Openser + Mediaproxy - NAT registration problem

Hi,

I'm having problems with my openser.cfg because i can't register any client that is behind a NAT. I took the openser.cfg from sipwise and made some adaptations (running openser 1.3.0).
I made some debugging of the registration process with ngrep:
My UA client sends a REGISTER;
The server responds with 100 trying, sends OK and then send 401 unauthorized (because it lacks credentials);
My UA client send the credentials for Authorization but nothing happens...

Thanks in advance !

Ngrep results:

#
U 84.90.54.151:5060 -> 193.136.82.76:5060
REGISTER sip:193.136.82.76;transport=UDP SIP/2.0.
Via: SIP/2.0/UDP 192.168.1.3:5060;branch=z9hG4bK-d8754z-6e38c2b7e49f4590-1---d8754z-;rport.
Max-Forwards: 70.
Contact: <sip:200@192.168.1.3:5060;rinstance=fc7e4a437d6a7352>;transport=UDP.
To: "200"<sip:200@193.136.82.76>;transport=UDP.
From: "200"<sip:200@193.136.82.76>;transport=UDP;tag=9676777d.
Call-ID: NzI3NzFlZmJiZmZmNWZkMjRlYzNhZWU4YTk0YzI3ZTE..
CSeq: 1 REGISTER.
Expires: 70.
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, NOTIFY, REFER, MESSAGE, OPTIONS, INFO.
User-Agent: Zoiper for Windows rev.650.
Allow-Events: presence.
Content-Length: 0.
.

#
U 193.136.82.76:5060 -> 84.90.54.151:5060
SIP/2.0 100 Trying.
Via: SIP/2.0/UDP 192.168.1.3:5060;branch=z9hG4bK-d8754z-6e38c2b7e49f4590-1---d8754z-;rport=5060;received=84.90.54.151.
To: "200"<sip:200@193.136.82.76>;transport=UDP.
From: "200"<sip:200@193.136.82.76>;transport=UDP;tag=9676777d.
Call-ID: NzI3NzFlZmJiZmZmNWZkMjRlYzNhZWU4YTk0YzI3ZTE..
CSeq: 1 REGISTER.
Server: OpenSER (1.3.0-notls (i386/linux)).
Content-Length: 0.
.

#
U 193.136.82.76:5060 -> 84.90.54.151:5060
SIP/2.0 401 Unauthorized.
Via: SIP/2.0/UDP 192.168.1.3:5060;branch=z9hG4bK-d8754z-6e38c2b7e49f4590-1---d8754z-;rport=5060;received=84.90.54.151.
To: "200"<sip:200@193.136.82.76>;transport=UDP;tag=98c62b0dc8cc14ac09b50e489e7b7b59.fe32.
From: "200"<sip:200@193.136.82.76>;transport=UDP;tag=9676777d.
Call-ID: NzI3NzFlZmJiZmZmNWZkMjRlYzNhZWU4YTk0YzI3ZTE..
CSeq: 1 REGISTER.
WWW-Authenticate: Digest realm="193.136.82.76", nonce="47ed1f2ceeeca814e72b19813e40bcd5d30a92cd".
Server: OpenSER (1.3.0-notls (i386/linux)).
Content-Length: 0.
.

#
U 84.90.54.151:5060 -> 193.136.82.76:5060
REGISTER sip:193.136.82.76;transport=UDP SIP/2.0.
Via: SIP/2.0/UDP 192.168.1.3:5060;branch=z9hG4bK-d8754z-7a1bc2791cf4901e-1---d8754z-;rport.
Max-Forwards: 70.
Contact: <sip:200@192.168.1.3:5060;rinstance=fc7e4a437d6a7352>;transport=UDP.
To: "200"<sip:200@193.136.82.76>;transport=UDP.
From: "200"<sip:200@193.136.82.76>;transport=UDP;tag=9676777d.
Call-ID: NzI3NzFlZmJiZmZmNWZkMjRlYzNhZWU4YTk0YzI3ZTE..
CSeq: 2 REGISTER.
Expires: 70.
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, NOTIFY, REFER, MESSAGE, OPTIONS, INFO.
User-Agent: Zoiper for Windows rev.650.
Authorization: Digest username="200",realm="193.136.82.76",nonce="47ed1f2ceeeca814e72b19813e40bcd5d30a92cd",uri="sip:193.136.82.76;transport=UDP",response="3efb44d3a46b236d123f74925382e325",algorithm=MD5.
Allow-Events: presence.
Content-Length: 0.
.

