Author Topic: [SOLVED] Proxy Authentication Required  (Read 2377 times)

xevyk

  • Newbie
  • *
  • Posts: 10
    • View Profile
[SOLVED] Proxy Authentication Required
« on: March 23, 2016, 05:52:31 AM »
Greetings everyone!

I trying to use Yate as H323 signalling proxy for Freeswitch but with no luck. Both of them installed on one box with IP 10.74.33.70. Yate configuration based on tutorial http://docs.yate.ro/wiki/H323_To_SIP_Signalling_Proxy

Then I've modified accfile.conf to

[freeswitch]
enabled=yes
protocol=sip
username=1002
description=Freeswitch account
interval=600
authname=1002
password=123
number=1002
domain=10.74.33.70
registrar=10.74.33.70
formats=alaw,mulaw,gsm
;outbound=10.0.0.1:5061
;localaddress=192.168.0.1:5062

regexroute.conf:

${rtp_forward}possible=;rtp_forward=yes
${formats}^\([^,]*\)=;formats=\1
${module}^h323$=sip/sip:${called}@10.74.33.70
.*=-;error=forbidden;reason=Protocol not allowed

1002 number is created and succefully tested in FS.

fs_cli show registrations

1001,10.74.33.70,0006538f-16b90003-587df546-41c99a8c@10.74.33.144,sofia/internal/sip:1001@10.74.33.144:5060;transport=udp,1458735743,10.74.33.144,50818,udp,freeswitch,
1002,10.74.33.70,1884231429@10.74.33.70,sofia/internal/sip:1002@10.74.33.70:5061,1458733753,10.74.33.70,5061,udp,freeswitch,
1000,10.74.33.70,122302058,sofia/internal/sip:1000@10.74.33.106:5062,1458735309,10.74.33.106,5062,udp,freeswitch,

3 total.


Also I have production Asterisk supporting SIP and H323 with IP 10.74.33.37 and registred ip-phones on it. When I trying to make a call from Asterisk with number 5142 in h323 to FS through Yate, I getting next messages in yate log:

