Reply
Thread Tools
Posts: 89 | Thanked: 6 times | Joined on Feb 2010
#31
Please, tell me what is the software that you use to connect to Asterisk from Maemo.
 
Posts: 8 | Thanked: 0 times | Joined on Feb 2010
#32
Originally Posted by smurfy View Post
i have another problem with sip. if im in wlan i can connect to my asterisk server.

if im in another wlan or umts, i installed openvpn to get a home ip adress.

but the buildin sip client seems to only try to connect over umts directly,

ssh or pinging works on both ends of openvpn
I know its a long time ago, but I am trying to get this working. It sounds like you had a problem with your routing table but I had the same problem the other day I could ssh to the internal IP from a remote network over openVPN but the SIP client would not connect over the openVPN link. I didnt get round to a full debug, I thought I would be lazy and ask first...

To complete: This was bug 1860. I applied the workarounds contain therein and I get a VPN connection with a SIP session running over the N900 SIP stack.

I added the libmissioncontrol-utils with this command

#apt-get install libmissioncontrol-utils

this allows the use of mc-tool commands
then added the lines

script security 2
up /etc/openvpn/nokia.up
down /etc/openvpn/nokia.down

to client.ovpn config file

then created the startup scripts nokia.up

#!/bin/sh
run-standalone.sh /usr/bin/mc-tool update sofiasip/sip/_xxxx string:local-ip-address=$4
run-standalone.sh /usr/bin/mc-tool enable sofiasip/sip/_xxxx
route add -net 192.168.2.0 netmask 255.255.255.0 gw 10.8.0.1 dev tun0

and nokia.down

#!/bin/sh
run-standalone.sh /usr/bin/mc-tool disable sofiasip/sip/_xxxx

then these two scripts must be made executable

#chmod 744 nokia*

thanks to KWEK and others who have been through this before. By the way for completeness the command

$mc-tool list

will give you the sofiasip files that you created when you made the SIP client on the phone, these must be used where I have put _xxxx in the above scripts...

Last edited by stevec; 2010-03-05 at 21:34. Reason: update
 
Posts: 2 | Thanked: 1 time | Joined on Mar 2010
#33
hey has anyone try to integrate asterisk with google voice?? i did some research online and found that it actually works... but i m not sure if it ll work on n900. cant anyone give a pointer???
 
Posts: 89 | Thanked: 6 times | Joined on Feb 2010
#34
Off-topic, sorry!

Can you give me an invitation for Google Voice? ;-D

Originally Posted by mrfishball View Post
hey has anyone try to integrate asterisk with google voice?? i did some research online and found that it actually works... but i m not sure if it ll work on n900. cant anyone give a pointer???
 
Posts: 306 | Thanked: 106 times | Joined on Feb 2010
#35
Guys,

I need some help in setting up sip on openvpn. Some details of my network are:

1. Home router: 192.168.1.1
2. Asterisk server and Openvpn server: 192.168.1.152

The server.conf looks like this
Code:
port 1194
proto udp
dev tun
ca privnet/ca.crt
cert privnet/server.crt
key privnet/server.key
dh privnet/dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
keepalive 10 120
comp-lzo
user nobody
group nobody
persist-key
persist-tun
status openvpn-status.log
verb 3
The client.conf on N900 is like this:
Code:
client
script-security 2
up /etc/openvpn/nokia.up
down /etc/openvpn/nokia.down
dev tun
proto udp
remote asterisk.dyndns.org 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
ns-cert-type server
comp-lzo
verb 3
The nokia.up and nokia.down scripts are as follows:
Code:
nokia.up 

#!/bin/sh
run-standalone.sh /usr/bin/mc-tool update sofiasip/sip/_3101_40asterisk_2edyndns_2eorg0 string:local-ip-address=$4
run-standalone.sh /usr/bin/mc-tool enable sofiasip/sip/_3101_40asterisk_2edyndns_2eor

