No, you shouldn't have to configure Sprout as a trusted peer. However, Sprout should be talking to bono over trusted port 5058, rather than 5060. It is not clear from those logs why this is not the case.
Does the call work if you do not invoke the Application Server? Please send sprout logs as well. Mark Perryman From: Clearwater <clearwater-boun...@lists.projectclearwater.org> On Behalf Of Brian Grant Sent: 15 January 2019 09:30 To: clearwater@lists.projectclearwater.org Subject: [Project Clearwater] Bono responds to INVITE from SCSCF with 403 Forbidden NOTE: Message is from an external sender I'm testing an ON-NET call between two simulated UEs (using signalling emulation tools to generate the call). Both UEs have been provisioned in Ellis and registration procedure for both is successful. When the call is initiated I can follow the INVITE out to MMTEL, but when it returns back to Bono for routing to the destination UE Bono returns 403 Forbidden due to the request coming from an untrusted port/source. Do I need to explicitly configured Sprout as a trusted_peer? Snip from Bono log is below: -- 11-01-2019 14:28:21.494 UTC [7f39017e2700] Debug bono.cpp:775: Request received on non-trusted port 5060 11-01-2019 14:28:21.494 UTC [7f39017e2700] Debug bono.cpp:1017: Perform access proxy routing for INVITE request 11-01-2019 14:28:21.494 UTC [7f39017e2700] Debug bono.cpp:1154: Message received on non-trusted port 5060 11-01-2019 14:28:21.494 UTC [7f39017e2700] Debug flowtable.cpp:111: Find flow for transport tcps0x7f38ec02ae68 (2), remote address 192.168.8.102:51136 11-01-2019 14:28:21.494 UTC [7f39017e2700] Info bono.cpp:1344: Rejecting request from untrusted source 11-01-2019 14:28:21.494 UTC [7f39017e2700] Debug acr.cpp:1797: Create RalfACR for node type P-CSCF with role Terminating 11-01-2019 14:28:21.494 UTC [7f39017e2700] Debug acr.cpp:24: Created ACR (0x7f38f0050dc0) 11-01-2019 14:28:21.494 UTC [7f39017e2700] Debug acr.cpp:170: Created P-CSCF Ralf ACR 11-01-2019 14:28:21.494 UTC [7f39017e2700] Debug acr.cpp:210: Set record type for P/S-CSCF 11-01-2019 14:28:21.494 UTC [7f39017e2700] Debug acr.cpp:237: Dialog-initiating INVITE => START_RECORD 11-01-2019 14:28:21.494 UTC [7f39017e2700] Info bono.cpp:729: Reject INVITE request with 403 status code 11-01-2019 14:28:21.494 UTC [7f39017e2700] Debug pjsip: endpoint Response msg 403/INVITE/cseq=2 (tdta0x7f38f0051010) created 11-01-2019 14:28:21.494 UTC [7f39017e2700] Debug acr.cpp:581: Failed to start session, change record type to EVENT_RECORD 11-01-2019 14:28:21.494 UTC [7f39017e2700] Verbose common_sip_processing.cpp:103: TX 1057 bytes Response msg 403/INVITE/cseq=2 (tdta0x7f38f0051010) to TCP 192.168.8.102:51136: --start msg-- SIP/2.0 403 Forbidden Via: SIP/2.0/TCP 192.168.8.102:5052;rport=51136;received=192.168.8.102;branch=z9hG4bKPjPNr4bIF3DLT9xqlOFvCZ1P3t2N6wmHrw Via: SIP/2.0/TCP scscf.sprout.oam.eeint.co.uk;branch=z9hG4bKPj6EhZFW9TJhleMvXcPCIo2d03WCZSrtot Via: SIP/2.0/TCP mmtel.sprout.oam.eeint.co.uk;branch=z9hG4bKPjI-i5YN5dvVhM0Bt4EC6LXyTI7s30rB4. Via: SIP/2.0/TCP scscf.sprout.oam.eeint.co.uk;branch=z9hG4bKPjBNjxQMKIrXLcRVXPQhZqf.CxknrW95le Via: SIP/2.0/TCP 192.168.8.106:5058;rport=54884;received=192.168.8.106;branch=z9hG4bKPjmGKWRhHQn07Kl7C0MN4H2hNlbnmpuws4 Via: SIP/2.0/UDP 192.168.9.10;received=192.168.9.10;branch=z9hG4bK0114EE278d6a48 Record-Route: <sip:scscf.sprout.oam.eeint.co.uk;transport=TCP;lr;billing-role=charge-orig> Record-Route: <sip:192.168.8.106:5058;transport=TCP;lr> Record-Route: <sip:vF5Pd/Okpb@Bono:5060;transport=UDP;lr> Call-ID: 2bafb0ac3d4be9621@192.168.9.10<mailto:2bafb0ac3d4be9621@192.168.9.10> From: <sip:6505550...@oam.eeint.co.uk>;tag=315F3381 To: <sip:6505550637@192.168.8.106>;tag=z9hG4bKPjPNr4bIF3DLT9xqlOFvCZ1P3t2N6wmHrw CSeq: 2 INVITE Content-Length: 0 --end msg- Regards, Brian. -- Brian Grant Creantech Consulting T: +44 781 050 6475
_______________________________________________ Clearwater mailing list Clearwater@lists.projectclearwater.org http://lists.projectclearwater.org/mailman/listinfo/clearwater_lists.projectclearwater.org
