Is there a way to check it ? I mean maybe if another french network could reach to me I could know…?
Would it allow me to instantiate call from my pbx to the externa world without the right certificate ?
I think it should be set with the certificate because my provider is operating from a french territory.
The technician doesn’t seem to know the infrastructure very well as he redirect me to an engineer that he want me to pay 150€/h…
If you’re not registered you should know They are somme fees to pay. You are just a final customer il I well understand: all your calls are cutted as they are not signed
Without an authority -you or your provider- no chance to get calls passed.
We are registered at ARCEP as provider. Ask them which is their registration code at ARCEP and check on ARCEP website.
The relevant section is type=auth. Whether it is outbound or inbound is determined by whether outbound_auth or just auth is used in the type=endpoint section.
The most common configuration is that local phone devices have auth= and providers either have outbound_auth or nothing at all. The latter case would be when you have a static address and they identify you by that.
It is possible to have both, which may or may not reference different type=auth sections, however that only generally happens between two PABXes.
If I understand the question, you do that from the caller ID. Asterisk will use the from user for that unless P-Asserted-Identity or Remote-Party-ID are enabled and present, in which case it will use those.
Le 09/10/2024 à 21:03, List Support a écrit :
MAN is STIR/SHAKEN which officially goes started in France as of 01/10/2024
I saw in your first message
“The SIP provider can see the missing call through their interface…”
which means that’s not an MAN problem.
Daniel
They confirmed that they already set a certificate
But do they sign with B attestations, or only for A ones, and does the mobile network trust B attestations?
As of today in France, mobile networks and POTS are not involved by Stir/Shaken
He said that I don’t have to set any certificate which make me guess that they sign on the both side.
He told me that some mobile ISP didn’t update their APNF database.
So I started to test it from another french network :
I can hear it ring but my onc is still not logging
Again, french mobile networks are not under MAN authority, only IP landlines (eg box & others IP telephony devices). Can you call outside numbers from your asterisk? Is your operator able to call you? Does they have an internal number you can call to validate your setup?
Yes I can call mobile number even on the network that aren’t alloed to call the trunk sip number…
For example i know for sure that the “orange” network canoot call my sda number but my sda nulmber can call it with no problem
And when i call my sda number from another network or ISP (“renater” or “idom”) my pbx doesn’t log but i can see unauthorized request on my wireshark analysises :
So effectively problem lies on your pjsip setup for outbound registration (I don’t know sip2sip.info)
I think that it is a sip server on the cloud. I saw this website when I was looking for a way to test on a different network.
I thought that the call was passing through that server.
Here is my pjsip conf :
[transport-udp]
type=transport
protocol=udp ;udp,tcp,tls,ws,wss,flow
bind=0.0.0.0:5060
local_net=192.168.17.248/29
local_net=192.255.255.248/29
local_net=10.10.10.248/29
external_media_address=46.4.42.59
external_signaling_address=46.4.42.59;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;Définition des templates
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;user_registration
type=registration
server_uri=sip:192.255.255.251
transport=transport-udpassistance_endpoint
type=endpoint
transport=transport-udp
context=assistance
disallow=all
allow=ulaw,alaw,g722,gsm
rtp_symmetric=yes
force_rport=yes
rewrite_contact=yes
identify_by=auth_usernameassistance_auth
type=auth
auth_type=userpassassistance_aor
type=aor
max_contacts=1
remove_existing=yescommercial_endpoint
type=endpoint
transport=transport-udp
context=commercial
disallow=all
allow=ulaw,alaw,g722,gsm
rtp_symmetric=yes
force_rport=yes
rewrite_contact=yes
identify_by=auth_usernamecommercial_auth
type=auth
auth_type=userpasscommercial_aor
type=aor
max_contacts=1
remove_existing=yes;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;Définition des endpoints
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;vromain
auth=vromain_auth
aors=vromainvromain_auth
username=vromain
password=testjandrena
auth=jandrena_auth
aors=jandrenajandrena_auth
username=jandrena
password=testcommercial
auth=commercial_auth
aors=commercialcommercial_auth
username=commercial
password=test;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;Définition du trunk sip sur le numéro SDA +594595140950
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
[+594594140950]
type=endpoint
transport=transport-udp
context=+594594140950
disallow=all
allow=ulaw,alaw,g722,gsm
rtp_symmetric=yes
force_rport=yes
rewrite_contact=yes
identify_by=ip
aors=+594594140950
auth=+594594140950_auth
outbound_auth=+594594140950_auth
outbound_proxy=sip:sip.telcoz.eu
callerid=+594594140950 +594594140950[+594594140950_auth]
type=auth
auth_type=userpass
username=engineirie97300
password=***********************
realm=sip.telcoz.eu[+594594140950_proxy]
type=outbound-proxy
proxy=sip:sip.telcoz.eu
transport=transport-udp
send_dns_srv=yes[+594594140950]
type=aor
max_contacts=1
remove_existing=yes
contact=sip:engineirie97300@sip.telcoz.eu[+594594140950_registration]
type=registration
server_uri=sip:sip.telcoz.eu
client_uri=sip:engineirie97300@sip.telcoz.eu
contact_user=+594594140950
transport=transport-udp
outbound_auth=+594594140950_auth;[+594594140950]
;type=identify
;endpoint=+594594140950
;match=sip.telcoz.eu
Unless the provider sends +594594140950 as the user part of the From header, which is extremely unlikely (you’d expect the caller ID there), you have no way of recognizing incoming requests as coming from them. You type=identify section is all commented out.
Google is unable to find anything about SIP configuration for teloz.eu, and accessing www.telcoz.eu produces an “under construction page” and the guides page it links to says nothing about SIP, so I have no access to information on the source addresses that need to be matched.
I found some information at Asterisk - configuration et utilisation - Service clientèle but it is out of date and contains bad practice typical of such provider guides.
The domain they give is completely (siphost.ovh.net), even though I initially accessed the site using telcoz.eu. Maybe they took over the latter and lost the documentation in the process.
There is no guidance on valid source IP addresses, so I would hope that means they only originate from the address in the A record for the domain.
I tried this :
[+594594140950]
type=identify
endpoint=+594594140950
match=sip.telcoz.eu
but it i snot efficient… I’m gonna try to set match=siphost.ovh.net
asterisk cannot resolve the adress siphost.ovh.net