[Users] SER behind PIX
Diego Valencia
dvalencia at ip-tel.com.ar
Tue Feb 20 23:20:37 CET 2007
Hi Ovidiu, I´m currently configured on this way on my openser:
if (!www_authorize("ser.ip-tel.com.ar",
"subscriber")) {
www_challenge("ser.ip-tel.com.ar", "0");
break;
};
Is it right?
Thanks
Diego
----- Original Message -----
From: "Ovidiu Sas" <sip.nslu at gmail.com>
To: "Diego Valencia" <dvalencia at ip-tel.com.ar>
Cc: <users at openser.org>
Sent: Tuesday, February 20, 2007 4:39 PM
Subject: Re: [Users] SER behind PIX
Hi Diego,
When you challenge the SIP UA from openSER, provide the realm and
configure the SIP UA to use that particular realm for authorization.
see: http://openser.org/docs/modules/1.2.x/auth_db.html#AEN170
(do not use an empty string for realm)
Regards,
Ovidiu Sas
On 2/20/07, Diego Valencia <dvalencia at ip-tel.com.ar> wrote:
> Hi everybody. In the topology:
>
> INTERNET
> |
> PIX (NAT static translate 200.x.x.2 to 10.1.1.2)
> |
> SER (10.1.1.2)
>
> I can´t register UA from internet.(unauthorized)
>
> The PIX is configured with the "fixup SIP" and "fixup udp SIP" commands.
> I guess there is a problem when UA generates HA1 with the external IP,
> then
> de PIX translates this to internal IP, and the SER can´t authenticate it
> by
> the erroneous hash.
>
> Anybody know some solution for it?
>
> Thanks!
>
> Diego
>
>
>
> _______________________________________________
> Users mailing list
> Users at openser.org
> http://openser.org/cgi-bin/mailman/listinfo/users
>
More information about the Users
mailing list