<p>Ahmed,</p>
<p>Could you send an wireshark trace to the list? It will be easier to check what's going wrong.</p>
<p>Besta regards,</p>
<p>Antonio Anderson M. Souza<br>
Voice Technology<br>
<a href="http://www.antonioams.com">http://www.antonioams.com</a></p>
<p><blockquote type="cite">Em 29/04/2010 11:47, "Ahmed Munir" <<a href="mailto:ahmedmunir007@gmail.com">ahmedmunir007@gmail.com</a>>escreveu:<br><br><div>Hi,</div>
<div> </div>
<div>I've configured OpenSIPs with FreeRadius, the version for OpenSIPs I'm using is 1.6.1 and FreeRadius verison is update 2 date. When I register 2 sofphone, they got authenticated and authorized by radius and got registered sucessfully. Even I made calls between two softphone sucessfully(Can hear one another). The UAS configured on different network means hosted with public IP and my softphones are registered other and NATed network. I mapped a DID on UAS and mapped it on my one of my softphone. The problem I'm facing is when call coming from DID and ring my phone the caller can hear me but I can't hear the caller(one way calling issue). But not facing the problem on when calling between to sip clients and also calling from OpenSIPs to Asterisk. The configuration and cases for OpenSIPs is listed down below;</div>
<div> </div>
<div> </div>
<div>UAC--------------> UAS(OpenSIPs) ---------------------> UAC two way voice is establised</div>
<div>
<div>UAC--------------> UAS(OpenSIPs) ---------------------> Asterisk --------------------> UAC two way voice is establised</div>
<div>PSTN--------------> UAS(OpenSIPs) ---------------------> UAC one way voice is establised</div></div>
<div>(hears the dest voice) (can't hear caller voice)</div>
<div> </div>
<div> </div>
<div>#loadmodule "auth_diameter.so"<br>loadmodule "aaa_radius.so" <br>loadmodule "auth_aaa.so"<br>loadmodule "permissions.so"<br>loadmodule "nathelper.so"<br>#--------------------------------Settings For Radius-------------------------------------<br>
#modparam("auth_diameter", "diameter_client_host", "localhost")<br>modparam("aaa_radius", "radius_config","/usr/etc/radiusclient-ng/radiusclient.conf")<br>modparam("acc", "aaa_url", "radius:/usr/etc/radiusclient-ng/radiusclient.conf")<br>
modparam("acc", "aaa_flag", 2)<br>modparam("acc", "aaa_missed_flag", 3)<br>modparam("acc", "aaa_extra", "User-Name=$Au; \<br> Calling-Station-Id=$from; \<br>
Called-Station-Id=$to; \<br> Sip-Translated-Request-URI=$ruri; \<br> Sip-RPid=$avp(s:rpid); \<br> Source-IP=$si; \<br> Source-Port=$sp; \<br> Canonical-URI=$avp(s:can_uri); \<br> Billing-Party=$avp(s:billing_party); \<br>
Divert-Reason=$avp(s:divert_reason); \<br> X-RTP-Stat=$hdr(X-RTP-Stat); \<br> Contact=$hdr(contact); \<br> Event=$hdr(event); \<br> SIP-Proxy-IP=$avp(s:sip_proxy_ip); \<br> ENUM-TLD=$avp(s:enum_tld)")<br>
modparam("auth_aaa","aaa_url","radius:/usr/etc/radiusclient-ng/radiusclient.conf")<br>modparam("auth", "rpid_prefix", "<sip:") <br>modparam("auth", "rpid_suffix", "@<a href="http://11.22.33.44" target="_blank">11.22.33.44</a>>;screen=yes;privacy=off")<br>
modparam("auth", "rpid_avp", "$avp(s:rpid)")<br>#modparam("uri","service_type",10)<br># ----------------- setting module-specific parameters ---------------<br>modparam("dispatcher", "db_url", "mysql://opensips:opensipsrw@localhost/opensips")<br>
modparam("permissions", "db_url", "mysql://opensips:opensipsrw@localhost/opensips")<br>#----------------- setting NAT module parameters ---------------------<br>modparam("nathelper","ping_nated_only",1)<br>
modparam("nathelper", "natping_interval", 30)<br>modparam("nathelper","natping_processes",1)<br>#modparam("nathelper","rtpproxy_sock","udp:<a href="http://127.0.0.1:7890" target="_blank">127.0.0.1:7890</a>")<br>
modparam("nathelper","rtpproxy_sock"," ")<br>modparam("nathelper","received_avp","$avp(i:42)")<br>#modparam("nathelper", "sipping_bflag", 7)<br>
modparam("usrloc", "nat_bflag", 6)<br>####### Routing Logic ########</div>
<div># main request routing logic<br>route{<br> if (!mf_process_maxfwd_header("10")) {<br> sl_send_reply("483","Too Many Hops");<br> exit;<br> }<br> <br> #NAT detection<br> log("######################################### Go to Route 3 for NAT Detection #####################################"); <br>
route(3);<br> if (has_totag()) {<br> # sequential request withing a dialog should<br> # take the path determined by record-routing<br> if (loose_route()) {<br> if (is_method("BYE")) {<br> setflag(1); # do accounting ...<br>
setflag(3); # ... even if the transaction fails<br> } else if (is_method("INVITE")) {<br> # even if in most of the cases is useless, do RR for<br> # re-INVITEs alos, as some buggy clients do change route set<br>
