Re: Problem using neighbor gks

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Security denial can be triggered because of:
1. Originating IP/port not matching.
2. destinationInfo prefix not matching AcceptPrefixes. (note that the match is done after rewrite step).
3. Auth failure (in this case you should have something in the -ttttt log).

Anyway, a simple -ttttt log from LRQ/LRJ exchange may
put some light on the issue.

----- Original Message ----- From: "Bruce Ferrell" <bferrell@xxxxxxxxxxxx>
Sent: Wednesday, March 23, 2005 8:46 AM


Oddly enough, this is exactly the problem I'm having

     GnuGK         GnuGK    Cisco
EP--->GK1 ---LRQ--->GK2----->GK3
         <---LRJ---  Security denial

EP---------------->GK2----->GK3  call succeeds

Is there anyway to tell why there is a security denial?

As far as I can glean from the manual these are the only sections of the config that can result in security denial:


[Gatekeeper::Auth]
default=allow

[RasSrv::RRQAuth]
default=confirm

And those setting should allow everything to go through. Have I misunderstood completely?


Chetan Sarva wrote: 
Steve Miskowitz wrote:

[Gatekeeper::Main]
; THE Name of the GNUGK system.
Name=GNUGK.domain.com

[RasSrv::Neighbors]
; The Name of the neighbor
GK1=gateway_a

My understanding is that in this example GK1 is the name of your GK and gateway_a should be a profile to use.

Form complete.ini:

;; Neighbor gatekeepers are listed in this section. The list has the following
;; format:
;; GkId=GkProfile
;; where GkProfile can be one of:
;; GkProfile := "GnuGK" | "CiscoGK" | "ClarentGK" | "GlonetGK"
;; | <OldGk - old gnu gk format>

I'm not sure why there is another setting for GatekeeperIdentifier as that seems a bit redundant. In any case, it loads for me now.

The problem now is that my neighbor gk is rejecting the LRQs but I think this is a config issue on that gk.

Regards,

Chetan 



-------------------------------------------------------
This SF.net email is sponsored by Microsoft Mobile & Embedded DevCon 2005
Attend MEDC 2005 May 9-12 in Vegas. Learn more about the latest Windows
Embedded(r) & Windows Mobile(tm) platforms, applications & content.  Register
by 3/29 & save $300 http://ads.osdn.com/?ad_id=6883&alloc_id=15149&op=click

_______________________________________________________

List: Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx
Archive: http://sourceforge.net/mailarchive/forum.php?forum_id=8549
Homepage: http://www.gnugk.org/
[Index of Archives]     [SIP]     [Open H.323]     [Gnu Gatekeeper]     [Asterisk PBX]     [ISDN Cause Codes]     [Yosemite News]

  Powered by Linux