420@10.16.153.163</a><br>
CSeq: 103 REGISTER<br>
User-Agent: FreeSWITCH-mod_sofia/1.0.head-git-7847289 2011-02-19 23-38-04 +0100<br>
Allow: INVITE, ACK, BYE, CANCEL, OPTIONS, MESSAGE, UPDATE, INFO, REGISTER, REFER, NOTIFY, PUBLISH, SUBSCRIBE<br>
Supported: timer, precondition, path, replaces<br>
Content-Length: 0<br>
<br>
<br>
Can somebody point me in the right direction?<br>
<br>
<br>
Thanks and best regards,<br>
<br>
John<br>
<br>
<br>
_______________________________________________<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
</blockquote></div><br></div>