# during the dialog.<br> record_route();<br> }<br> # route it out to whatever destination was set by loose_route()<br> # in $du (destination URI).<br> route(1);<br> } else {<br> if ( is_method("ACK") ) {<br>
if ( t_check_trans() ) {<br> # non loose-route, but stateful ACK; must be an ACK after <br> # a 487 or e.g. 404 from upstream server<br> t_relay();<br> exit;<br> } else {<br> # ACK without matching transaction -><br>
# ignore and discard<br> exit;<br> }<br> }<br> sl_send_reply("404","Not here");<br> }<br> exit;<br> }<br> #initial requests<br> # CANCEL processing<br> if (is_method("CANCEL"))<br>
{<br> if (t_check_trans())<br> t_relay();<br> exit;<br> }<br> t_check_trans();<br></div>
<div> if (loose_route()) {<br> xlog("L_ERR",<br> "Attempt to route with preloaded Route's [$fu/$tu/$ru/$ci]");<br> if (!is_method("ACK"))<br> sl_send_reply("403","Preload Route denied");<br>
exit;<br> }<br> # record routing<br> if (!is_method("REGISTER|MESSAGE"))<br> record_route();</div>
<div> </div>
<div> #$avp(i:27)=check_source_address("0");<br> #xlog("Check Source Address from Address TABLE : $(avp(i:27))\n");<br> $avp(s:checksrc) = check_source_address("0");<br> log("###########################################################################################\n");<br>
xlog("Check Source Address from Address TABLE Where Value 1 is Equal to True: $(avp(s:checksrc))\n");<br> log("###########################################################################################\n");<br>
# account only INVITEs<br> #if (is_method("INVITE")){<br> # log("############################### INVITE FUNCTION 1 ###################################");<br> # setflag(1); # do accounting<br>
#}</div>
<div><br> xlog("incoming from $si : $sp \n");<br> if (check_source_address("0")) {<br> if (is_method("INVITE")){</div>
<div> if(uri=~"^sip:1234567@"){</div>
<div> </div>
<div> rewriteuser("4004"); # my phone DN<br> log("#################### INVITE FUNCTION 1 ####################");<br> setflag(1); # do accounting</div>
<div> }<br> }<br> }<br> <br> <br> if (!uri==myself)<br> ## replace with following line if multi-domain support is used<br> ##if (!is_uri_host_local())<br> {<br> append_hf("P-hint: outbound\r\n"); <br>
# if you have some interdomain connections via TLS<br> ##if($rd=="<a href="http://tls_domain1.net" target="_blank">tls_domain1.net</a>") {<br> ## t_relay("tls:<a href="http://domain1.net" target="_blank">domain1.net</a>");<br>
## exit;<br>
##} else if($rd=="<a href="http://tls_domain2.net" target="_blank">tls_domain2.net</a>") {<br> ## t_relay("tls:<a href="http://domain2.net" target="_blank">domain2.net</a>");<br> ## exit;<br> ##}<br>
route(1);<br> }<br> if(uri==myself)<br>
{<br> log("########################################### URI == MYSELF ########################################");<br> if(method=="REGISTER")<br> {<br> route(2);<br> }<br> <br> append_hf("P-hint: usrloc applied\r\n"); <br>
}<br> # requests for my domain<br> ## uncomment this if you want to enable presence server <br> ## and comment the next 'if' block<br> ## NOTE: uncomment also the definition of route[2] from below<br> ##if( is_method("PUBLISH|SUBSCRIBE"))<br>
## route(2);<br> if (is_method("PUBLISH"))<br> {<br> sl_send_reply("503", "Service Unavailable");<br> exit;<br> }<br> <br> if (is_method("REGISTER"))<br> {<br> route(2);<br> }<br>
if ($rU==NULL) {<br> # request with no Username in RURI<br> sl_send_reply("484","Address Incomplete");<br> exit;<br> }<br> # apply DB based aliases (uncomment to enable)<br> ##alias_db_lookup("dbaliases");<br>
# do lookup with method filtering<br> if (!lookup("location","m")) {<br> switch ($retcode) {<br> case -1:<br> log("############################# LOOKUP LOCATION FLAG -1 PASS #################################");<br>
#ds_select_dst("1","4");<br> log("############################# DO ACCOUNTING ON RADIUS ######################################"); <br> setflag(2);<br> log("############################# SEND CALL TO ASTERISK #######################################");<br>
rewritehostport("<a href="http://11.22.33.45:5060" target="_blank">11.22.33.45:5060</a>");<br> #forward();<br> log("############################# CALL IS GOING IN STATEFULL MANNER ############################");<br>
t_relay();<br> log("############################# CALL ROUTING TO ROUTE 1 ######################################"); <br> route(1);<br> exit;<br> case -3:<br> log("############################ LOOKUP LOCATION FLAG -3 PASS #################################");<br>