------
20160323183109.004764 <sip:ALL> Sending UDP keepalive to 10.74.33.70:5060 for 'freeswitch'
20160323183135.005094 <sip:ALL> Sending UDP keepalive to 10.74.33.70:5060 for 'freeswitch'
 20160323183148.704142 <h323:ALL> YateH323Connection::YateH323Connection(0x1e508e0,15499,(nil)) [0x7fc03c045c00]
20160323183148.704174 <h323/3:ALL> YateH323Chan::YateH323Chan(0x7fc03c045c00,ip$10.74.33.37:3594) incoming [0x7fc03c04d040]
20160323183148.704262 <h323/3:ALL> YateH323Connection::OnSetLocalCapabilities() external passtrough [0x7fc03c045c00]
20160323183148.704454 <h323/3:ALL> H323Connection::CreateRealTimeLogicalChannel external passtrough [0x7fc03c045c00]
20160323183148.704480 <h323/3:ALL> Capability 'G.729A{sw}' format 'g729' session 1 send
20160323183148.704495 <h323/3:ALL> Logical control channel address '10.74.33.70'
20160323183148.704508 <h323/3:ALL> YateH323_ExternalRTPChannel::OnReceivedPDU [0x7fc03c03c290]
20160323183148.704521 <h323:ALL> Remote RTP address 10.74.33.37:18726
20160323183148.704536 <h323/3:INFO> Got remote RTP address 10.74.33.37:18726 [0x7fc03c045c00]
20160323183148.704583 <h323/3:ALL> H323Connection::CreateRealTimeLogicalChannel external passtrough [0x7fc03c045c00]
20160323183148.704595 <h323/3:ALL> Capability 'G.729A{sw}' format 'g729' session 1 receive
20160323183148.704612 <h323/3:ALL> Logical control channel address '10.74.33.70'
20160323183148.704624 <h323/3:ALL> YateH323_ExternalRTPChannel::OnReceivedPDU [0x7fc03c03af40]
20160323183148.704665 <h323/3:ALL> H323Connection::CreateRealTimeLogicalChannel external passtrough [0x7fc03c045c00]
20160323183148.704676 <h323/3:ALL> Capability 'G.729{sw}' format 'g729' session 1 send
20160323183148.704687 <h323/3:ALL> Logical control channel address '10.74.33.70'
20160323183148.704698 <h323/3:ALL> YateH323_ExternalRTPChannel::OnReceivedPDU [0x7fc03c03d0c0]
20160323183148.704737 <h323/3:ALL> H323Connection::CreateRealTimeLogicalChannel external passtrough [0x7fc03c045c00]
20160323183148.704747 <h323/3:ALL> Capability 'G.729{sw}' format 'g729' session 1 receive
20160323183148.704759 <h323/3:ALL> Logical control channel address '10.74.33.70'
20160323183148.704770 <h323/3:ALL> YateH323_ExternalRTPChannel::OnReceivedPDU [0x7fc03c04cc90]
20160323183148.704852 <h323/3:INFO> YateH323Connection::OnAnswerCall caller='Dyakonov E.V. [10.74.33.37]' chan=0x7fc03c04d040 [0x7fc03c045c00]
20160323183148.704866 <h323/3:INFO> GetRemotePartyNumber()='5142'
20160323183148.704871 <h323/3:ALL> adr[0]='1000]
20160323183148.704874 <h323/3:INFO> Called number (alias) is '1000'
20160323183148.705068 <INFO> Could not classify call from '5142', wasted 3 usec
20160323183148.705110 <cdrbuild:INFO> Got message 'call.route' for untracked id 'h323/3'
20160323183148.705247 <INFO> Routing call to '1000' in context 'default' via 'sip/sip:1000@10.74.33.70' in 112 usec
20160323183148.705311 <sip/3:ALL> YateSIPConnection::YateSIPConnection(0x7fc03c03aba0,'sip:1000@10.74.33.70') [0x7fc0380010d0]
20160323183148.705345 <sip:ALL> YateSIPEndPoint::buildParty(0x7fc038001f30,'(null)',0,(nil))
20160323183148.705383 <sip/3:ALL> NAT address is '(null)' [0x7fc0380010d0]
20160323183148.705446 <sip/3:MILD> No formats for 'audio', excluding from SDP [0x7fc0380010d0]
20160323183148.705452 <sip/3:ALL> Set media: audio=g729 [0x7fc0380010d0]
20160323183148.705491 <h323/3:ALL> YateH323Connection::rtpExecuted(0x7fc03c03aba0) [0x7fc03c045c00]
20160323183148.705495 <h323/3:INFO> H323 Peer accepted RTP forward
 0160323183148.707515 <sip:INFO> 'udp:0.0.0.0:5061' sending 'INVITE sip:1000@10.74.33.70' 0x7fc038001f30 to 10.74.33.70:5060 [0x1f18220]
 -----
 NVITE sip:1000@10.74.33.70 SIP/2.0
 ax-Forwards: 20
 ia: SIP/2.0/UDP 10.74.33.70:5061;rport;branch=z9hG4bK2126407802
 rom: "TEST [10.74.33.37]" <sip:5142@10.74.33.70:5061>;tag=1131378280
 o: <sip:1000@10.74.33.70>
 all-ID: 1031467016@10.74.33.70:5061
 Seq: 4 INVITE
 ser-Agent: YATE/5.5.1
 ontact: <sip:5142@10.74.33.70:5061>
 llow: ACK, INVITE, BYE, CANCEL, REGISTER, REFER, OPTIONS, INFO
 ontent-Type: application/sdp
 ontent-Length: 95
 
 =0
 =yate 1458732708 1458732708 IN IP4 10.74.33.37
 =SIP Call
 =IN IP4 10.74.33.37
 =0 0
------
 0160323183148.708406 <sip:INFO> 'udp:0.0.0.0:5061' received 352 bytes SIP message from 10.74.33.70:5060 [0x1f18220]
 -----
 IP/2.0 100 Trying
 ia: SIP/2.0/UDP 10.74.33.70:5061;rport=5061;branch=z9hG4bK2126407802
 rom: "TEST [10.74.33.37]" <sip:5142@10.74.33.70:5061>;tag=1131378280
 o: <sip:1000@10.74.33.70>
 all-ID: 1031467016@10.74.33.70:5061
 Seq: 4 INVITE
 ser-Agent: FreeSWITCH-mod_sofia/1.6.6+git~20160111T201612Z~d2d0b3283a~64bit
 ontent-Length: 0
 
------
 0160323183148.708453 <sip:INFO> 'udp:0.0.0.0:5061' received 854 bytes SIP message from 10.74.33.70:5060 [0x1f18220]
 -----
 IP/2.0 407 Proxy Authentication Required
 ia: SIP/2.0/UDP 10.74.33.70:5061;rport=5061;branch=z9hG4bK2126407802
 rom: "TEST [10.74.33.37]" <sip:5142@10.74.33.70:5061>;tag=1131378280
 o: <sip:1000@10.74.33.70>;tag=1pjgZ80rS6NjB
 all-ID: 1031467016@10.74.33.70:5061
 Seq: 4 INVITE
 ser-Agent: FreeSWITCH-mod_sofia/1.6.6+git~20160111T201612Z~d2d0b3283a~64bit
 ccept: application/sdp
 llow: INVITE, ACK, BYE, CANCEL, OPTIONS, MESSAGE, INFO, UPDATE, REGISTER, REFER, NOTIFY, PUBLISH, SUBSCRIBE
 upported: timer, path, replaces
Allow-Events: talk, hold, conference, presence, as-feature-event, dialog, line-seize, call-info, sla, include-session-description, presence.winfo, mes age-summary, refer
 roxy-Authenticate: Digest realm="10.74.33.70", nonce="ce7e5a26-6984-45de-bed8-63a4a866d7d7", algorithm=MD5, qop="auth"
 ontent-Length: 0
 
