Maybe you should track down the problem and follow all messages from GRQ till RRJ to see the problem. Having just RRJ out of the context does not say too much. ----- Original Message ----- From: "Rafat Subhan" <rafat@xxxxxxxxxxxxxxx> Sent: Tuesday, August 17, 2004 3:11 PM > 1. yes its for 60seconds. it shud send after this, but why it is saying full > registration required...and terminate all its calls. After 60 seconds it > shud send alive request and gets RCF. > > 2. The user i am discussing in log was not behind NAT...he was on public IP > 3. for this problem, shud i solve this problem in dialer or some settings > required in GK. > > I also get full registration problem in parent child hierarchy even though > their ttl are same. > I sent u my ini file...All are fine in that? > > ----- Original Message ----- > From: "Zygmuntowicz Michal" <m.zygmuntowicz@xxxxxxx> > To: "Rafat Subhan" <rafat@xxxxxxxxxxxxxxx> > Sent: Tuesday, August 17, 2004 05:52 PM > Subject: Re: security attack > > > > The problem you describe may happen when: > > 1. Your previous registration expired - check how > > often keep alive RRQs are sent and for network problems. > > 2. Your endpoint is behind NAT and NAT IP has changed > > (I am not sure of this). > > 2. Your endpoint is with public IP and call signal address > > or call signal port does not match those stored in endpoint record. > > ----- Original Message ----- > > From: "Rafat Subhan" <rafat@xxxxxxxxxxxxxxx> > > To: "Zygmuntowicz Michal" <m.zygmuntowicz@xxxxxxx> > > Sent: Tuesday, August 17, 2004 2:51 PM > > Subject: Re: security attack > > > > > > > Plus to my prev emails...always the endpoint ttl settings over ridden by > GK > > > settings and i set ttl in my main section ...isnt it? > > > > > > > > > ----- Original Message ----- > > > From: "Zygmuntowicz Michal" <m.zygmuntowicz@xxxxxxx> > > > To: "Rafat Subhan" <rafat@xxxxxxxxxxxxxxx> > > > Sent: Tuesday, August 17, 2004 02:31 PM > > > Subject: Re: security attack > > > > > > > > > > So the problem is probably with your endpoint configuration. > > > > > > > > ----- Original Message ----- > > > > From: "Rafat Subhan" <rafat@xxxxxxxxxxxxxxx> > > > > To: "Zygmuntowicz Michal" <m.zygmuntowicz@xxxxxxx> > > > > Sent: Tuesday, August 17, 2004 11:36 AM > > > > Subject: Re: security attack > > > > > > > > > > > > > No .... i use parent child hierarchy... > > > > > > > > > > endpoints used to register with my child GK and i route all their > calls > > > to > > > > > parent. > > > > > but as u can see the problem was b/w child gk & endpoint. > > > > > > > > > > ----- Original Message ----- > > > > > From: "Zygmuntowicz Michal" <m.zygmuntowicz@xxxxxxx> > > > > > To: "Rafat Subhan" <rafat@xxxxxxxxxxxxxxx> > > > > > Sent: Tuesday, August 17, 2004 02:24 PM > > > > > Subject: Re: security attack > > > > > > > > > > > > > > > > So maybe the problem is with the endpoint identifier. > > > > > > Do you use alternate gatekeepers? > > > > > > > > > > > > ----- Original Message ----- > > > > > > From: "Rafat Subhan" <rafat@xxxxxxxxxxxxxxx> > > > > > > To: "Zygmuntowicz Michal" <m.zygmuntowicz@xxxxxxx> > > > > > > Sent: Tuesday, August 17, 2004 11:29 AM > > > > > > Subject: Re: security attack > > > > > > > > > > > > > > > > > > > endpoint is sending 60 seconds and i am also setting in GK main > > > section > > > > > > > timetolive as 60 seconds. > > > > > > > then where is problem? :( > > > > > > > > > > > > > > > > > > > > > _________________ > > > > > > > Engr. Rafat Subhan > > > > > > > Software Developer > > > > > > > Advanced Communications > > > > > > > mail: rafat@xxxxxxxxxxxxxxx > > > > > > > http://www.beyondphone.com > > > > > > > > > > > > > > ----- Original Message ----- > > > > > > > From: "Zygmuntowicz Michal" <m.zygmuntowicz@xxxxxxx> > > > > > > > To: "Rafat Subhan" <rafat@xxxxxxxxxxxxxxx> > > > > > > > Sent: Tuesday, August 17, 2004 02:14 PM > > > > > > > Subject: Re: security attack > > > > > > > > > > > > > > > > > > > > > > Maybe - but I guess the problem may be also elswhere. > > > > > > > > Maybe you have a bad endpoint or incorrect > > > > > > > > TTL setting. > > > > > > > > Try to configure the endpoint to use an endpoint identifier > > > > > > > > assigned by the gatekeeper. > > > > > > > > > > > > > > > > ----- Original Message ----- > > > > > > > > From: "Rafat Subhan" <rafat@xxxxxxxxxxxxxxx> > > > > > > > > To: "Zygmuntowicz Michal" <m.zygmuntowicz@xxxxxxx> > > > > > > > > Sent: Tuesday, August 17, 2004 11:17 AM > > > > > > > > Subject: Re: security attack > > > > > > > > > > > > > > > > > > > > > > > > > when I enable this then fullregistration problem will > solved?? > > > > > > > > > because it will also caused calls in progress of that user > to > > > > > terminate > > > > > > > :( > > > > > > > > > > > > > > > > > > ----- Original Message ----- > > > > > > > > > From: "Zygmuntowicz Michal" <m.zygmuntowicz@xxxxxxx> > > > > > > > > > To: "Rafat Subhan" <rafat@xxxxxxxxxxxxxxx> > > > > > > > > > Sent: Tuesday, August 17, 2004 02:05 PM > > > > > > > > > Subject: Re: security attack > > > > > > > > > > > > > > > > > > > > > > > > > > > > Maybe your endpoint specifies a custom > > > > > > > > > > endpoint identifier and you don't have > > > AcceptEndpointIdentifier=1 > > > > > > > > > > option set. > > > > > > > > > > > > > > > > > > > > ----- Original Message ----- > > > > > > > > > > From: "Rafat Subhan" <rafat@xxxxxxxxxxxxxxx> > > > > > > > > > > To: "Zygmuntowicz Michal" <m.zygmuntowicz@xxxxxxx> > > > > > > > > > > Sent: Tuesday, August 17, 2004 11:04 AM > > > > > > > > > > Subject: security attack > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Again full registration required problem...this is latest > > > 2.0.9 > > > > > from > > > > > > > CVs. > > > > > > > > > > attached is also full log. > > > > > > > > > > also i am worried abt this warning .....is it really > security > > > > > attack > > > > > > > on > > > > > > > > > GK. > > > > > > > > > > sending u log privately bcoz of security reasons. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > 2004/08/17 00:57:14.643 1 RasSrv.cxx(1156) GK > Warning: > > > > > Possibly > > > > > > > > > endpointId collide or security attack!! > > > > > > > > > > 2004/08/17 00:57:14.643 2 RasSrv.cxx(1384) > > > > > > > > > > > > > > > > > > > > > > > > > RRJ|202.179.130.67|aamir@xxxxxxxxxxxx:h323_ID|terminal|fullRegistrationRequi > > > > > > > > > red; > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > 2004/08/17 00:57:14.643 3 RasSrv.cxx(2497) GK Send > to > > > > > > > > > 202.179.130.67:1025 > > > > > > > > > > registrationReject { > > > > > > > > > > requestSeqNum = 12077 > > > > > > > > > > protocolIdentifier = 0.0.8.2250.0.4 > > > > > > > > > > rejectReason = fullRegistrationRequired <<null>> > > > > > > > > > > gatekeeperIdentifier = 19 characters { > > > > > > > > > > 0067 006b 0031 002e 0042 0065 0079 006f gk1.Beyo > > > > > > > > > > 006e 0064 0050 0068 006f 006e 0065 002e ndPhone. > > > > > > > > > > 0063 006f 006d com > > > > > > > > > > } > > > > > > > > > > } > > > > > > > > > > ------------------------------------------------------- SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift. http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 _______________________________________________________ List: Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx Archive: http://sourceforge.net/mailarchive/forum.php?forum_id=8549 Homepage: http://www.gnugk.org/
