opensips and asterisk

classic Classic list List threaded Threaded
12 messages Options
Reply | Threaded
Open this post in threaded view
|

opensips and asterisk

wüber
Hello,

I'd like to have Opensips and Asterisk on two different networks (and
different sip domains), and make each ua in Opensips domain reachable
from the ua in Asterisk domain and vice versa.

how should I configure Opensips (and Asterisk, if anybody knows)?

thanks for your support!

_______________________________________________
Users mailing list
[hidden email]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: opensips and asterisk

Bogdan-Andrei Iancu
Hi Carmelo,

routing between different SIP domains in typically done via DNS
(resolving the DNS part of the RURI).

OpenSIPS supports this by default - if you check the default config file
that comes with OpenSIPS, you will find the section when calls targeting
other domains are routed - also check the webinar on the default cfg.

Regards,
Bogdan

Carmelo D wrote:

> Hello,
>
> I'd like to have Opensips and Asterisk on two different networks (and
> different sip domains), and make each ua in Opensips domain reachable
> from the ua in Asterisk domain and vice versa.
>
> how should I configure Opensips (and Asterisk, if anybody knows)?
>
> thanks for your support!
>
> _______________________________________________
> Users mailing list
> [hidden email]
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
>  


--
Bogdan-Andrei Iancu
www.voice-system.ro


_______________________________________________
Users mailing list
[hidden email]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: opensips and asterisk

wüber
Hi Bogdan,

connecting Opensips with Asterisk I can see that if a client registered on Opensips server tries to make a call to a client in Asterisk domain, after the INVITE, it receives a "forbidden" message from asterisk. I have set the forwarding functionality in Opensips (rewriteuri function) and I'm pretty sure it's something related to asterisk.

Perhaps this is not the right section, but anyway could you help me? Do you know what I should set in the sip.conf of Asterisk config file?

Thanks a lot,
Carmelo
Reply | Threaded
Open this post in threaded view
|

Re: opensips and asterisk

David J.-2
You need to add a route in your extensions.conf in the context where you
send all un-authenticated calls.
Maybe its your default context?

[default]

exten =  1001,1,Dial(SIP/1001,10,tTr);




On 5/4/10 9:02 AM, wüber wrote:

> Hi Bogdan,
>
> connecting Opensips with Asterisk I can see that if a client registered on
> Opensips server tries to make a call to a client in Asterisk domain, after
> the INVITE, it receives a "forbidden" message from asterisk. I have set the
> forwarding functionality in Opensips (rewriteuri function) and I'm pretty
> sure it's something related to asterisk.
>
> Perhaps this is not the right section, but anyway could you help me? Do you
> know what I should set in the sip.conf of Asterisk config file?
>
> Thanks a lot,
> Carmelo
>    


_______________________________________________
Users mailing list
[hidden email]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: opensips and asterisk

wüber
The problem seems to be not only in the extensions.conf file, but also in the sip.conf file.
I still get this forbidden message!
Reply | Threaded
Open this post in threaded view
|

Re: opensips and asterisk

David J.-2
Check in the SIP.conf where you send all unauthenticated calls.



On 5/4/10 11:45 AM, wüber wrote:
> The problem seems to be not only in the extensions.conf file, but also in the
> sip.conf file.
> I still get this forbidden message!
>    


_______________________________________________
Users mailing list
[hidden email]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: opensips and asterisk

Brett Nemeroff
In reply to this post by wüber
Carmelo,
If you have an SIP peer that matches the host and port of the opensips server.. ie:
[opensips]
type=friend
host=<ip of opensips.
port=<port of opensips> (can be omitted if port 5060)

Then it'll match that.. typically if it's coming from opensips you'll want to add:
insecure=invite

so that opensips won't be challenged to authenticate. Also be sure there is no secret set.

I personally wouldn't do this using the default context as the other posters had recommended as that will allow *anyone* to send traffic to your asterisk server. Which I don't believe is what you really want to do. Instead, create a peer that is limited by IP and PORT allowed to send invites without a secret.

Also be sure that the context for that peer is set to the right context and that if from the asterisk CLI you type:
dialplan show <RURI username>@<opensips context>
that it matches something you'd expect.

On another note, are you performing a consume credentials? I think it *might* be possible that opensips is forwarding your UAC's credentials on to Asterisk if you are not..

-Brett


On Tue, May 4, 2010 at 8:02 AM, wüber <[hidden email]> wrote:

Hi Bogdan,

connecting Opensips with Asterisk I can see that if a client registered on
Opensips server tries to make a call to a client in Asterisk domain, after
the INVITE, it receives a "forbidden" message from asterisk. I have set the
forwarding functionality in Opensips (rewriteuri function) and I'm pretty
sure it's something related to asterisk.

Perhaps this is not the right section, but anyway could you help me? Do you
know what I should set in the sip.conf of Asterisk config file?

Thanks a lot,
Carmelo
--
View this message in context: http://opensips-open-sip-server.1449251.n2.nabble.com/opensips-and-asterisk-tp4962200p5003181.html
Sent from the OpenSIPS - Users mailing list archive at Nabble.com.

