Why do I need a username at all if I am doing rsa authentication? Why doesn't it match against the key?
> -----Original Message----- > From: Joshua Colp [mailto:[EMAIL PROTECTED] > Sent: Saturday, March 25, 2006 12:11 PM > To: Asterisk Users Mailing List - Non-Commercial Discussion > Subject: RE: [Asterisk-Users] RE: IAX Incoming/Outgoing > > > You do realize you're not sending along a username so it's > using another method to try to discover the username you're > trying to authenticate as on the server side? Apparently not. > > IAX2/[EMAIL PROTECTED]/[EMAIL PROTECTED] > > Joshua Colp > > ----- Original Message ----- > From: Douglas Garstang > [mailto:[EMAIL PROTECTED] > To: Asterisk Users Mailing List - > Non-Commercial Discussion [mailto:[EMAIL PROTECTED] > Sent: > Sat, 25 Mar 2006 14:55:28 -0400 > Subject: RE: [Asterisk-Users] RE: IAX > Incoming/Outgoing > > > > Well, I just tried your approach. I broke them all up into > users/peers. Now > > it makes even LESS sense. The pbx1 system is connecting to > the pbx2 system, > > and according to the iax debug, is sending a username of > 'pbx3_in'. *lol* > > > > [pbx1_in] > > type=user > > auth=rsa > > inkeys=pbx1 > > context=global_pbx_transfer > > deny=0.0.0.0 > > permit=xxx.187.142.203 > > > > [pbx1_out] > > type=peer > > auth=rsa > > outkey=pbx1 > > host=pbx1.ipt.yyy.com > > > > [pbx2_in] > > type=user > > auth=rsa > > inkeys=pbx2 > > context=global_pbx_transfer > > deny=0.0.0.0 > > permit=xxx.187.142.204 > > > > [pbx2_out] > > type=peer > > auth=rsa > > outkey=pbx1 > > host=pbx2.ipt.yyy.com > > > > [pbx3_in] > > type=user > > auth=rsa > > inkeys=pbx3 > > context=global_pbx_transfer > > deny=0.0.0.0 > > permit=xxx.187.142.234 > > > > [pbx3_out] > > type=peer > > auth=rsa > > outkey=pbx1 > > host=pbx3.ipt.yyy.com > > > > Here's how I connect: > > exten => > > s-CHANUNAVAIL,1,Dial(IAX2/pbx2_out/[EMAIL PROTECTED],25,g) > > > > and here's the IAX debug: > > Tx-Frame Retry[000] -- OSeqno: 000 ISeqno: 000 Type: IAX > Subclass: NEW > > > > Timestamp: 00003ms SCall: 00001 DCall: 00000 > [xxx.187.142.204:4569] > > VERSION : 2 > > CALLED NUMBER : 2944099 > > CODEC_PREFS : (ulaw|g729) > > CALLING NUMBER : 2944093 > > CALLING PRESNTN : 0 > > CALLING TYPEOFN : 0 > > CALLING TRANSIT : 0 > > CALLING NAME : Foo > > LANGUAGE : en > > CALLED CONTEXT : global_pbx_transfer > > FORMAT : 4 > > CAPABILITY : 65535 > > ADSICPE : 2 > > DATE TIME : 2006-03-25 11:54:36 > > hestia*CLI> > > -- Called pbx2_out/[EMAIL PROTECTED] > > Rx-Frame Retry[ No] -- OSeqno: 000 ISeqno: 001 Type: IAX > Subclass: ACK > > > > Timestamp: 00003ms SCall: 00002 DCall: 00001 > [xxx.187.142.204:4569] > > Rx-Frame Retry[ No] -- OSeqno: 000 ISeqno: 001 Type: IAX > Subclass: > > AUTHREQ > > Timestamp: 00005ms SCall: 00002 DCall: 00001 > [xxx.187.142.204:4569] > > AUTHMETHODS : 4 > > CHALLENGE : 129428696 > > USERNAME : pbx3_in <---- WHAT THE HELL > IS THIS DOING > > HERE? > > > > > > > > > > > -----Original Message----- > > > From: Brian Capouch [mailto:[EMAIL PROTECTED] > > > Sent: Saturday, March 25, 2006 11:46 AM > > > To: Asterisk Users Mailing List - Non-Commercial Discussion > > > Subject: Re: [Asterisk-Users] RE: IAX Incoming/Outgoing > > > > > > > > > Douglas Garstang wrote: > > > > This is INSANE! My calling system has this iax.conf: > > > > > > > > > > Search the archives for mails about separating > > > originations/terminations > > > by removing all friends and setting up the various > > > interoperating boxes > > > in a peer-user arrangement. > > > > > > I am pretty certain there are archived mails that urge > people who use > > > IAX to do that, and indicating that the various possible > ambiguities > > > with IAX friends is not a Good Thing. > > > > > > That would seem borne out by your experiences. > > > > > > I would also follow the time-honored programming technique of > > > removing > > > many of your constraints (keys, allow/disallows, etc.) in > order to > > > remove as many causes of uncertainty as possible. Then once > > > the boxes > > > are talking those things can be added back in a controlled > > > manner. To > > > my eyes your configurations have an awful lot of variable factors. > > > > > > Just where the insanity lies is another issue, which I don't > > > care to get > > > into at the present time :-) > > > > > > B. > > > _______________________________________________ > > > --Bandwidth and Colocation provided by Easynews.com -- > > > > > > Asterisk-Users mailing list > > > To UNSUBSCRIBE or update options visit: > > > http://lists.digium.com/mailman/listinfo/asterisk-users > > > > > _______________________________________________ > > --Bandwidth and Colocation provided by Easynews.com -- > > > > Asterisk-Users mailing list > > To UNSUBSCRIBE or update options visit: > > http://lists.digium.com/mailman/listinfo/asterisk-users > > > _______________________________________________ > --Bandwidth and Colocation provided by Easynews.com -- > > Asterisk-Users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users > _______________________________________________ --Bandwidth and Colocation provided by Easynews.com -- Asterisk-Users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
