[Freeswitch-users] Problems with initial setup - basic nat

Anthony Minessale anthony.minessale at gmail.com
Sat Apr 26 09:20:04 PDT 2008


The blind-auth is the important one here.
sipX always sends an auth header even before we challenge it so by nature
when FeeeSWITCH sees an auth header, it automaticly tries to qualify it in
the db.  I added that blind-auth option just for someone who had the same
problem.  When set at the same time as auth-cals is false it says to ignore
the auth header.

Can we maybe take this thread and make it into a wiki page on
http://wiki.freeswitch.org


On Sat, Apr 26, 2008 at 1:09 AM, Ivan C Myrvold <ivan at myrvold.org> wrote:

> Do you mean this?
> http://wiki.freeswitch.org/wiki/Image:FreeswitchDiagram.png
>
> Ivan
>
> Den 25. april. 2008 kl. 23:47 skrev Brian West:
>
> It should be there but I can't find it. (the pretty version)
> /b
>
> On Apr 25, 2008, at 4:35 PM, Daniel Hefti wrote:
>
> Should we post this on the wiki?  J
>
> -Dan
>
> *From:* freeswitch-users-bounces at lists.freeswitch.org [
> mailto:freeswitch-users-bounces at lists.freeswitch.org<freeswitch-users-bounces at lists.freeswitch.org>
> ] *On Behalf Of *Brian West
> *Sent:* Friday, April 25, 2008 11:59 AM
> *To:* freeswitch-users at lists.freeswitch.org
> *Subject:* Re: [Freeswitch-users] Problems with initial setup - basic nat
>
> http://web.mac.com/brian.west/fs.jpg
>
> That is my ugly graph on how I setup the default config.
>
> /b
>
> On Apr 25, 2008, at 11:40 AM, Jay Reeder wrote:
>
>
> Aha… Thanks! J
>
> We're trying to do outbound calling from behind nat. So the proper
> configuration is to still call through the default.xml (port 5060) and it
> would call OUT on nat.xml (port 5070)?  In that case, what is outbound.xml
> (port 5080) used for?  Would it be for MWI and strictly freeswitch->out
> applications?
> ------------------------------
> *From:* freeswitch-users-bounces at lists.freeswitch.org [
> mailto:freeswitch-users-bounces at lists.freeswitch.org<freeswitch-users-bounces at lists.freeswitch.org>
> ] *On Behalf Of *Brian West
> *Sent:* Friday, April 25, 2008 12:25 PM
> *To:* freeswitch-users at lists.freeswitch.org
> *Subject:* Re: [Freeswitch-users] Problems with initial setup - basic nat
>
> Well first off you wouldn't use nat.xml for that.. you would clone
> default.xml and use it as a base. nat.xml is for OUTBOUND calling from
> behind nat only in the default config. its not designed to have inbound
> calls to it nor is it for registrations.
>
> /b
>
> On Apr 25, 2008, at 11:22 AM, Jay Reeder wrote:
>
>
>
> Thanks!  J
>
> I did have auth-calls set to false in nat.xml but it wasnt working.  Is
> there some other place I should have set this?
>
> Whats the difference/application/use of the sample public context versus
> the default one?  The sample nat.xml uses the public context.
>
> Thanks,
>
> Jay
>
> ------------------------------
> *From:* freeswitch-users-bounces at lists.freeswitch.org [
> mailto:freeswitch-users-bounces at lists.freeswitch.org<freeswitch-users-bounces at lists.freeswitch.org>
> ] *On Behalf Of *Brian West
> *Sent:* Friday, April 25, 2008 12:01 PM
> *To:* freeswitch-users at lists.freeswitch.org
> *Subject:* Re: [Freeswitch-users] Problems with initial setup - basic nat
>
> You could have just turned auth-calls to false and context to default and
> accomplished the same thing  ;)
>
> /b
>
> On Apr 25, 2008, at 10:55 AM, Jay Reeder wrote:
>
>
>
>
> Sorry to bug you guys.  I figured it out.
>
> In case anyone else is just learning to crawl with freeswitch.
>
> I enabled the following in the sip_profiles to get around the
> authorization errors (for now):
>
>     <!--  comment the next line and uncomment one or both of the other 2
> lines for call authentication -->
>     <param name="accept-blind-reg" value="true"/>
>
>     <!-- accept any authentication without actually checking (not a good
> feature for most people) -->
>     <param name="accept-blind-auth" value="true"/>
>
> Then I started receiving a 404 route not found so I modified the public
> dialplan with the following:
>
>     <extension name="public_call">
>       <condition field="destination_number" expression="^(.*)$">
>         <action application="bridge" data="sofia/gateway/gafachi/$1"/>
>       </condition>
>     </extension>
>
> Then I wasnt getting 2-way audio so I changed the sip profile for nat