_______________________________________________
Users mailing list
[hidden email]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users


_______________________________________________
Users mailing list
[hidden email]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: opensips and asterisk

Olle E. Johansson

4 maj 2010 kl. 18.30 skrev Brett Nemeroff:

> Carmelo,
> If you have an SIP peer that matches the host and port of the opensips server.. ie:
> [opensips]
> type=friend
> host=<ip of opensips.
> port=<port of opensips> (can be omitted if port 5060)
>
> Then it'll match that.. typically if it's coming from opensips you'll want to add:
> insecure=invite
>
> so that opensips won't be challenged to authenticate. Also be sure there is no secret set.
>
> I personally wouldn't do this using the default context as the other posters had recommended as that will allow *anyone* to send traffic to your asterisk server. Which I don't believe is what you really want to do. Instead, create a peer that is limited by IP and PORT allowed to send invites without a secret.
>
> Also be sure that the context for that peer is set to the right context and that if from the asterisk CLI you type:
> dialplan show <RURI username>@<opensips context>
> that it matches something you'd expect.
>
> On another note, are you performing a consume credentials? I think it *might* be possible that opensips is forwarding your UAC's credentials on to Asterisk if you are not..
>
If you want to ONLY match on IP/port, you need to use "type=peer".

regards,
/O

> -Brett
>
>
> On Tue, May 4, 2010 at 8:02 AM, wüber <[hidden email]> wrote:
>
> Hi Bogdan,
>
> connecting Opensips with Asterisk I can see that if a client registered on
> Opensips server tries to make a call to a client in Asterisk domain, after
> the INVITE, it receives a "forbidden" message from asterisk. I have set the
> forwarding functionality in Opensips (rewriteuri function) and I'm pretty
> sure it's something related to asterisk.
>
> Perhaps this is not the right section, but anyway could you help me? Do you
> know what I should set in the sip.conf of Asterisk config file?
>
> Thanks a lot,
> Carmelo
> --
> View this message in context: http://opensips-open-sip-server.1449251.n2.nabble.com/opensips-and-asterisk-tp4962200p5003181.html
> Sent from the OpenSIPS - Users mailing list archive at Nabble.com.
>
> _______________________________________________
> Users mailing list
> [hidden email]
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
> _______________________________________________
> Users mailing list
> [hidden email]
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users

---
* Olle E Johansson - [hidden email]
* Cell phone +46 70 593 68 51, Office +46 8 96 40 20, Sweden




_______________________________________________
Users mailing list
[hidden email]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: opensips and asterisk

David J.-2
Sorry, The way I recommend doing this was assuming the user on the
Asterisk box needed to be publicly reachable from anywhere.

I think that approach makes sense when using DID's and inbound routing
that does need authentication.



On 5/4/10 12:55 PM, Olle E. Johansson wrote:

> 4 maj 2010 kl. 18.30 skrev Brett Nemeroff:
>
>    
>> Carmelo,
>> If you have an SIP peer that matches the host and port of the opensips server.. ie:
>> [opensips]
>> type=friend
>> host=<ip of opensips.
>> port=<port of opensips>  (can be omitted if port 5060)
>>
>> Then it'll match that.. typically if it's coming from opensips you'll want to add:
>> insecure=invite
>>
>> so that opensips won't be challenged to authenticate. Also be sure there is no secret set.
>>
>> I personally wouldn't do this using the default context as the other posters had recommended as that will allow *anyone* to send traffic to your asterisk server. Which I don't believe is what you really want to do. Instead, create a peer that is limited by IP and PORT allowed to send invites without a secret.
>>
>> Also be sure that the context for that peer is set to the right context and that if from the asterisk CLI you type:
>> dialplan show<RURI username>@<opensips context>
>> that it matches something you'd expect.
>>
>> On another note, are you performing a consume credentials? I think it *might* be possible that opensips is forwarding your UAC's credentials on to Asterisk if you are not..
>>
>>      
> If you want to ONLY match on IP/port, you need to use "type=peer".
>
> regards,
> /O
>
>    
>> -Brett
>>
>>
>> On Tue, May 4, 2010 at 8:02 AM, wüber<[hidden email]>  wrote:
>>
>> Hi Bogdan,
>>
>> connecting Opensips with Asterisk I can see that if a client registered on
>> Opensips server tries to make a call to a client in Asterisk domain, after
>> the INVITE, it receives a "forbidden" message from asterisk. I have set the
>> forwarding functionality in Opensips (rewriteuri function) and I'm pretty
>> sure it's something related to asterisk.
>>
>> Perhaps this is not the right section, but anyway could you help me? Do you
>> know what I should set in the sip.conf of Asterisk config file?
>>
>> Thanks a lot,
>> Carmelo
>> --
>> View this message in context: http://opensips-open-sip-server.1449251.n2.nabble.com/opensips-and-asterisk-tp4962200p5003181.html
>> Sent from the OpenSIPS - Users mailing list archive at Nabble.com.
>>
>> _______________________________________________
>> Users mailing list
>> [hidden email]
>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>
>> _______________________________________________
>> Users mailing list
>> [hidden email]
>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>      
> ---
> * Olle E Johansson - [hidden email]
> * Cell phone +46 70 593 68 51, Office +46 8 96 40 20, Sweden
>
>
>
>
> _______________________________________________
> Users mailing list
> [hidden email]
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
>    


_______________________________________________
Users mailing list
[hidden email]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: opensips and asterisk

dcomms
This post was updated on .
CONTENTS DELETED
The author has deleted this message.
Reply | Threaded
Open this post in threaded view
|

Re: opensips and asterisk

Brett Nemeroff
Sure, you can have opensips stuff the original IP of the client into a custom header and then have asterisk check that header using a custom built dialplan..

