In 3.10.3 after adding the gateway and dial plan you must add the remote subnet via "System>Internet Calling>Intranet Subnets" of all sites interconnected (at each system). Authentication issues will ensue if you do not do this.
>>> "Tony Graziano" <[email protected]> 07/09/09 4:22 PM >>> You must add each site to the intranet list of every connected site or calls will fail. -----Original Message----- From: Cuneyt M <[email protected]> To: <[email protected]> To: <[email protected]> Sent: 7/9/2009 4:18:39 PM Subject: [sipx-users] Connecting Multiple SipX PBX Sites on 3.10.3 Dear All, I am still using 3.10.3, as my previous attempts to upgrade to 4.01 failed and had to leave that aside as I didn't have more down time to try updated Wiki page for 3.10.x to 4.0.1 yum update - yet. The current issue on 3.10.3 briefly(!) when all sites are VPNed and i -create a gateway for of the other- in each site, along with the dial-plan and publish (checked user's permission etc.), I receive Call Failed: Proxy Authentication Required in Xlite 3.0 (with latest updates) when i register with Xlite at any of the site (or outside with STUN) and use its dial-plan to call the other. It fails with Proxy Authentication Required. As far as I know, there is no setting to loose sipx 3.10.3 proxy authentication rule from webconfig and I assumed configuring each site as gateway of other should work but it doesnt for some reason. (i. followed the wiki page on connecting 2 sites with sipx and custom dial plan page) I am not really good with the log parsing and using sipViewer (no X installed on boxes and wanna keep it that way for now) and I believe the issue is not a bug but a rather a configuration issue as I read people with success stories on same built. I do hope the following info. would give you the required background on the configuration: There is one aspect of the installation/configuration which I am not quite safe about; (which gets screwed further in my attempts to upgrade 4.01 but thats another story): - There are 4 different Sipx sites, all behind the router/NAT, running on CentOS 5 (installed from ISO 3.8 and yum updated all the way to 3.10.3) and these machines also functions as internal DNS,DHCP to the site's LAN. I have installed *PPTPD *and *PPTP *for Windows VPN users as well as to connect all 4 sites between themselves to overcome NAT issues while connecting each site's PBX to each other (didnt have budget for SBC or external box). - Each site's domain name were given as *sub-domains* of the main *company.com* domain; *site1.company.com *- PublicStaticIP<-ROUTER(NAT) with ports 5060,5061 forwarded to <- SipX *IP 192.168.1.2 Extension Pool 200-499 * * site2.company.com *- PublicStaticIP<-ROUTER(NAT) with ports 5060,5061 forwarded to <- SipX *IP 192.168.2.2* * Extension Pool 500-599* *site3.company.com* - PublicStaticIP<-ROUTER(NAT) with ports 5060,5061 forwarded to <- SipX *IP 192.168.3.2* * Extension Pool 600-699* * site4.company.com *- PublicStaticIP<-ROUTER(NAT) with ports 5060,5061 forwarded to <- SipX *IP 192.168.4.2* * Extension Pool 700-799* - In each site's Sipx DNS, the* /var/named/company.com zone* file configured to contain each Site's A, SRV and NAPTR after local site; This zone configuration approach followed in each site's DNS server. After connecting all sites (2-way) via VPN, I can confirm the SRV resolution as well as verify the A record and node with tracert [r...@site1]# *tracert site1.company.com* traceroute to site1.company.com (192.168.5.2), 30 hops max, 40 byte packets * 1 192.168.5.2 (192.168.5.2) 82.247 ms 84.355 ms 85.791 ms <-- (1 hop connectivity to other sites with VPN)* [r...@site1]#* nslookup* *-type=SRV* _sip._udp.*site2.company*.com Server: 127.0.0.1 Address: 127.0.0.1#53 *_sip._udp.site2.company.com service = 1 0 5060 site2.company.com. <-- (SRV resolves OK alongside A record)* As for the DNS configuration, following gives an idea of current config which i've been using since day 1 of the installation; *Site1: /var/named/company.com.zone* $TTL 1D @ IN SOA ns1.company.com. root.company.com. ( 200602132 ; serial# 3600 ; refresh, seconds 3600 ; retry, seconds 3600 ; expire, seconds 3600 ) ; minimum TTL, seconds NS ns1.company.com. ; Inet Address of nameserver company.com. MX 10 mail ; Primary Mail Exchanger ns1 CNAME site1 *;* *SITE1 *A, SRV, NAPTR records: *site1.company.com. * IN A 192.168.1.2 /*;* site1.company.com. IN A 203.0.0.1 /* ; /Public IP commented for VPN tests./* *site1.company.com.* IN NAPTR 2 0 "s" "SIP+D2T" "" _sip._tcp.*site1*.company.com. *site1*.company.com. * * IN NAPTR 2 0 "s" "SIP+D2U" "" _sip._udp.*site1.c*ompany.com. _sip._tcp.*site1.*company.com. IN SRV 1 0 5060 *site1.*company.com. _sip._udp.*site1.*company.com. IN SRV 1 0 5060 *site1.*company.com. ; *SITE2 *A, SRV, NAPTR records: *site2.company.com.* IN A *192.168.2.2* ; *using its LAN IP as all SITEs are connected with VPN(PPTP) */*;* site2.company.com. IN A 203.0.0.2 /* ; /Public IP commented for VPN tests./ **site2.company.com*. IN NAPTR 2 0 "s" "SIP+D2T" "" _sip._tcp.*site2.*company.com. *site2.company.com. * IN NAPTR 2 0 "s" "SIP+D2U" "" _sip._udp.*site2.*company.com. _sip._tcp.*site2.company.com.* IN SRV 1 0 5060 *site2.*company.com. _sip._udp.*site2.company.com*. IN SRV 1 0 5060 *site2.*company.com*.* ; *SITE3* A, SRV, NAPTR records: *site3.company.com.* IN A *192.168.3.2* ; *using its LAN IP as all SITEs are connected with VPN(PPTP)* /*;* site3.company.com. IN A 203.0.0.3 /* ; /Public IP commented for VPN tests./* *site3.company.com*. IN NAPTR 2 0 "s" "SIP+D2T" "" _sip._tcp.*site3.*company.com. *site3.company.com. * IN NAPTR 2 0 "s" "SIP+D2U" "" _sip._udp.*site3.*company.com. _sip._tcp.*site3.company.com.* IN SRV 1 0 5060 *site3.*company.com. _sip._udp.*site3.company.com*. IN SRV 1 0 5060 *site3.*company.com*. * It would be highly appreciated if anyone can shed some light on the issue, interconnecting multiple sites - where all sites VPNed with PPTP - with above configuration and gateways,dialplans in place as per the wiki pages - what might be causing Proxy Authentication Failure and whether there is any solution by optimizing the config accordingly.* * All the best! _______________________________________________ sipx-users mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-users Unsubscribe: http://list.sipfoundry.org/mailman/listinfo/sipx-users sipXecs IP PBX -- http://www.sipfoundry.org/
_______________________________________________ sipx-users mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-users Unsubscribe: http://list.sipfoundry.org/mailman/listinfo/sipx-users sipXecs IP PBX -- http://www.sipfoundry.org/
