Yesterday I switched to RSA, and everything is working as well. I can see "AUTHENTICATED" messages on the console if one of the servers is restarted and reconnects, etc.
Everything is working fine with calls being passed between them as well (which is why I labeled the subject "Phantom problem"). However, whenever a call is initiated between the servers I see the following "NOTICE" message:
-- Called [EMAIL PROTECTED]/2001
-- Called [EMAIL PROTECTED]/2001
Mar 18 07:46:19 NOTICE[1150528304]: chan_iax2.c:3507 authenticate: No way to send secret to peer 'XX.XX.XX.XX' (their methods: 4)
Mar 18 07:46:19 NOTICE[1150528304]: chan_iax2.c:3507 authenticate: No way to send secret to peer 'YY.YY.YY.YY' (their methods: 4)
-- SIP/sipura-4b82 is ringing
-- Call accepted by XX.XX.XX.XX (format ULAW)
-- Format for call is ULAW
-- IAX2[remote1]/3 stopped sounds
-- Call accepted by YY.YY.YY.YY (format ULAW)
Method "4" is RSA, which is what I have in all of the iax.conf files (below). The call shown above was successfully answered by a sipura device connected to remote2, so I am not having an authentication problem which is causing a problem at the user experience level, but this seems like something is still mis-configured on my part.
Here are the iax.conf entires:
on the "local" machine: [remote2] context=remote2-in type=friend host=remote2.com ; not the real name... auth=rsa inkeys=remote2 outkey=local
[remote1] context=remote1-in type=friend host=remote1.com ; not the real name... auth=rsa inkeys=remote1 outkey=local
on the "remote1" machine: [remote2] context=remote2-in type=friend host=remote2.com auth=rsa inkeys=remote2 outkey=remote1
[local] context=local-in type=friend host=local.com auth=rsa inkeys=local outkey=remote1
on the "remote2" machine: [local] context=from-local type=friend auth=rsa inkeys=local outkey=remote2 host=dynamic callgroup=1 pickupgroup=1 qualify=50000
[remote1] context=from-local type=friend auth=rsa inkeys=remote1 outkey=remote2 host=dynamic callgroup=1 pickupgroup=1 qualify=50000
Finally, since both local and remote1 are technically behind NAT firewalls, and remote2 is on a public IP address, I have register statements in both local and remote1 iax.conf files, and that's why the entries in remote2 have "host=dynamic" for those machines. I think that the "qualify=50000" statements are ignored in the iax.conf file, and I will remove them, but since they're in there now, I wanted to show the complete entries. Here are the register statements:
on "remote1": register => remote1:[EMAIL PROTECTED]
on "local": register => local:[EMAIL PROTECTED]
Any help would be appreciated. Thanks in advance. _______________________________________________ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