#
U 193.136.82.76:5060 -> 84.90.54.151:5060
SIP/2.0 100 Trying.
Via: SIP/2.0/UDP 192.168.1.3:5060;branch=z9hG4bK-d8754z-7a1bc2791cf4901e-1---d8754z-;rport=5060;received=84.90.54.151.
To: "200"<sip:200@193.136.82.76>;transport=UDP.
From: "200"<sip:200@193.136.82.76>;transport=UDP;tag=9676777d.
Call-ID: NzI3NzFlZmJiZmZmNWZkMjRlYzNhZWU4YTk0YzI3ZTE..
CSeq: 2 REGISTER.
Server: OpenSER (1.3.0-notls (i386/linux)).
Content-Length: 0.
.

#
U 193.136.82.76:5060 -> 84.90.54.151:5060
SIP/2.0 200 OK.
Via: SIP/2.0/UDP 192.168.1.3:5060;branch=z9hG4bK-d8754z-7a1bc2791cf4901e-1---d8754z-;rport=5060;received=84.90.54.151.
To: "200"<sip:200@193.136.82.76>;transport=UDP;tag=98c62b0dc8cc14ac09b50e489e7b7b59.0830.
From: "200"<sip:200@193.136.82.76>;transport=UDP;tag=9676777d.
Call-ID: NzI3NzFlZmJiZmZmNWZkMjRlYzNhZWU4YTk0YzI3ZTE..
CSeq: 2 REGISTER.
Contact: <sip:200@192.168.1.3:5060;rinstance=fc7e4a437d6a7352>;expires=70;received="sip:84.90.54.151:5060".
Server: OpenSER (1.3.0-notls (i386/linux)).
Content-Length: 0.
.

#
U 84.90.54.151:5060 -> 193.136.82.76:5060
REGISTER sip:193.136.82.76;transport=UDP SIP/2.0.
Via: SIP/2.0/UDP 192.168.1.3:5060;branch=z9hG4bK-d8754z-7a1bc2791cf4901e-1---d8754z-;rport.
Max-Forwards: 70.
Contact: <sip:200@192.168.1.3:5060;rinstance=fc7e4a437d6a7352>;transport=UDP.
To: "200"<sip:200@193.136.82.76>;transport=UDP.
From: "200"<sip:200@193.136.82.76>;transport=UDP;tag=9676777d.
Call-ID: NzI3NzFlZmJiZmZmNWZkMjRlYzNhZWU4YTk0YzI3ZTE..
CSeq: 2 REGISTER.
Expires: 70.
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, NOTIFY, REFER, MESSAGE, OPTIONS, INFO.
User-Agent: Zoiper for Windows rev.650.
Authorization: Digest username="200",realm="193.136.82.76",nonce="47ed1f2ceeeca814e72b19813e40bcd5d30a92cd",uri="sip:193.136.82.76;transport=UDP",response="3efb44d3a46b236d123f74925382e325",algorithm=MD5.
Allow-Events: presence.
Content-Length: 0.
.

#
U 193.136.82.76:5060 -> 84.90.54.151:5060
SIP/2.0 100 Trying.
Via: SIP/2.0/UDP 192.168.1.3:5060;branch=z9hG4bK-d8754z-7a1bc2791cf4901e-1---d8754z-;rport=5060;received=84.90.54.151.
To: "200"<sip:200@193.136.82.76>;transport=UDP.
From: "200"<sip:200@193.136.82.76>;transport=UDP;tag=9676777d.
Call-ID: NzI3NzFlZmJiZmZmNWZkMjRlYzNhZWU4YTk0YzI3ZTE..
CSeq: 2 REGISTER.
Server: OpenSER (1.3.0-notls (i386/linux)).
Content-Length: 0.
.

