[Freeswitch-users] Two Major Problems

Fraser Redmond fraserredmond at gmail.com
Fri Apr 9 12:13:05 PDT 2010 

I think you'll want to change it to:

    <list name="domains" default="deny">

      <node type="allow" cidr ="10.10.3.10/32"/>

      <node type="allow" cidr ="10.10.3.11/32"/>

    </list>


Cheers,
Fraser




On Fri, Apr 9, 2010 at 6:07 PM, Ken Fulmer <
kenfulmer at icstechnologysolutions.com> wrote:

>  Per your suggestion, I changed the following in the
> conf/autoload_configs/acl.conf.xml file:
>
>
>
>     <list name="domains" default="deny">
>
>       <node type="allow" domain="10.10.3.10"/>
>
>       <node type="allow" domain="10.10.3.11"/>
>
>     </list>
>
>
>
> 10.10.3.10 and 10.10.3.11 are the ip addresses of our internal servers.
> However, the calls still fail with the 407 Proxy Authentication Required
> message.
>
>
>
> I get the following log output when I issue the command, reloadacl:
>
>
>
> 2010-04-09 12:06:31.259954 [NOTICE] switch_core.c:954 Created ip list
> rfc1918.auto default (deny)
>
> freeswitch at internal> 2010-04-09 12:06:31.259954 [NOTICE]
> switch_utils.c:195 Adding 10.0.0.0/8 (allow) [] to list rfc1918.auto
>
> 2010-04-09 12:06:31.259954 [NOTICE] switch_utils.c:195 Adding
> 172.16.0.0/12 (allow) [] to list rfc1918.auto
>
> 2010-04-09 12:06:31.259954 [NOTICE] switch_utils.c:195 Adding
> 192.168.0.0/16 (allow) [] to list rfc1918.auto
>
> 2010-04-09 12:06:31.259954 [NOTICE] switch_core.c:962 Created ip list
> wan.auto default (allow)
>
> 2010-04-09 12:06:31.259954 [NOTICE] switch_utils.c:195 Adding 10.0.0.0/8(deny) [] to list wan.auto
>
> 2010-04-09 12:06:31.259954 [NOTICE] switch_utils.c:195 Adding
> 172.16.0.0/12 (deny) [] to list wan.auto
>
> 2010-04-09 12:06:31.259954 [NOTICE] switch_utils.c:195 Adding
> 192.168.0.0/16 (deny) [] to list wan.auto
>
> 2010-04-09 12:06:31.259954 [NOTICE] switch_core.c:970 Created ip list
> nat.auto default (deny)
>
> 2010-04-09 12:06:31.259954 [NOTICE] switch_core.c:972 Adding
> 10.10.3.12/255.255.255.128 (deny) to list nat.auto
>
> 2010-04-09 12:06:31.259954 [NOTICE] switch_utils.c:195 Adding 10.0.0.0/8(allow) [] to list nat.auto
>
> 2010-04-09 12:06:31.259954 [NOTICE] switch_utils.c:195 Adding
> 172.16.0.0/12 (allow) [] to list nat.auto
>
> 2010-04-09 12:06:31.259954 [NOTICE] switch_utils.c:195 Adding
> 192.168.0.0/16 (allow) [] to list nat.auto
>
> 2010-04-09 12:06:31.259954 [NOTICE] switch_core.c:981 Created ip list
> loopback.auto default (deny)
>
> 2010-04-09 12:06:31.259954 [NOTICE] switch_utils.c:195 Adding 127.0.0.0/8(allow) [] to list loopback.auto
>
> 2010-04-09 12:06:31.259954 [NOTICE] switch_core.c:987 Created ip list
> localnet.auto default (deny)
>
> 2010-04-09 12:06:31.259954 [NOTICE] switch_core.c:990 Adding
> 10.10.3.12/255.255.255.128 (allow) to list localnet.auto
>
> 2010-04-09 12:06:31.259954 [NOTICE] switch_core.c:1015 Created ip list
> domains default (deny)
>
> 2010-04-09 12:06:31.259954 [WARNING] switch_core.c:1046 Cannot locate
> domain 10.10.3.10
>
> 2010-04-09 12:06:31.259954 [WARNING] switch_core.c:1046 Cannot locate
> domain 10.10.3.11
>
>
>
> Am I doing something incorrectly?
>
>
>
> Thanks,
>
>
>
> Ken
>
>
>
> *From:* freeswitch-users-bounces at lists.freeswitch.org [mailto:
> freeswitch-users-bounces at lists.freeswitch.org] *On Behalf Of *Michael
> Collins
> *Sent:* Thursday, April 08, 2010 6:25 PM
> *To:* freeswitch-users at lists.freeswitch.org
> *Subject:* Re: [Freeswitch-users] Two Major Problems
>
>
>
>
>
> On Thu, Apr 8, 2010 at 3:18 PM, Ken Fulmer <
> kenfulmer at icstechnologysolutions.com> wrote:
>
> Actually, I did purchase a license and installed it today. One call
> establishes at 729. When I hang up the phone and try again, it’s 711.
>
> Make sure that the encoder/decoder isn't still in use prior to trying the
> second call. After you hang up, do a "show channels" and see if the call is
> still "up" or not. Also, do "g729_status" to see if the encoder or decoder
> is in use. Keep doing "g729_status" until the 'coders are not in use. If
> there is a long delay then open up a JIRA ticket on jira.freeswitch.org.
>
>
>
> The Proxy Authentication Required is being sent by FreeSwitch to the
> internal PBX. I have registration disabled on the FreeSwitch gateway and the
> internal server.
>
> By default the SIP profile will challenge if the IP address of the caller
> is not in the ACL. Open conf/autoload_configs/acl.conf.xml and locate the
> "domains" node. Add your PBX's IP address. You'll see an example in the
> comments. Once you're done editing, save the file and then go to the fs_cli
> and do:
> reloadacl reloadxml
>
> Then make a call from PBX to FS and it should go through.
> -MC
>
>
>
> _______________________________________________
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20100409/133209d1/attachment-0041.html

More information about the FreeSWITCH-users mailing list