Hi,
Please HELP?
After numbers of hours and days?. Still couldn?t get where I wanted to accomplish.
Here is what I try to accomplish as follows:
1. Set Alias restriction in a GK_networks= Works OK and only allowed alias can be register in the GK_networks and can place a call from alias to alias ?member to member?
2. Set Alias restriction to call gw= Works OK and only allowed registered alias can place a call to a gateway
3. When 1&2 are combine= Both restriction setting are works accepts the Alias to Alias could not connected due to a security-denial
After numbers of hours and days?. Still couldn?t get where I wanted to accomplish.
Here is what I try to accomplish as follows:
1. Set Alias restriction in a GK_networks= Works OK and only allowed alias can be register in the GK_networks and can place a call from alias to alias ?member to member?
2. Set Alias restriction to call gw= Works OK and only allowed registered alias can place a call to a gateway
3. When 1&2 are combine= Both restriction setting are works accepts the Alias to Alias could not connected due to a security-denial
A gatekeeper .ini file attachment for review to better explains
[Gatekeeper::Main]
Fourtytwo=42
Name=abc telecom
Home=0.0.0.0
TimeToLive=60
TotalBandwidth=15000
EndpointIDSuffix=6543210
[RoutedMode]
GKRouted=1
H245Routed=1
CallSignalPort=1721
CallSignalHandlerNumber=1
RemoveH245AddressOnTunneling=1
AcceptNeighborsCalls=1
AcceptUnregisteredCalls=1
SupportNATedEndpoints=1
DropCallsByReleaseComplete=1
RemoveCallOnDRQ=1
[Proxy]
Enable=1
InternalNetwork=192.168.0.1/255.255.255.0
RTPPortRange=10000-59999
proxyfornat=1
Enable=1
InternalNetwork=192.168.0.1/255.255.255.0
RTPPortRange=10000-59999
proxyfornat=1
[Endpoint]
Gatekeeper=0.0.0.0
Type=Gateway
H323ID=112233
Prefix=01
TimeToLive=60
RRQRetryInterval=10
Gatekeeper=0.0.0.0
Type=Gateway
H323ID=112233
Prefix=01
TimeToLive=60
RRQRetryInterval=10
[Failover]
Sendto=192.168.0.50:1719
AlternateGKs=192.168.0.50:true:120:OpenH323GK\\
Sendto=192.168.0.50:1719
AlternateGKs=192.168.0.50:true:120:OpenH323GK\\
[Gatekeeper::TCP]
UnicastRasPort=1719
MulticastPort=1718
MulticastGroup=224.0.1.41
EndpointSignalPort=9999
StatusPort=7000
ListenQueueLength=1024
SignalReadTimeout=3000
StatusReadTimeout=5000
UnicastRasPort=1719
MulticastPort=1718
MulticastGroup=224.0.1.41
EndpointSignalPort=9999
StatusPort=7000
ListenQueueLength=1024
SignalReadTimeout=3000
StatusReadTimeout=5000
[RasSrv::GWPrefixes]
gw=102
[RasSrv::ARQFeatures]
ArjReasonRouteCallToSCN=0
ArjReasonRouteCallToGatekeeper=1
ArjReasonRouteCallToSCN=0
ArjReasonRouteCallToGatekeeper=1
[RasSrv::RRQAuth]
rule=explicit
999=confirm
888=confirm
rule=explicit
default=reject
rule=explicit
999=confirm
888=confirm
rule=explicit
default=reject
[GkStatus::Auth]
default=allow
default=allow
[RasSrv::RewriteE164]
[RasSrv::Neighbors]
[RasSrv::LRQFeatures]
[RasSrv::PermanentEndpoints]
[RasSrv::Neighbors]
[RasSrv::LRQFeatures]
[RasSrv::PermanentEndpoints]
[Gatekeeper::Auth]
AliasAuth=required;ARQ,RRQ,BRQ
PrefixAuth=required;RRQ,BRQ,ARQ
# "When PrefixAuth exist here than the RRQAuth numbers couldn't call to each other"
default=allow
AliasAuth=required;ARQ,RRQ,BRQ
PrefixAuth=required;RRQ,BRQ,ARQ
# "When PrefixAuth exist here than the RRQAuth numbers couldn't call to each other"
default=allow
[Gatekeeper::DestAnalysis]
default=allow
[MySQLAuth]
[CallTable]
[CallTable]
[GkLDAP::LDAPAttributeNames]
[GkLDAP::Settings]
[GkLDAP::Settings]
[PrefixAuth]
102=allow alias:999.*|allow alias:888.*|deny ipv4:0/0
" dvninc@xxxxxxxxx
ALL=allow ipv4:ALL
102=allow alias:999.*|allow alias:888.*|deny ipv4:0/0
" dvninc@xxxxxxxxx
ALL=allow ipv4:ALL
Best Regards,
David Van Nguyen