#
U 193.136.82.76:5060 -> 84.90.54.151:5060
SIP/2.0 200 OK.
Via: SIP/2.0/UDP 192.168.1.3:5060;branch=z9hG4bK-d8754z-7a1bc2791cf4901e-1---d8754z-;rport=5060;received=84.90.54.151.
To: "200"<sip:200@193.136.82.76>;transport=UDP;tag=98c62b0dc8cc14ac09b50e489e7b7b59.0830.
From: "200"<sip:200@193.136.82.76>;transport=UDP;tag=9676777d.
Call-ID: NzI3NzFlZmJiZmZmNWZkMjRlYzNhZWU4YTk0YzI3ZTE..
CSeq: 2 REGISTER.
Contact: <sip:200@192.168.1.3:5060;rinstance=fc7e4a437d6a7352>;expires=66;received="sip:84.90.54.151:5060".
Server: OpenSER (1.3.0-notls (i386/linux)).
Content-Length: 0.
.

#
U 84.90.54.151:5060 -> 193.136.82.76:5060
REGISTER sip:193.136.82.76;transport=UDP SIP/2.0.
Via: SIP/2.0/UDP 192.168.1.3:5060;branch=z9hG4bK-d8754z-7a1bc2791cf4901e-1---d8754z-;rport.
Max-Forwards: 70.
Contact: <sip:200@192.168.1.3:5060;rinstance=fc7e4a437d6a7352>;transport=UDP.
To: "200"<sip:200@193.136.82.76>;transport=UDP.
From: "200"<sip:200@193.136.82.76>;transport=UDP;tag=9676777d.
Call-ID: NzI3NzFlZmJiZmZmNWZkMjRlYzNhZWU4YTk0YzI3ZTE..
CSeq: 2 REGISTER.
Expires: 70.
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, NOTIFY, REFER, MESSAGE, OPTIONS, INFO.
User-Agent: Zoiper for Windows rev.650.
Authorization: Digest username="200",realm="193.136.82.76",nonce="47ed1f2ceeeca814e72b19813e40bcd5d30a92cd",uri="sip:193.136.82.76;transport=UDP",response="3efb44d3a46b236d123f74925382e325",algorithm=MD5.
Allow-Events: presence.
Content-Length: 0.
.

#
U 193.136.82.76:5060 -> 84.90.54.151:5060
SIP/2.0 100 Trying.
Via: SIP/2.0/UDP 192.168.1.3:5060;branch=z9hG4bK-d8754z-7a1bc2791cf4901e-1---d8754z-;rport=5060;received=84.90.54.151.
To: "200"<sip:200@193.136.82.76>;transport=UDP.
From: "200"<sip:200@193.136.82.76>;transport=UDP;tag=9676777d.
Call-ID: NzI3NzFlZmJiZmZmNWZkMjRlYzNhZWU4YTk0YzI3ZTE..
CSeq: 2 REGISTER.
Server: OpenSER (1.3.0-notls (i386/linux)).
Content-Length: 0.
.

#
U 193.136.82.76:5060 -> 84.90.54.151:5060
SIP/2.0 200 OK.
Via: SIP/2.0/UDP 192.168.1.3:5060;branch=z9hG4bK-d8754z-7a1bc2791cf4901e-1---d8754z-;rport=5060;received=84.90.54.151.
To: "200"<sip:200@193.136.82.76>;transport=UDP;tag=98c62b0dc8cc14ac09b50e489e7b7b59.0830.
From: "200"<sip:200@193.136.82.76>;transport=UDP;tag=9676777d.
Call-ID: NzI3NzFlZmJiZmZmNWZkMjRlYzNhZWU4YTk0YzI3ZTE..
CSeq: 2 REGISTER.
Contact: <sip:200@192.168.1.3:5060;rinstance=fc7e4a437d6a7352>;expires=62;received="sip:84.90.54.151:5060".
Server: OpenSER (1.3.0-notls (i386/linux)).
Content-Length: 0.


