[Users] trusted IP with accounting

Max Gregorian gregorian442 at googlemail.com
Tue Sep 26 18:49:45 CEST 2006 

We have a similar setup where in our case we send username:password
together, as in:

uac_replace_from("sip:username+password at foobar.com<username+password at foobar.com>
");

The whole idea in using the prepaid account setup, as I described to you,
was to have the prepaid account do the authentication for you, such that the
local accounts created from the end user point are not forwarded onto your
provider as your provider will not know what to do with them, and so they
will not authenticate..

What I would suggest is to find out how (in what form) the provider expects
to receive from you (i.e. Openser2 --->Provider). If you are already using
their service you could probably run a trace on a call or use a tool such as
ngrep to see what the packet is doing. You can then reproduce this
functionality however you choose.

The scenario I was reffering to was:


user1 ---
            |
user2 --- ---> Openser1 (local accts) ---> replace 'From' with Provider
details (username, etc) ---> Provider ---> PSTN
            |
user3 ---

Since the account sent to the Provider is a valid account any way, yo then
should not have to worry about authentication.

There may be a possibility that the provider is doing a SIP Authentication
challenge (e.g. sending a 407 or similar back), in which case you may need
to then send a valid response back. Again you really will have to confirm
this. You will then at least know how to proceed from there.


On 9/26/06, ram <talk2ram at gmail.com> wrote:
>
> Hi
>
> thanks for the reply
>
> but when iam replacing the username with provider username, account is
> rejecting
> and authorisation failure coming
>
> my setup looks like below
>
> user----Openser1---Openser2------Provider----PSTN
>
> so when the user register locally openser1,
> when  he dial to us PSTN
>
> Openser1 sending calls to openser2, its accepting since i made trusted IP
> relation
>
> but i got account from provider example XXXXXX password YYYYYY
>
> when iam replacing and sedning
>
> uac_replace_from("sip:XXXXXX at foobar.com <XXXXXX at foobar.com>");
>
> i dont mention password, so how will the user authenticate ?
>  from the provider
>
> any help on this case
>
> Ram
>
>
>
> On 9/23/06, Max Gregorian <gregorian442 at googlemail.com> wrote:
> >
> > Not sure how you would do this on Asterisk, but what I am doing with
> > mine (billing by IP) is replacing the from header in the SIP INVITE with a
> > pre-paid account number for the customer. You will need to load the UAC
> > module for this, then do something like
> >
> > if (src_ip=xxx.xxx.xxx.xxx)
> > {
> >   uac_replace_from("sip:PREPAIDACCTNO at foobar.com");
> > }
> >
> > This means that any calls made inbound to OpenSER from that IP address
> > will have the account number replaced with the pre-paid account number. How
> > you do billing is then up to you - whether using the Acc module or whether
> > something can be done on Asterisk, or even a third-party application. I have
> > heard Asterisk can send DIDs. You can then do something similar for inbound
> > DIDs from Asterisk.
> >
> > Just beware this has some rather obvious security issues, so as a start,
> > you can try having the customer add a prefix to their local account numbers
> > which you can then authenticate against. If anyone knows of a better way,
> > please don't hesitate to share.
> >
> >
> >
> >  On 9/22/06, ram < talk2ram at gmail.com> wrote:
> >
> > >  Hi all
> > >
> > > iam trying to deploy trusted IP and Accounting
> > > so iam bit confused can some one clarify me how can i achive this
> > >
> > > PSTN--OpenerSER(myserver)------------------Customer(Asterisk or ser or
> > > any predictive Dialers)---their clients
> > >
> > > 1.  how can i give access to the customer to call using his IP, and he
> > > can creat internal Number of users
> > > 2. how can i account to his IP address billing in Acc
> > > 3. how can i forward to DID from myserver to his server blindly
> > > 4. how can i bill that DID billing also, for incoming.
> > >
> > > any suggestiong will be great
> > >
> > > Ram
> > >
> > > _______________________________________________
> > > Users mailing list
> > > Users at openser.org
> > > http://openser.org/cgi-bin/mailman/listinfo/users
> > >
> > >
> > >
> >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.kamailio.org/pipermail/users/attachments/20060926/52f49d3e/attachment.htm

More information about the Users mailing list