<div bgcolor="#ffffff">Hi,<br>Well I don't think I could skip the authorization process because there are analogical devices which need to be authenticated, so it would create problems.<br>How do I add the Asterisk Server to the trust tables?
<br>I'm actually thinking of adding Asterisk as a RADIUS client to the RADIUS server (freeRadius)<br>What do you think?<br>Thanks in advance,<br>Roberto<br><br>
<font size="2"><span style="font-style: italic;">So... if I understand this correctly, you're having
problems with diverted calls FROM the Asterisk IVR not being able to
authenticate on SER? </span><br style="font-style: italic;">
<br style="font-style: italic;"><span style="font-style: italic;">Could you just add the Asterisk server to the trust tables and skip
the auth process for calls coming back or would that create problems? </span><br style="font-style: italic;">
<br style="font-style: italic;"><span style="font-style: italic;">N.
</span><br style="font-style: italic;"><b>
<br>On Tue, 5 Sep 2006 21:16:45 +0100, Roberto Lopes wrote</b>
</font></div><font size="2"></font><div><span><font size="2"><br>> Hi to all!
<br>> I've a big problem with SER & Asterisk
<br>> I've a network where i put them working together.
<br>> Asterisk is the media gateway with PSTN as well as being the server
which is making all the services available (IVR, voicemail, conference
calls, etc).
<br>> SER just routes calls either to the softphones, VoIP phones or
to Asterisk who will just forward the calls to PSTN (via Asterisk).
<br>>
Till now everything works well except the service IVR which is working on Asterisk.
<br>>
<br>> Details:
<br></font></span></div><div><font size="2">> </font><font color="red"><b>MailScanner has detected a possible fraud attempt from "<a href="http://192.168.226.13" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
192.168.226.13</a>" claiming to be</b></font>
<font color="red"><b>MailScanner warning: numerical links are often malicious: <a href="http://192.168.226.13" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">192.168.226.13</a> - IP SER
<br>> </b></font><font color="red"><b>MailScanner has detected a possible fraud attempt from "<a href="http://192.168.226.45" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">192.168.226.45</a>
" claiming to be</b></font> <font color="red"><b>MailScanner warning: numerical links are often malicious:
<a href="http://192.168.226.45" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">192.168.226.45</a> - IP Asterisk
</b></font></div><font color="red"><b></b></font><div><span><font color="red"><b><br>>
<br>> The problem is only after the user (<a href="mailto:roberto@192.168.226.13" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">roberto@192.168.226.13</a> - authenticated and authorized in RADIUS) calls IVR.
<br>> Till then the user calls, IVR gives some information to the user and everything goes well.
<br>> Problem is when he presses a number which will have to redirect the call to another user.
<br>> And why is there a problem.
<br></b></font></span></div><div><font color="red"><b>> Because the initially <a href="mailto:roberto@192.168.226.13" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">roberto@192.168.226.13</a> to be able to call IVR had to rewrite host & port
</b></font><font color="red"><b>MailScanner has detected a possible fraud attempt from "<a href="http://192.168.226.45" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">192.168.226.45</a>" claiming to be
</b></font> <font color="red"><b>MailScanner
warning: numerical links are often malicious: <a href="http://192.168.226.45" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">192.168.226.45</a> so that
the call would reach Asterisk who would then call to the IVR.
</b></font></div><font color="red"><b></b></font><div><span><font color="red"><b><br>> That rewriting turned <a href="mailto:roberto@192.168.226.13" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
roberto@192.168.226.13</a> into <a href="mailto:roberto@192.168.226.45" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
roberto@192.168.226.45</a>. That is, I can say, that it became a "new user".
<br>> While it's on the IVR there's no problem, but when call is diverted it has to give its credentials...
<br></b></font></span></div><div><font color="red"><b>> Credentials that don't exist in RADIUS cause it only accepts usernames that end in @
</b></font><font color="red"><b>MailScanner has detected a possible fraud attempt from "<a href="http://192.168.226.13" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">192.168.226.13</a>" claiming to be
</b></font> <font color="red"><b>MailScanner warning: numerical links are often malicious:
<a href="http://192.168.226.13" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">192.168.226.13</a> (IP of SER)
</b></font></div><font color="red"><b></b></font><div><span><font color="red"><b><br>>
<br>> Here is the following code, both of extensions file in Asterisk and configure file of SER
<br>> I hope somebody knows how to solve it or at least find a way how to.
<br>>
<br>> extensions.conf - Asterisk
<br>>
<br style="font-style: italic;"><span style="font-style: italic;"><span style="font-style: italic;">
[</span>sip]</span>
<br style="font-style: italic;"><span style="font-style: italic;"></span><span style="font-style: italic;">exten => 74001,1,Answer
</span>
<br style="font-style: italic;">
<span style="font-style: italic;">exten => 74001,2,SetMusicOnHold(default)
</span>
<br style="font-style: italic;"><span style="font-style: italic;">exten => 74001,3,Set(TIMEOUT(digit)=5)</span>
<br style="font-style: italic;">
<span style="font-style: italic;">exten => 74001,4,Set(TIMEOUT(response)=10)
</span>
<br style="font-style: italic;"><span style="font-style: italic;">exten => 74001,5,Background(menu)</span>
<br style="font-style: italic;">
<span style="font-style: italic;"></span>
<br>> <span style="font-style: italic;">exten => 1,1,Dial(SIP/roberto@192.168.226.13:5060,,r)
</span>
<br style="font-style: italic;"><span style="font-style: italic;">...</span><span style="font-style: italic;"></span>
<br style="font-style: italic;"><span style="font-style: italic;">exten => 7,1,Goto(sip,74001,1)
</span>
<br style="font-style: italic;"><span style="font-style: italic;">exten => 8,1,Hangup
</span>
<br style="font-style: italic;">
<br>>
<br>> ser.cfg - SER
<br>>
<br>> ...
<br>> if ((uri=~"^sip:7[0-9]{4}@.*")) {
<br>> route(5);
<br>> break;
<br>> };
<br style="font-style: italic;"><span style="font-style: italic;">
<span style="font-style: italic;">...
<br>> </span></span>route[5] { # Redirecting to Asterisk
<br>>
# MsgLog
<br>> xlog("L_ALERT","(WARNING) Sending to Asterisk request of %fu to %tu\n");
<br></b></font></span></div><font color="red"><b></b></font><div><font color="red"><b>> rewritehostport("</b></font><font color="red"><b>MailScanner has detected a possible fraud attempt from "<a href="http://192.168.226.45:5060" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
192.168.226.45:5060</a>" claiming to be</b></font> <font color="red"><b>MailScanner warning: numerical links are often malicious: <a href="http://192.168.226.45:5060" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
192.168.226.45:5060</a>");
</b></font></div><span><font color="red"><b><br>> route(1);
<br>> }
<br>> <span style="font-style: italic;"><span style="font-style: italic;"><span style="font-style: italic;">
<br>>
<br>> </span></span></span>Thanks for your help,
<br>> Roberto Lopes
<br>
<br>
</b></font></span>