My Openser.cfg:

#
# $Id: openser.cfg 3284 2007-12-06 18:56:59Z bogdan_iancu $
#
# OpenSER basic configuration script
# by Anca Vamanu <anca@voice-system.ro>
#
# Please refer to the Core CookBook at http://www.openser.org/dokuwiki/doku.php
# for a explanation of possible statements, functions and parameters.
#


####### Global Parameters #########

debug=3
fork=no
log_stderror=yes
log_facility=LOG_LOCAL7

children=4

/* comment the next line to disable TCP (default on) */
#disable_tcp=yes

/* uncomment the next line to enable the auto temporary blacklisting of
not available destinations (default disabled) */
#disable_dns_blacklist=no

/* uncomment the next line to enable IPv6 lookup after IPv4 dns
lookup failures (default disabled) */
#dns_try_ipv6=yes

/* uncomment the next line to disable the auto discovery of local aliases
based on revers DNS on IPs (default on) */
#auto_aliases=no

/* uncomment the following lines to enable TLS support (default off) */
#disable_tls = no
#listen = tls:your_IP:5061
#tls_verify_server = 1
#tls_verify_client = 1
#tls_require_client_certificate = 0
#tls_method = TLSv1
#tls_certificate = "/etc/openser/tls/user/user-cert.pem"
#tls_private_key = "/etc/openser/tls/user/user-privkey.pem"
#tls_ca_list = "/etc/openser/tls/user/user-calist.pem"


port=5060

/* uncomment and configure the following line if you want openser to
bind on a specific interface/port/proto (default bind on all available) */
listen=udp:193.136.82.76:5060


####### Modules Section ########

#set module path
mpath="/usr/lib/openser/modules/"

/* uncomment next line for MySQL DB support */
loadmodule "mysql.so"
loadmodule "sl.so"
loadmodule "tm.so"
loadmodule "rr.so"
loadmodule "maxfwd.so"
loadmodule "usrloc.so"
loadmodule "registrar.so"
loadmodule "textops.so"
loadmodule "mi_fifo.so"
loadmodule "uri_db.so"
loadmodule "uri.so"
loadmodule "xlog.so"
#loadmodule "acc.so"
/* uncomment next lines for MySQL based authentication support
NOTE: a DB (like mysql) module must be also loaded */
loadmodule "auth.so"
loadmodule "auth_db.so"
/* uncomment next line for aliases support
NOTE: a DB (like mysql) module must be also loaded */
#loadmodule "alias_db.so"
/* uncomment next line for multi-domain support
NOTE: a DB (like mysql) module must be also loaded
NOTE: be sure and enable multi-domain support in all used modules
(see "multi-module params" section ) */
loadmodule "domain.so"
/* uncomment the next two lines for presence server support
NOTE: a DB (like mysql) module must be also loaded */
#loadmodule "presence.so"
#loadmodule "presence_xml.so"

# Modulos necessarios para o NAT Traversal
loadmodule "nathelper.so"
loadmodule "mediaproxy.so"


# ----------------- setting module-specific parameters ---------------


# ----- mi_fifo params -----
modparam("mi_fifo", "fifo_name", "/tmp/openser_fifo")


# ----- rr params -----
# add value to ;lr param to cope with most of the UAs
modparam("rr", "enable_full_lr", 1)
# do not append from tag to the RR (no need for this script)
modparam("rr", "append_fromtag", 0)


# ----- registrar params -----
modparam("registrar", "method_filtering", 1)
/* uncomment the next line to disable parallel forking via location */
# modparam("registrar", "append_branches", 0)
/* uncomment the next line not to allow more than 10 contacts per AOR */
#modparam("registrar", "max_contacts", 10)
modparam("registrar", "received_avp", "$avp(i:801)")

# ----- uri_db params -----
/* by default we disable the DB support in the module as we do not need it
in this configuration */
modparam("uri_db", "use_uri_table", 0)
modparam("uri_db", "db_url", "mysql://openser:openserrw@localhost/openser")


