Re: Wondering if LRQ really works in gnugk!

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Earlier  I posted this message to the list. I did not  get any comment on it until it sunk to the bottom. 
So, I was wondering if I have some misconfiguration or the problems are there?.    Basically I was wondering  about the possibility of  authenticating  LRQ  through RADIUS and use radius based routing as I do for ARQ. I would like to get some ideas from gnugk gurus such as Zygmuntowicz Michal
Thank you


Nour Omar <nouromar@xxxxxxxxxxxxx> wrote:

I setup 2 gnu gatekeepers  gk1 and gk2 both 2.2.2 version both in routing mode. LRQ is always one direction  from gk1 to gk2

gk1-------------------------LRQ------------------------->gk2

before I describe my problem, let me paste the relevant  config sections

For gk2, I have :

[RasSrv::Neighbors]
gk1=GnuGK
[Neighbor::gk1]
GatekeeperIdentifier=gk1
Host=xxx.xxx.xx.xxx
AcceptPrefixes=*

[Gatekeeper::Auth]
RadAuth=sufficient;RRQ,ARQ,LRQ

For gk1, I have:

[RasSrv::Neighbors]
gk2=GnuGK
[Neighbor::gk2]
GatekeeperIdentifier=gk2
Host=xxx.xxx.xxx.xxx
SendPrefixes=*
ForwardLRQ=always
[RoutingPolicy]
default=internal,neighbor

 

I have 2 problems:

1)  LRQ comes to gk2 but it is not going to the radius authentication. Both RRQ and ARQ are using Radius Auth fine but not LRQ. LRQ is going directly to RoutingPolicy. In gk2's config,  I do not have [RoutingPolicy] section because I do all my routing stuff  in radius(except internal endpoints).  So what happens is that gnugk searchs default RoutingPolicy(Internal) for destination, when it could not find one, it will send LRJ to gk1. So my first questions is how can I make LRQ use my radius for authentication/routing?

2) Let's say, I called internally registered endpoint to gk2. In this case RoutingPolicy will match endpoint and then LCF will be sent to gk1  but the setup will fail This is what is written to the log at gk2

 ProxyChannel.cxx(1548)  Q931s   Reject unregistered call bf fc df a1 08 f3 18 10 88 00 44 45 53 54 42 00 from xx.xxx.xx.xxx:32772

xxx.xxx.xxx.xxx is gk1 ip address( remember both gk1 and gk2 are in routing mode, so all setup signalling will go between them)

I did NOT  try AcceptUnregisteredCalls=1  because I do not want really do that. I think LRQ should work without opening this security hole.

I would really appreciate if you guys shed some light on these problems

[Index of Archives]     [SIP]     [Open H.323]     [Gnu Gatekeeper]     [Asterisk PBX]     [ISDN Cause Codes]     [Yosemite News]

  Powered by Linux