<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
Hi Vitalie<br>
<br>
Thank you very much for the hint, enabling <param
name="NDLB-force-rport" value="true"/> worked and the phone was
able to register.<br>
<br>
Watching the siptrace, one thing bothers me. Immediately after the
phone registers, FS sends a NOTIFY but it looks like this is sent to
the wrong port (i.e. it doesn't use the rport value). Is this
correct? Pastebin copy of the transcript is here:
<a class="moz-txt-link-freetext" href="http://pastebin.com/S2LWzrY7">http://pastebin.com/S2LWzrY7</a><br>
<br>
I also decided to see if the Aastra phones had a setting to enable
rport and it turned out they did. I tried enabling this and setting
"NDLB-force-rport" back to false in the FS profile but this resulted
in the phone being unable to register again. It gets further than
before in that it replies to the FS server request for
authorization, however, it seems the phone then tries to register
again (this time specifying the rport value for the port in the
Contact header), FS replies again with a 200 OK but the phone
displays "No Service" and doesn't think it is registered. Running
"sofia status profile internal" from the fs_cli seems to show the
phone as registered twice (see: <a class="moz-txt-link-freetext" href="http://pastebin.com/PUWLNm7a">http://pastebin.com/PUWLNm7a</a> ). For
a pastebin of the complete registration transcript under this
scenario, please see: <a class="moz-txt-link-freetext" href="http://pastebin.com/nRk8inVR">http://pastebin.com/nRk8inVR</a><br>
<br>
Kind Regards,<br>
Charlie<br>
<br>
<br>
<br>
On 22/11/2011 08:16, Vitalie Colosov wrote:
<blockquote
cite="mid:CACc3D0UBAXVCvkUg_dSp9cR6nHtL9xYOzKkEAfWXbGov03sGuQ@mail.gmail.com"
type="cite">Most probably some NAT issue happens on the client
side.
<div><br>
<div>Router is not doing port translation as required.</div>
<div><br>
<div>FS replies to a port which is indicated in REGISTER
request (correct), however client expects the reply on a
different port.</div>
<div><br>
</div>
<div>Try to enable <span class="Apple-style-span"
style="font-family: monospace; line-height: 11px;
white-space: pre; background-color: rgb(255, 255, 255); "><param
name="NDLB-force-rport" value="true"</span><span
class="Apple-style-span" style="font-family: monospace;
line-height: 11px; white-space: pre; background-color:
rgb(255, 255, 255); ">/> in the profile.</span></div>
<div><span class="Apple-style-span" style="font-family:
monospace; line-height: 11px; white-space: pre;
background-color: rgb(255, 255, 255); "><br>
</span></div>
<div><a moz-do-not-send="true"
href="http://wiki.freeswitch.org/wiki/Sofia_Configuration_Files#NDLB_.28A.K.A._No_device_left_behind.29">http://wiki.freeswitch.org/wiki/Sofia_Configuration_Files#NDLB_.28A.K.A._No_device_left_behind.29</a></div>
<div><br>
</div>
<div><br>
</div>
<div>Please reply if this helped.</div>
<div><br>
</div>
<div>Vitalie<br>
<br>
<div class="gmail_quote">2011/11/21 Charlie Orford <span
dir="ltr"><<a moz-do-not-send="true"
href="mailto:charlie.orford@attackplan.net">charlie.orford@attackplan.net</a>></span><br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div bgcolor="#FFFFFF" text="#000000"> <font
face="Arial">Hello list<br>
<br>
I am an asterisk refugee and currently in the midst
of moving our voip platform across to freeswitch.