# ----- acc params -----
/* what sepcial events should be accounted ? */
#modparam("acc", "early_media", 1)
#modparam("acc", "report_ack", 1)
#modparam("acc", "report_cancels", 1)
/* by default ww do not adjust the direct of the sequential requests.
if you enable this parameter, be sure the enable "append_fromtag"
in "rr" module */
#modparam("acc", "detect_direction", 0)
/* account triggers (flags) */
#modparam("acc", "failed_transaction_flag", 3)
#modparam("acc", "log_flag", 1)
#modparam("acc", "log_missed_flag", 2)
/* uncomment the following lines to enable DB accounting also */
#modparam("acc", "db_flag", 1)
#modparam("acc", "db_missed_flag", 2)


# ----- usrloc params -----
/* uncomment the following lines if you want to enable DB persistency
for location entries */
#parametro para guardar dados dos clientes de modo persistente (na BD)
#0 - nao grava na BD, 1 - grava em memoria e logo na BD, 2 - grava em memoria e depois na BD, 3 - so BD
modparam("usrloc", "db_mode", 2)
modparam("usrloc", "db_url","mysql://openser:openserrw@localhost/openser")
# parametro para guardar e usar o dominio do UA para identificar o user (multi-dominio) - 0 = nao usar
modparam("usrloc", "use_domain", 0)
# parametro que identifica a flag a usar aquando do NAT
modparam("usrloc", "nat_bflag", 6)
# matching mode - modo como o openser compara contactos
modparam("usrloc", "matching_mode", 0)


# ----- auth_db params -----
/* uncomment the following lines if you want to enable the DB based
authentication */
modparam("auth_db", "db_url", "mysql://openser:openserrw@localhost/openser")
modparam("auth_db", "calculate_ha1", 1)
modparam("auth_db", "password_column", "password")
modparam("auth_db", "load_credentials", "")


# ----- alias_db params -----
/* uncomment the following lines if you want to enable the DB based
aliases */
#modparam("alias_db", "db_url",
# "mysql://openser:openserrw@192.168.1.3/openser_1_3")


# ----- domain params -----
/* uncomment the following lines to enable multi-domain detection
support */
modparam("domain", "db_url", "mysql://openser:openserrw@localhost/openser")
modparam("domain", "db_mode", 1) # Use caching


# ----- multi-module params -----
/* uncomment the following line if you want to enable multi-domain support
in the modules (dafault off) */
#modparam("alias_db|auth_db|usrloc|uri_db", "use_domain", 1)


# ----- presence params -----
/* uncomment the following lines if you want to enable presence */
#modparam("presence|presence_xml", "db_url",
# "mysql://openser:openserrw@192.168.1.3/openser_1_3")
#modparam("presence_xml", "force_active", 1)
#modparam("presence", "server_address", "sip:192.168.1.2:5060")


# ----- Xlog params -----
modparam("xlog", "buf_size", 4096)
modparam("xlog", "force_color", 0)

# ----- Nathelper params -----
modparam("nathelper", "received_avp", "$avp(i:801)")

# ----- mediaproxy params -----
modparam("mediaproxy", "mediaproxy_socket", "/var/run/proxydispatcher.sock")
modparam("mediaproxy", "sip_asymmetrics", "/etc/openser/sip-asymmetric-clients")
modparam("mediaproxy", "rtp_asymmetrics", "/etc/openser/rtp-asymmetric-clients")
modparam("mediaproxy", "natping_interval", 30)


####### Routing Logic ########


# main request routing logic

route{

########################################################################################
# Basic information about the method that as entered openser (just for log) #
########################################################################################

xlog("L_INFO", "$C(rx)New request - $C(xx) M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");

if(nat_uac_test("19"))
{
xlog("L_INFO", "$C(bx) ! NAT ! $C(xx)\n");
}

#######################################################################################
# Basic tests of the message (maxforward and lenght) #
#######################################################################################

if(msg:len > max_len)
{

xlog("L_INFO", "$C(rx)Message Too Big - $C(xx) M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
sl_send_reply("513","Message Too Big");
exit;
}

if (!mf_process_maxfwd_header("10"))
{
xlog("L_INFO", "$C(rx)Too Many Hops - $C(xx) M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
sl_send_reply("483","Too Many Hops");
exit;
}