t_newtran();<br> t_reply("404", "Not Found");<br> exit;<br> case -2:<br> log("############################ LOOKUP LOCATION FLAG -2 PASS #################################");<br>
sl_send_reply("405", "Method Not Allowed");<br> exit;<br> }<br> }<br> # when routing via usrloc, log the missed calls also<br> setflag(2);<br> <br> log("############################# LOOKUP LOCATION FLAG 1 PASS ########################################");<br>
route(1);<br>}</div>
<div>route[1] {<br> # for INVITEs enable some additional helper routes<br> #if (is_method("INVITE") && check_source_address("0")) {<br> if (is_method("INVITE")) {<br> log("################################ INVITE ROUTE 1 Function ##################################");<br>
t_on_branch("2");<br> t_on_reply("2");<br> t_on_failure("1");<br> #ds_select_dst("1","4");<br> #forward();<br> }<br> if (subst_uri('/(sip:.*);nat=yes/\1/')){<br>
log("################################ IF SUBSTR CONTAINS NAT=YES ################################");<br> setbflag(6);<br> };<br> if (isflagset(5)||isbflagset(6)) {<br> log("################################ CHECK FLAGSET AND ROUTE TO 4 ###############################");<br>
route(4);<br> }<br> if (!t_relay()) {<br> sl_reply_error();<br> };<br> exit;<br>}</div>
<div> </div>
<div>route[2]<br>{<br></div>
<div> log("######################################## AAA-REGISTRATION #######################################");<br> if (!aaa_www_authorize("11.22.33.44"))<br> {<br> www_challenge("11.22.33.44", "1");<br>
return;<br> # #exit;<br> }<br> #else<br> #{<br> # t_reply("405","UnAuhorized");<br> # exit();<br> #}<br> if(isflagset(5))<br> {<br> log("################################### IF FLAG SET IS 5 ##################################");<br>
# set branch flag -- when someone will call this user<br> # the INVITE will have branch flag 6 set after lookup("location")<br> setbflag(6);<br> # if you want OPTIONS natpings uncomment next<br>
# setbflag(7);<br> }</div>
<div> if (!save("location"))<br> sl_reply_error();<br> <br> exit;<br>}<br>route[3]<br>{<br> log("################################ FUNCTION ROUTE 3 NAT DETECTION ################################");<br>
force_rport();<br> if (nat_uac_test("19")) {<br> if (method=="REGISTER") {<br> fix_nated_register();<br> } else {<br> fix_nated_contact();<br> };<br> setflag(5);<br> };<br>}<br>route[4] <br>{<br>
log("################################ FUNCTION ROUTE 4 RTP PROXY ################################");<br> if (is_method("BYE")) {<br> unforce_rtp_proxy();<br> } else if (is_method("INVITE")){<br>
force_rtp_proxy();<br> #t_on_failure("2");<br> t_on_failure("3");<br> };<br> if (isflagset(5))<br> search_append('Contact:.*sip:[^>[:cntrl:]]*', ';nat=yes');<br> #t_on_reply("1");<br>
t_on_reply("3");<br>}</div>
<div> </div>
<div>branch_route[2] {<br> xlog("new branch at $ru\n");<br>}</div>
<div>onreply_route[2] {<br> xlog("incoming reply\n");<br>}</div>
<div>failure_route[1] {<br> if (t_was_cancelled()) {<br> exit;<br> }<br> # uncomment the following lines if you want to block client <br> # redirect based on 3xx replies.<br> ##if (t_check_status("3[0-9][0-9]")) {<br>
##t_reply("404","Not found");<br> ## exit;<br> ##}<br> # uncomment the following lines if you want to redirect the failed <br> # calls to a different new destination<br> ##if (t_check_status("486|408")) {<br>
## sethostport("<a href="http://192.168.2.100:5060" target="_blank">192.168.2.100:5060</a>");<br> ## # do not set the missed call flag again<br> ## t_relay();<br> ##}<br>}<br>failure_route[3] {<br> log("################################ FAILURE ROUTE 3 FUNCTION ################################");<br>
if (isbflagset(6) || isflagset(5)) {<br> unforce_rtp_proxy();<br> }<br>}<br>onreply_route[3] {<br> log("################################ ONREPLY ROUTE 3 FUNCTION ################################");<br>
<br> if ((isflagset(5) || isbflagset(6)) && status=~"(183)|(2[0-9][0-9])") {<br> force_rtp_proxy();<br> }<br> search_append('Contact:.*sip:[^>[:cntrl:]]*', ';nat=yes');<br> if (isbflagset(6)) {<br>
fix_nated_contact();<br> }<br> exit;<br>} <br clear="all"></div>
<div> </div>
<div> </div>
<div>Kindly help me out with this problem, in which other section Natting is required?(or am I missing something in the configuration?) Please assist me on it.<br></div>
<div>-- <br>Regards,<br><br>Ahmed Munir<br><br><br></div>
<br>_______________________________________________<br>
Users mailing list<br>
<a href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a><br>
<a href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users" target="_blank">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a><br>
<br></blockquote></p>