nokia.down

run-standalone.sh /usr/bin/mc-tool disable sofiasip/sip/_3101_40asterisk_2edyndns_2eorg0
When i do a test through the applet the applet i get the following response:
Code:
Apr  9 20:26:05 2010 OpenVPN 2.1_rc20 arm-unknown-linux-gnueabi [SSL] [LZO2] [EPOLL] [MH] [PF_INET6] built on Nov 29 2009
Fri Apr  9 20:26:05 2010 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Fri Apr  9 20:26:05 2010 /usr/bin/openssl-vulnkey -q -b 1024 -m <modulus omitted>
Fri Apr  9 20:26:05 2010 ******* WARNING *******: 'client.key' cannot be verified as a non-vulnerable key. See 'man openssl-vulnkey' for details.
Fri Apr  9 20:26:05 2010 LZO compression initialized
Fri Apr  9 20:26:05 2010 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Fri Apr  9 20:26:05 2010 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Fri Apr  9 20:26:05 2010 Local Options hash (VER=V4): '41690919'
Fri Apr  9 20:26:05 2010 Expected Remote Options hash (VER=V4): '530fdded'
Fri Apr  9 20:26:05 2010 Socket Buffers: R=[65536->131072] S=[16384->131072]
Fri Apr  9 20:26:05 2010 UDPv4 link local: [undef]
Fri Apr  9 20:26:05 2010 UDPv4 link remote: [AF_INET]86.9.87.233:1194
Fri Apr  9 20:26:05 2010 TLS: Initial packet from [AF_INET]86.9.87.233:1194, sid=a7692b5f 7a0dab40
Fri Apr  9 20:26:09 2010 VERIFY OK: depth=1, /C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/CN=Fort-Funston_CA/emailAddress=me@myhost.mydomain
Fri Apr  9 20:26:09 2010 VERIFY OK: nsCertType=SERVER
Fri Apr  9 20:26:09 2010 VERIFY OK: depth=0, /C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/CN=server/emailAddress=me@myhost.mydomain
Fri Apr  9 20:26:16 2010 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Fri Apr  9 20:26:16 2010 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Apr  9 20:26:16 2010 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Fri Apr  9 20:26:16 2010 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Apr  9 20:26:16 2010 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Fri Apr  9 20:26:16 2010 [server] Peer Connection Initiated with [AF_INET]86.9.87.233:1194
Fri Apr  9 20:26:18 2010 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Fri Apr  9 20:26:19 2010 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 1
Fri Apr  9 20:26:19 2010 OPTIONS IMPORT: timers and/or timeouts modified
Fri Apr  9 20:26:19 2010 OPTIONS IMPORT: --ifconfig/up options modified
Fri Apr  9 20:26:19 2010 OPTIONS IMPORT: route options modified
Fri Apr  9 20:26:19 2010 ROUTE default_gateway=192.168.1.254
Fri Apr  9 20:26:19 2010 TUN/TAP device tun0 opened
Fri Apr  9 20:26:19 2010 TUN/TAP TX queue length set to 100
Fri Apr  9 20:26:19 2010 /sbin/ifconfig tun0 10.8.0.6 pointopoint 10.8.0.5 mtu 1500
Fri Apr  9 20:26:19 2010 /etc/openvpn/nokia.up tun0 1500 1542 10.8.0.6 10.8.0.5 init
Fri Apr  9 20:26:20 2010 /sbin/route add -net 86.9.87.233 netmask 255.255.255.255 gw 192.168.1.254
Fri Apr  9 20:26:20 2010 /sbin/route add -net 0.0.0.0 netmask 128.0.0.0 gw 10.8.0.5
Fri Apr  9 20:26:20 2010 /sbin/route add -net 128.0.0.0 netmask 128.0.0.0 gw 10.8.0.5
Fri Apr  9 20:26:20 2010 /sbin/route add -net 10.8.0.1 netmask 255.255.255.255 gw 10.8.0.5
Fri Apr  9 20:26:20 2010 Initialization Sequence Completed
I also did a
Code:
echo 1 > /proc/sys/net/ipv4/ip_forward
on the asterisk/openvpn box.

I am able to ping to 10.8.0.1 from the N900. But the sip connection doesnt go online and i get a network error.

In the sip settings i have defined the server as asterisk.dyndns.org, do i need to change this to 10.8.0.1?

Anybody knows what might be the problem?

Last edited by rajil.s; 2010-04-09 at 19:52. Reason: added nokia.up and nokia.down
 
Posts: 2,802 | Thanked: 4,491 times | Joined on Nov 2007
#36
See bug 1860.
 
Posts: 306 | Thanked: 106 times | Joined on Feb 2010
#37
Originally Posted by lma View Post
See bug 1860.
Actually i am using the nokia.up and nokia.down scripts from the bugreport but still stuck with sip network error. In the sip settings i have 'discover public address' and 'stun'. i am able to ping to the asterisk server (10.8.0.1) but cannot ping to anything else like yahoo.com from n900. The dns resolving works fine though.
any further ideas?
 
Posts: 2,802 | Thanked: 4,491 times | Joined on Nov 2007
#38
Does 10.8.0.5 NAT traffic from the N900? It won't go far with a 10.8.0.6 source address.
 
Posts: 306 | Thanked: 106 times | Joined on Feb 2010
#39
Originally Posted by lma View Post
Does 10.8.0.5 NAT traffic from the N900? It won't go far with a 10.8.0.6 source address.
I havent added any iptables on the server side, what should i add for NAT?

Last edited by rajil.s; 2010-04-10 at 21:00.
 
Posts: 306 | Thanked: 106 times | Joined on Feb 2010
#40
Bit more information. After the openvpn connection has been made, the client N900 route looks like this:

Code:
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.8.0.5        0.0.0.0         255.255.255.255 UH    0      0        0 tun0

10.8.0.1        10.8.0.5        255.255.255.255 UGH   0      0        0 tun0

86.9.87.233     192.168.1.254   255.255.255.255 UGH   0      0        0 wlan0

192.168.1.0     10.8.0.5        255.255.255.0   UG    0      0        0 tun0

192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 wlan0

0.0.0.0         10.8.0.5        128.0.0.0       UG    0      0        0 tun0

128.0.0.0       10.8.0.5        128.0.0.0       UG    0      0        0 tun0

0.0.0.0         192.168.1.254   0.0.0.0         UG    0      0        0 wlan0
and the asterisk/openvpn server looks like
Code:
#route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.8.0.2        0.0.0.0         255.255.255.255 UH    0      0        0 tun0

10.8.0.0        10.8.0.2        255.255.255.0   UG    0      0        0 tun0

192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0

127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo

0.0.0.0         192.168.1.1     0.0.0.0         UG    0      0        0 eth0
 
Reply

Thread Tools

 
Forum Jump


All times are GMT. The time now is 06:13.