######################################################################################
# If method different from REGISTER put information on the message #
######################################################################################

force_rport();

if(!is_method("REGISTER"))
{
if(nat_uac_test("19"))
{
xlog("L_INFO", "$C(rx) record_route para NAT Traversal $C(xx)\n");
record_route(";nat=yes");
}
else
{
xlog("L_INFO", "$C(rx) record_route sem NAT $C(xx) \n");
record_route();
}
}

#####################################################################################
# If method is CANCEL or BYE the media session should be terminated #
#####################################################################################

if(is_method("CANCEL") || is_method("BYE"))
{
end_media_session();
}

#####################################################################################
# loose_route #
#####################################################################################

if(loose_route())
{
xlog("L_INFO", "$C(rx) loose_route message ! $C(xx) \n");
if(!has_totag())
{
xlog("L_INFO", "$C(bx)Initial loose-routing rejected - $C(xx) M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
sl_send_reply("403", "Initial Loose-Routing Rejected");
exit;
}

if(nat_uac_test("19") || search("^Route:.*;nat=yes"))
{
xlog("L_INFO", "$C(rx) loose_route + NAT + route = nat=yes $C(xx) \n");
fix_nated_contact();
setbflag(6);
}

xlog("L_INFO", "$C(rx) go to route(3) $C(xx) \n");
route(3);
}

#####################################################################################
# REGISTER #
#####################################################################################

if(is_method("REGISTER"))
{
xlog("L_INFO", "$C(rx) REGISTER - route (2) $C(xx) \n");
route(2);
}

#####################################################################################
# INVITE #
#####################################################################################

if(is_method("INVITE"))
{
xlog("L_INFO", "$C(rx) INVITE - route (4) $C(xx) \n");
route(4);
}

#####################################################################################
# CANCEL or ACK #
#####################################################################################

if(is_method("CANCEL") || is_method("ACK"))
{
xlog("L_INFO", "$C(rx) CANCEL or ACK - route ( $C(xx) \n");
route(;
}

route(9);

}

########################################################################
# Request route 'stop-media-proxy'
########################################################################
route[1]
{
if(isflagset(22))
{
end_media_session();
}
}



####################################################################################
# Request route 'base-route-register' #
####################################################################################

route[2]
{
sl_send_reply("100", "Trying");


if(is_present_hf("Authorization")||is_present_hf("Proxy-Authorization"))
{
xlog("L_INFO", "$C(bx)is_present_hf Authorization or Proxy-Authorization$C(xx)\n");
}


if(!www_authorize("", "subscriber"))
{
xlog("L_INFO", "$C(rx)Register authentication failed - $C(xx)\n M=$rm \n RURI=$ru \n F=$fu \n T=$tu \n IP=$si \n ID=$ci\n");
www_challenge("", "0");
exit;
}
if(!check_to())
{

xlog("L_INFO", "Spoofed To-URI detected - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
sl_send_reply("403", "Spoofed To-URI Detected");
exit;
}

consume_credentials();

if(!search("^Contact:[ ]*\*") && nat_uac_test("19"))
{
fix_nated_register();
setbflag(6);
}
if(!save("location"))
{
xlog("L_ERR", "$C(rx)Saving contact failed - $C(xx) M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
sl_reply_error();
exit;
}

xlog("L_INFO", "$C(gx)Registration successful - $C(xx) M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
exit;
}
########################################################################
# Request route 'base-outbound'
########################################################################
route[3]
{

if(isbflagset(6))
{
if(!isflagset(22) && !search("^Content-Length:[ ]*0"))
{
setflag(22);
use_media_proxy();
}

t_on_reply("2");
}
else
{

t_on_reply("1");
}
if(!isflagset(21))
{

t_on_failure("1");
}
if(isflagset(29))
{
append_branch();
}
if(is_present_hf("Proxy-Authorization"))
{
consume_credentials();
}

xlog("L_INFO", "Request leaving server, D-URI='$du' - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
# no 100 (we already sent it) and no DNS blacklisting
if(!t_relay("0x05"))
{
sl_reply_error();
if(is_method("INVITE") && isbflagset(6))
{
end_media_session();
}
}
exit;