------
20160323183148.708677 <sip/3:ALL> YateSIPConnection::hangup() state=1 trans=0x7fc038004660 error='(null)' code=407 reason='Proxy Authentication Required' [0x7fc0380010d0]
20160323183148.708701 >>> YateH323Chan::disconnected() 'Proxy Authentication Required' [0x7fc03c04d040]
20160323183148.708713 <<< YateH323Chan::disconnected()
20160323183148.708718 <sip/3:ALL> YateSIPConnection::~YateSIPConnection() [0x7fc0380010d0]
 0160323183148.708740 <sip:INFO> 'udp:0.0.0.0:5061' sending 'ACK sip:1000@10.74.33.70' 0x7fc03c050fc0 to 10.74.33.70:5060 [0x1f18220]
 -----
 CK sip:1000@10.74.33.70 SIP/2.0
 ia: SIP/2.0/UDP 10.74.33.70:5061;rport;branch=z9hG4bK2126407802
 rom: "TEST [10.74.33.37]" <sip:5142@10.74.33.70:5061>;tag=1131378280
 o: <sip:1000@10.74.33.70>;tag=1pjgZ80rS6NjB
 all-ID: 1031467016@10.74.33.70:5061
 Seq: 4 ACK
 ax-Forwards: 20
 ontact: <sip:5142@10.74.33.70:5061>
 ser-Agent: YATE/5.5.1
 ontent-Length: 0
 
------
20160323183148.713894 <h323/3:ALL> YateH323Chan::~YateH323Chan() accepted h323/3 [0x7fc03c04d040]
20160323183148.714005 <h323/3:ALL> YateH323Connection::CleanUpOnCallEnd() [0x7fc03c045c00]
20160323183148.715978 <h323/3:INFO> YateH323Connection::OnCleared() error: '(null)' reason: EndedByLocalUser (0) [0x7fc03c045c00]
20160323183148.715996 <h323/3:ALL> YateH323Connection::~YateH323Connection() [0x7fc03c045c00]

In FS next log:

