You are right Jan, now it works. Thank you very much. Pierlu.
On Fri, Jun 21, 2013 at 2:03 PM, Jan Willamowius <jan@xxxxxxxxxxxxxx> wrote:
Hi,
you are getting a securityDenial, because your config says only to
accept prefox 00 from that neighbor. The GWRewriteE164 applies before
the check and thus the LRQ is rejected.
The easiest is probably to set AcceptPrefixes=*.
Regards,
Jan
--
Jan Willamowius, Founder of the GNU Gatekeeper Project
EMail : jan@xxxxxxxxxxxxxx
Website: http://www.gnugk.org
Support: http://www.willamowius.com/gnugk-support.html
> > *INI GNUGKCH*
pierlu wrote:
> Hi Gabriel, thanks for your reply. I had already tried the GWRewriteE164
> rule, but I tried it again. Nothing changed though, still behaviour.
>
> I have enabled logging and I've seen that LRJ is sent due to Security
> Reasons
>
> 2013/06/21 11:06:07.200 1 RasSrv.cxx(381) RAS LRQ Received from
> 10.1.12.153:1719
> 2013/06/21 11:06:07.200 2
> Toolkit.cxx(941) GWRewriteTool::RewritePString: 002533 to 2533
> 2013/06/21 11:06:07.200 2
> RasSrv.cxx(420) LRJ|10.1.12.153|2533:dialedDigits
> 2013/06/21 11:06:07.200 3 RasSrv.cxx(262) RAS Send to 10.1.12.153:1719
> locationReject {
> requestSeqNum = 4
> rejectReason = securityDenial <<null>>
> }
>
>
> Probably there's something I'm missing. I will look into the manual more
> accurately.
>
> Cheers, p.
>
> On Thu, Jun 20, 2013 at 10:47 PM, Gabriel Georgescu <gabigeo@xxxxxxxxxxx>wrote:
>
> > Hi Pierlu,
> >
> > It might be that the global rules in [RasSrv::RewriteE164] on GNUGK00
> > occurs before neighbor selection, so 'Accept prefixes' will not match the
> > dialed number now with 00 stripped.
> > I guess when you try with SendPrefixes=2 you do not strip the 2 anymore.
> >
> > I think you better try with a GWRewriteE164 rule (instead of the global
> > rule RewriteE164) that occurs after gateway selection:
> >
> > [RasSrv::GWRewriteE164]
> > GNUGkCh=in=00=
> >
> > For more details see the diagram in the manual at 6.4 Section
> > [RasSrv::GWRewriteE164].
> >
> > Regards,
> > Gabriel
> >
> >
> >
> > On 20/06/2013 20:24, pierlu wrote:
> >
> > Hi. I tried to set up two gatekeepers with prefixes and LQR forwarding
> > but I'm not getting something because things don't work and I get LRJ.
> >
> > Both GK are Gnugk 3.2.0
> > Gatekeeper(GNU) Version(3.2.0)
> > Ext(pthreads=0,radius=1,mysql=1,pgsql=1,firebird=1,odbc=1,sqlite=1,large_fdset=0,crypto/ssl=1,h46018=1,h46023=1,ldap=1,ssh=0,ipv6=
> > 1,h235media=1,lua=0,h46017=1,snmp=1) H323Plus(1.24.2) PTLib(2.10.1)
> > Build(Jan 15 2013, 00:59:18) Sys(Server 2003 i586 (Model=9 Stepping=1)
> > v5.2.3790)
> > Startup: Thu, 20 Jun 2013 18:58:38 +02:00 Running: 0 days 00:00:13
> >
> > Ini's are very simple.
> >
> > [Gatekeeper::Main]> > *INI GNUGK00*
> > Name=GNUGkCh
> > [GkStatus::Auth]
> > rule=allow
> > [RasSrv::Neighbors]
> > GNUGk00=GnuGK
> > [Neighbor::GNUGk00]
> > Host=10.1.12.152:1719
> > SendPrefixes=00
> >
> > [Gatekeeper::Main]> > *STATUS GNUGKCH:* ARJ|10.1.12.60:1720
> > Name=GNUGk00
> > [GkStatus::Auth]
> > rule=allow
> > [RasSrv::RewriteE164]
> > 00=
> > [RasSrv::Neighbors]
> > GNUGkCh=GnuGK
> > [Neighbor::GNUGkCh]
> > Host=10.1.12.153:1719
> > AcceptPrefixes=00
> >
> > I have only two endpoints: the first one is registered on GNUGKCH
> > with E164 3333 and the second one is registered on GNUGK00 with E164 2533.
> >
> > With that configuration, I was expecting that when endpoint 3333 in zone
> > GNUGKCH would dial 002533, a call with endpoint 2533 in zone GNUGK00 would
> > be set up. But I'm receiving a denail, as you can see from status ports'
> > outputs
> > |002533:dialedDigits|3333:dialedDigits=.:h323_ID|false|calledPartyNotRegistered|65-d8-c6-71-32-0a-19-10-85-d8-02-01-51-12-10-60;> > *STATUS GNUGK00*: LRJ|10.1.12.153|2533:dialedDigits
> >
> > What makes me wonder it's that if I set SendPrefixes=2 on GNUGKCH and
> > AcceptPrefixes=2 on GNUGK00, when the 3333 endpoint calls the 2533 endpoint
> > by dialing 2533 with no prefix, the call is placed no problem.
> >
> > It seems I don't understand things right with prefixes. Which way of
> > thinking should I adopt to understand what I am doing wrong?
> >
> > Thanks, pierlu
------------------------------------------------------------------------------
This SF.net email is sponsored by Windows:
Build for Windows Store.
http://p.sf.net/sfu/windows-dev2dev
_______________________________________________________
Posting: mailto:Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx
Archive: http://sourceforge.net/mailarchive/forum.php?forum_name=openh323gk-users
Unsubscribe: http://lists.sourceforge.net/lists/listinfo/openh323gk-users
Homepage: http://www.gnugk.org/
------------------------------------------------------------------------------ This SF.net email is sponsored by Windows: Build for Windows Store. http://p.sf.net/sfu/windows-dev2dev
_______________________________________________________ Posting: mailto:Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx Archive: http://sourceforge.net/mailarchive/forum.php?forum_name=openh323gk-users Unsubscribe: http://lists.sourceforge.net/lists/listinfo/openh323gk-users Homepage: http://www.gnugk.org/