}

########################################################################
# Request route 'base-route-invite'
########################################################################
route[4]
{
sl_send_reply("100", "Trying");
if(!proxy_authorize("", "subscriber"))
{

xlog("L_INFO", "Proxy authentication failed - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
proxy_challenge("", "0");
exit;
}
if(!check_from())
{

xlog("L_INFO", "Spoofed From-URI detected - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
sl_send_reply("403", "Spoofed From-URI Detected");
exit;
}
if(nat_uac_test("19"))
{
fix_nated_contact();
setbflag(6);
}

route(5);
}

########################################################################
# Request route 'invite-find-callee'
########################################################################
route[5]
{
if(!is_domain_local("$rd"))
{
setflag(20);

route(7);
}
if(does_uri_exist())
{

xlog("L_INFO", "Callee is local - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
route(6);
}
else
{

xlog("L_INFO", "Callee is not local - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
route(7);
}
exit;

}

########################################################################
# Request route 'invite-to-internal'
########################################################################
route[6]
{
if(!lookup("location"))
{

xlog("L_INFO", "Local user offline - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
sl_send_reply("404", "User Offline");
}
else
{

xlog("L_INFO", "Local user online - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
route(3);
}
exit;

}

########################################################################
# Request route 'invite-to-external'
########################################################################
route[7]
{
if(isflagset(20))
{

xlog("L_INFO", "Call to foreign domain - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
route(3);
exit;
}

xlog("L_INFO", "Call to unknown user - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
sl_send_reply("404", "User Not Found");
exit;

}

########################################################################
# Request route 'base-route-local'
########################################################################
route[8]
{
t_on_reply("1");
if(t_check_trans())
{

xlog("L_INFO", "Request leaving server - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
if(!t_relay())
{
sl_reply_error();
}
}
else
{

xlog("L_INFO", "Dropping mis-routed request - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
}
exit;

}

########################################################################
# Request route 'base-route-generic'
########################################################################

route[9]
{
xlog("L_INFO", "Method not supported - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
sl_send_reply("501", "Method Not Supported Here");
exit;

}

########################################################################
# Request route 'base-filter-failover'
########################################################################
route[10]
{
if(!t_check_status("408|500|503"))
{

xlog("L_INFO", "No failover routing needed for this response code - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
route(1);
exit;
}

}

########################################################################
# Reply route 'base-standard-reply'
########################################################################
onreply_route[1]
{
xlog("L_INFO", "Reply - S=$rs D=$rr F=$fu T=$tu IP=$si ID=$ci\n");
exit;
}

########################################################################
# Reply route 'base-nat-reply'
########################################################################
onreply_route[2]
{
xlog("L_INFO", "NAT-Reply - S=$rs D=$rr F=$fu T=$tu IP=$si ID=$ci\n");
if(nat_uac_test("1"))
{
fix_nated_contact();
}
if(isbflagset(6) && status=~"(180)|(183)|2[0-9][0-9]")
{
if(!search("^Content-Length:[ ]*0"))
{
use_media_proxy();
}
}
exit;

}

########################################################################
# Failure route 'base-standard-failure'
########################################################################
failure_route[1]
{
route(10);
route(1);
}

Quote:

My UA client send the credentials for Authorization but nothing happens...

umm.. there is a 200ok denoting a successful registration right after your invite with credentials..

It seems that whas a client problem, because i tried in a different machine and it worked fine!
Thanks for your message anyway. Now 'm having problems because the RTP packets aren't arriving at destination, i think it's a mediaproxy problem... Start debugging
Thanks...