2016-03-23 18:31:48.692249 [NOTICE] switch_channel.c:1101 New Channel sofia/internal/5142@10.74.33.70:5061 [81075522-fe65-4a74-9814-872f3b75a1cc]
2016-03-23 18:31:48.692249 [DEBUG] switch_core_state_machine.c:473 (sofia/internal/5142@10.74.33.70:5061) Running State Change CS_NEW
2016-03-23 18:31:48.692249 [DEBUG] sofia.c:9248 sofia/internal/5142@10.74.33.70:5061 receiving invite from 10.74.33.70:5061 version: 1.6.6 git d2d0b32 2016-01-11 20:16:12Z 64bit
2016-03-23 18:31:48.692249 [DEBUG] sofia.c:9415 IP 10.74.33.70 Rejected by acl "domains". Falling back to Digest auth.
2016-03-23 18:31:48.692249 [DEBUG] sofia.c:2147 detaching session 81075522-fe65-4a74-9814-872f3b75a1cc
2016-03-23 18:31:48.692249 [DEBUG] switch_core_state_machine.c:492 (sofia/internal/5142@10.74.33.70:5061) State NEW
2016-03-23 18:31:58.712167 [WARNING] switch_core_state_machine.c:576 81075522-fe65-4a74-9814-872f3b75a1cc sofia/internal/5142@10.74.33.70:5061 Abandoned
2016-03-23 18:31:58.712167 [NOTICE] switch_core_state_machine.c:579 Hangup sofia/internal/5142@10.74.33.70:5061 [CS_NEW] [WRONG_CALL_STATE]
2016-03-23 18:31:58.712167 [DEBUG] switch_core_state_machine.c:473 (sofia/internal/5142@10.74.33.70:5061) Running State Change CS_HANGUP
2016-03-23 18:31:58.712167 [DEBUG] switch_core_state_machine.c:739 (sofia/internal/5142@10.74.33.70:5061) Callstate Change DOWN -> HANGUP
2016-03-23 18:31:58.712167 [DEBUG] switch_core_state_machine.c:741 (sofia/internal/5142@10.74.33.70:5061) State HANGUP
2016-03-23 18:31:58.712167 [DEBUG] mod_sofia.c:431 Channel sofia/internal/5142@10.74.33.70:5061 hanging up, cause: WRONG_CALL_STATE
2016-03-23 18:31:58.712167 [DEBUG] switch_core_state_machine.c:60 sofia/internal/5142@10.74.33.70:5061 Standard HANGUP, cause: WRONG_CALL_STATE
2016-03-23 18:31:58.712167 [DEBUG] switch_core_state_machine.c:741 (sofia/internal/5142@10.74.33.70:5061) State HANGUP going to sleep
2016-03-23 18:31:58.712167 [DEBUG] switch_core_state_machine.c:508 (sofia/internal/5142@10.74.33.70:5061) State Change CS_HANGUP -> CS_REPORTING
2016-03-23 18:31:58.712167 [DEBUG] switch_core_state_machine.c:473 (sofia/internal/5142@10.74.33.70:5061) Running State Change CS_REPORTING
2016-03-23 18:31:58.712167 [DEBUG] switch_core_state_machine.c:827 (sofia/internal/5142@10.74.33.70:5061) State REPORTING
2016-03-23 18:31:58.712167 [DEBUG] switch_core_state_machine.c:104 sofia/internal/5142@10.74.33.70:5061 Standard REPORTING, cause: WRONG_CALL_STATE
2016-03-23 18:31:58.712167 [DEBUG] switch_core_state_machine.c:827 (sofia/internal/5142@10.74.33.70:5061) State REPORTING going to sleep
2016-03-23 18:31:58.712167 [DEBUG] switch_core_state_machine.c:499 (sofia/internal/5142@10.74.33.70:5061) State Change CS_REPORTING -> CS_DESTROY
2016-03-23 18:31:58.712167 [DEBUG] switch_core_session.c:1646 Session 19 (sofia/internal/5142@10.74.33.70:5061) Locked, Waiting on external entities
2016-03-23 18:31:58.712167 [NOTICE] switch_core_session.c:1664 Session 19 (sofia/internal/5142@10.74.33.70:5061) Ended
2016-03-23 18:31:58.712167 [NOTICE] switch_core_session.c:1668 Close Channel sofia/internal/5142@10.74.33.70:5061 [CS_DESTROY]
2016-03-23 18:31:58.712167 [DEBUG] switch_core_state_machine.c:630 (sofia/internal/5142@10.74.33.70:5061) Running State Change CS_DESTROY
2016-03-23 18:31:58.712167 [DEBUG] switch_core_state_machine.c:640 (sofia/internal/5142@10.74.33.70:5061) State DESTROY
2016-03-23 18:31:58.712167 [DEBUG] mod_sofia.c:341 sofia/internal/5142@10.74.33.70:5061 SOFIA DESTROY
2016-03-23 18:31:58.712167 [DEBUG] switch_core_state_machine.c:111 sofia/internal/5142@10.74.33.70:5061 Standard DESTROY
2016-03-23 18:31:58.712167 [DEBUG] switch_core_state_machine.c:640 (sofia/internal/5142@10.74.33.70:5061) State DESTROY going to sleep

Please help me to find a way to soltuion.
« Last Edit: March 31, 2016, 05:48:51 AM by xevyk »

marian

  • Sr. Member
  • ****
  • Posts: 385
    • View Profile
Re: Proxy Authentication Required
« Reply #1 on: March 23, 2016, 06:58:10 AM »
You don't provide credentials to outgoing sip call.
Set the account when routing:

${module}^h323$=line/${called};line=freeswitch

xevyk

  • Newbie
  • *
  • Posts: 10
    • View Profile
Re: Proxy Authentication Required
« Reply #2 on: March 23, 2016, 09:17:42 PM »
You don't provide credentials to outgoing sip call.
Set the account when routing:

${module}^h323$=line/${called};line=freeswitch

Thank you for reply!
I've modified regexroute.conf to

${rtp_forward}possible=;rtp_forward=yes
${formats}^\([^,]*\)=;formats=\1
${module}^h323$=sip/sip:${called}@10.74.33.70;line=freeswitch
.*=-;error=forbidden;reason=Protocol not allowed

then: service yate restart

And error gone!
Thanks again!
« Last Edit: March 24, 2016, 01:48:34 AM by xevyk »

marian

  • Sr. Member
  • ****
  • Posts: 385
    • View Profile
Re: Proxy Authentication Required
« Reply #3 on: March 24, 2016, 01:47:40 AM »
Please pay attention to routing rules: first match is handled.
You've added the new rule after the old one!

xevyk

  • Newbie
  • *
  • Posts: 10
    • View Profile
Re: Proxy Authentication Required
« Reply #4 on: March 24, 2016, 01:57:10 AM »
Please pay attention to routing rules: first match is handled.
You've added the new rule after the old one!

Problem solved! Thank you for your help!