The goal is to have FS in the cloud (on a dedicated
Linode virtual machine running Debian Squeeze), with
all office phones (Aastra 57i units) connecting via
the public internet.<br>
<br>
FS is compiled and running on the linode machine
(using the latest git build from a week ago). It is
setup to listen on the public IP only so there is no
NAT happening at the server end. All relevant
firewall ports are open (tcp/udp 5060, tcp/udp 5080
and udp 16384:32768).<br>
<br>
Because our office net connection has a dynamic IP,
we are using (or trying to use) digest
authentication rather than ACLs in order to control
user/extension access to the internal sip profile.<br>
<br>
The problem:<br>
<br>
For some reason, none of our phones are able to
successfully register with FS. Running fs_cli with
logging at 7 and enabling </font>"sofia global
siptrace on" shows that the phones make contact and
try to REGISTER but when FS replies with a 401
Unauthorized and requests the phone authenticate via
digest, the phone seems to ignore this and just
repeatedly keeps sending the same original REGISTER
request with no accompanying Authorization header.<br>
<br>
My hunch is that the problem must lie with the phone
or our router rather than FS but I'm a little out of
my depth with this problem and so would appreciate any
insight or advice.<br>
<br>
<br>
For a transcript of a failed registration between our
FS server and a phone at the office, please see: <a
moz-do-not-send="true"
href="http://pastebin.com/1qRudrvE" target="_blank">http://pastebin.com/1qRudrvE</a>
(note: server and phone ip has been changed to protect
the innocent).<br>
<br>
I also have a screen shot of the phone's SIP config
here: <span
style="font-size:10pt;font-family:"Arial","sans-serif""><a
moz-do-not-send="true"
href="http://imgur.com/2lwiN" target="_blank">http://imgur.com/2lwiN</a>
(</span><span>we are running the latest publically
available Aastra firmware on the phones - v3.2.2.56)</span>.<br>
<span><br>
Finally, in case it is relevant, the router at the
office is a Draytek Vigor 2600 ADSL router (about 5
years old now but working happily as far as we
know).<br>
<br>
<br>
Thanks + Regards,<br>
<font color="#888888"> Charlie<br>
<br>
<br>
</font></span><br>
<br>
<font face="Arial"><br>
</font> </div>
<br>
_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a moz-do-not-send="true"
href="mailto:consulting@freeswitch.org">consulting@freeswitch.org</a><br>
<a moz-do-not-send="true"
href="http://www.freeswitchsolutions.com"
target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
FreeSWITCH-powered IP PBX: The CudaTel Communication
Server<br>
<a moz-do-not-send="true" href="http://www.cudatel.com"
target="_blank">http://www.cudatel.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a moz-do-not-send="true"
href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<a moz-do-not-send="true"
href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br>
<a moz-do-not-send="true" href="http://www.cluecon.com"
target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a moz-do-not-send="true"
href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a moz-do-not-send="true"
href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users"
target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a moz-do-not-send="true"
href="http://lists.freeswitch.org/mailman/options/freeswitch-users"
target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a moz-do-not-send="true"
href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<br>
</blockquote>
</div>
<br>
</div>
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_________________________________________________________________________
Professional FreeSWITCH Consulting Services:
<a class="moz-txt-link-abbreviated" href="mailto:consulting@freeswitch.org">consulting@freeswitch.org</a>
<a class="moz-txt-link-freetext" href="http://www.freeswitchsolutions.com">http://www.freeswitchsolutions.com</a>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server
<a class="moz-txt-link-freetext" href="http://www.cudatel.com">http://www.cudatel.com</a>
Official FreeSWITCH Sites
<a class="moz-txt-link-freetext" href="http://www.freeswitch.org">http://www.freeswitch.org</a>
<a class="moz-txt-link-freetext" href="http://wiki.freeswitch.org">http://wiki.freeswitch.org</a>
<a class="moz-txt-link-freetext" href="http://www.cluecon.com">http://www.cluecon.com</a>
FreeSWITCH-users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.freeswitch.org</a>
<a class="moz-txt-link-freetext" href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a>
UNSUBSCRIBE:<a class="moz-txt-link-freetext" href="http://lists.freeswitch.org/mailman/options/freeswitch-users">http://lists.freeswitch.org/mailman/options/freeswitch-users</a>
<a class="moz-txt-link-freetext" href="http://www.freeswitch.org">http://www.freeswitch.org</a>
</pre>
</blockquote>
<br>
</body>
</html>