There may be a more sophisticated way to do it. Especially if you don't consume credentials, but that seems kind of sloppy to me. 

BTW, if you create a custom header, be sure to delete the header, before you add it.. Just in case someone is trying to spoof that internal header on invite..
-Brett


On Tue, May 4, 2010 at 4:19 PM, info <[hidden email]> wrote:
Hi,

I think this means you cannot use IP authentication on asterisk for several clients because asterisk sees Opensips as a single client.

I have a similar problem. I have clients registering with Opensips. I have installed the load balancing module on Opensips
and sending traffic on to asterisk. The asterisk is configured for IP authentication


The problem is Asterisk sees the IP address off Opensips and not the end client

**********
Using INVITE request as basis request - 2b48506c1e10454d345aa7103921ded5@asterisk_ip_address
No matching peer for '04480991222' from 'opensips_ip_address:5060'
**********

I guess what i am trying to say is that is there a way to authenticate with the real ip off the client


Thanks




-----Original Message-----
From: [hidden email] [mailto:[hidden email]] On Behalf Of David J.
Sent: 04 May 2010 18:00
To: OpenSIPS users mailling list
Subject: Re: [OpenSIPS-Users] opensips and asterisk

Sorry, The way I recommend doing this was assuming the user on the
Asterisk box needed to be publicly reachable from anywhere.

I think that approach makes sense when using DID's and inbound routing
that does need authentication.



On 5/4/10 12:55 PM, Olle E. Johansson wrote:
> 4 maj 2010 kl. 18.30 skrev Brett Nemeroff:
>
>
>> Carmelo,
>> If you have an SIP peer that matches the host and port of the opensips server.. ie:
>> [opensips]
>> type=friend
>> host=<ip of opensips.
>> port=<port of opensips>  (can be omitted if port 5060)
>>
>> Then it'll match that.. typically if it's coming from opensips you'll want to add:
>> insecure=invite
>>
>> so that opensips won't be challenged to authenticate. Also be sure there is no secret set.
>>
>> I personally wouldn't do this using the default context as the other posters had recommended as that will allow *anyone* to send traffic to your asterisk server. Which I don't believe is what you really want to do. Instead, create a peer that is limited by IP and PORT allowed to send invites without a secret.
>>
>> Also be sure that the context for that peer is set to the right context and that if from the asterisk CLI you type:
>> dialplan show<RURI username>@<opensips context>
>> that it matches something you'd expect.
>>
>> On another note, are you performing a consume credentials? I think it *might* be possible that opensips is forwarding your UAC's credentials on to Asterisk if you are not..
>>
>>
> If you want to ONLY match on IP/port, you need to use "type=peer".
>
> regards,
> /O
>
>
>> -Brett
>>
>>
>> On Tue, May 4, 2010 at 8:02 AM, wüber<[hidden email]>  wrote:
>>
>> Hi Bogdan,
>>
>> connecting Opensips with Asterisk I can see that if a client registered on
>> Opensips server tries to make a call to a client in Asterisk domain, after
>> the INVITE, it receives a "forbidden" message from asterisk. I have set the
>> forwarding functionality in Opensips (rewriteuri function) and I'm pretty
>> sure it's something related to asterisk.
>>
>> Perhaps this is not the right section, but anyway could you help me? Do you
>> know what I should set in the sip.conf of Asterisk config file?
>>
>> Thanks a lot,
>> Carmelo
>> --
>> View this message in context: http://opensips-open-sip-server.1449251.n2.nabble.com/opensips-and-asterisk-tp4962200p5003181.html
>> Sent from the OpenSIPS - Users mailing list archive at Nabble.com.
>>
>> _______________________________________________
>> Users mailing list
>> [hidden email]
>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>
>> _______________________________________________
>> Users mailing list
>> [hidden email]
>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>
> ---
> * Olle E Johansson - [hidden email]
> * Cell phone +46 70 593 68 51, Office +46 8 96 40 20, Sweden
>
>
>
>
> _______________________________________________
> Users mailing list
> [hidden email]
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
>


_______________________________________________
Users mailing list
[hidden email]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

_______________________________________________
Users mailing list
[hidden email]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users


_______________________________________________
Users mailing list
[hidden email]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: opensips and asterisk

mwyse
This post has NOT been accepted by the mailing list yet.
hi,

What is the syntax to change the original IP of the client into a custom header
and how do you go about first removing the header.
Thanks