> (which Im using internally) and set the ext-sip-ip and the ext-rtp-ip to the
> same value as the rtp-ip and the sip-ip (since Im only using for internal
> nat through firewall to sip provider):
>
> <!--    <param name="ext-rtp-ip" value="$${external_rtp_ip}"/> -->
> <!--    <param name="ext-sip-ip" value="$${external_sip_ip}"/> -->
>     <param name="ext-rtp-ip" value="$${local_ip_v4}"/>
>     <param name="ext-sip-ip" value="$${local_ip_v4}"/>
>
>
> And now I have calls routed by sipx to freeswitch and through the firewall
> to our internet sip provider.  Obviously the current configuration isnt
> secure but its enough to get things going.
>
>
>
>
> ------------------------------
> *From:* freeswitch-users-bounces at lists.freeswitch.org [
> mailto:freeswitch-users-bounces at lists.freeswitch.org<freeswitch-users-bounces at lists.freeswitch.org>
> ] *On Behalf Of *Jay Reeder
> *Sent:* Thursday, April 24, 2008 4:40 PM
> *To:* freeswitch-users at lists.freeswitch.org
> *Subject:* [Freeswitch-users] Problems with initial setup - basic nat
>
> Were setting up a SipXecs server in-house to manage about 20-30 polycom
> sip phones.  We have an Audiocodes Mediant 2000 to use as a gateway but for
> testing I was also trying to setup sip in/out dialing through the firewall.
> Ive wanted a reason to start playing with freeswitch so I thought this would
> be an excellent opportunity to use freeswitch for the Nat traversal.
>
> Ive been through the wiki and reviewed list archives but Im missing
> something.
>
> I have RC3 on Centos (initially a trixswitch load but then upgraded to the
> new RC3) with the standard config files.  I did remove the older ones and
> re-installed the samples.
>
> This is a pretty basic install with a gafachi gateway setup for the
> outbound sip profile, and the firewalls external ip setup for the
> external_rtp and external_sip values (in vars.xml), and the firewall port
> forwards all recommended ports(from wiki getting started page) into
> freeswitch.
>
> This is where Im stuck.  I have sipx attempting to send calls to
> Freeswitch on port 5070 (for nat) but Freeswitch wont accept the call and is
> logging:
>
> 2008-04-24 16:20:26 [DEBUG] sofia.c:219 sofia_event_callback() event
> [nua_i_state] status [407][Proxy Authentication Required] session: n/a
>
> The nat sip_profile is setup per default to answer port 5070 and
> authentication (per default) is disabled.
>
> Im sure its something obvious but what am I missing?
>
> Thanks,
>
> Jay
> _______________________________________________
> Freeswitch-users mailing list
> Freeswitch-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>
>
>
> Brian West
> sip:brian at freeswitch.org
>
>
>
> _______________________________________________
> Freeswitch-users mailing list
> Freeswitch-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>
>
> Brian West
> sip:brian at freeswitch.org
>
>
>
> _______________________________________________
> Freeswitch-users mailing list
> Freeswitch-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>
> Brian West
> sip:brian at freeswitch.org
>
>
>
> _______________________________________________
> Freeswitch-users mailing list
> Freeswitch-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>
> Brian West
> sip:brian at freeswitch.org
>
>
>
> _______________________________________________
> Freeswitch-users mailing list
> Freeswitch-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>
>
> _______________________________________________
> Freeswitch-users mailing list
> Freeswitch-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>


-- 
Anthony Minessale II

FreeSWITCH http://www.freeswitch.org/
ClueCon http://www.cluecon.com/

AIM: anthm
MSN:anthony_minessale at hotmail.com <MSN%3Aanthony_minessale at hotmail.com>
GTALK/JABBER/PAYPAL:anthony.minessale at gmail.com<PAYPAL%3Aanthony.minessale at gmail.com>
IRC: irc.freenode.net #freeswitch

FreeSWITCH Developer Conference
sip:888 at conference.freeswitch.org <sip%3A888 at conference.freeswitch.org>
iax:guest at conference.freeswitch.org/888
googletalk:conf+888 at conference.freeswitch.org<googletalk%3Aconf%2B888 at conference.freeswitch.org>
pstn:213-799-1400
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20080426/5fd27534/attachment-0002.html 


More information about the FreeSWITCH-users mailing list