- We will use a server with Centos 5.10 to be used with asterisk 11.13.0 and http (apache) services running with IP 192.168.150.239. Also we have PAP2-NA configured with static IP 192.168.150.237.
- Create two users in sip.conf
[001]
deny=0.0.0.0/0.0.0.0
secret=admin@#123
dtmfmode=rfc2833
canreinvite=no
context=relate
host=dynamic
trustrpid=yes
sendrpid=no
type=friend
nat=no
port=5060
qualify=yes
qualifyfreq=60
transport=udp
avpf=no
icesupport=no
encryption=no
callgroup=
pickupgroup=
dial=SIP/001
mailbox=001@device
permit=0.0.0.0/0.0.0.0
callerid=admin <001>
callcounter=yes
faxdetect=no
[002]
deny=0.0.0.0/0.0.0.0
secret=test@#123
dtmfmode=rfc2833
canreinvite=no
context=relate
host=dynamic
trustrpid=yes
sendrpid=no
type=friend
nat=no
port=5060
qualify=yes
qualifyfreq=60
transport=udp
avpf=no
icesupport=no
encryption=no
callgroup=
pickupgroup=
dial=SIP/002
mailbox=002@device
permit=0.0.0.0/0.0.0.0
callerid=test <002>
callcounter=yes
faxdetect=no
- Create adialplan context in extensions.conf
[relate]
exten => _X.,1,dial(SIP/${EXTEN})
exten =>_x.,2,hangup()
- Reload asterisk configuration
# asterisk -rx "dialplan reload"
# asterisk -rx "sip reload"
- We need syslog server to capture the debugging logs from PAP2.
# yum -y install rsyslog
- Make sure syslog config has following
# vi /etc/rsyslog.conf
# Provides kernel logging support (previously done by rklogd)
$ModLoad imklog
# Provides support for local system logging (e.g. via logger command)
$ModLoad imuxsock
$ModLoad imudp
$UDPServerRun 514
# Provides TCP syslog reception
$ModLoad imtcp
$InputTCPServerRun 514
#this line will be at the bottom of config file to enable syslog from PAP2
*.info;mail.none;authpriv.none;cron.none @192.168.150.237
- Restart syslog
# service rsyslog restart
- Now we need to generate sample xml file from cisco utility pap2t-5-1-6-LS-spc-linux-i386.bin. Downloadable from http://www.cisco.com
- Generate sample file , you need to use your name file as AT{your pap2 mac address in lowercase}.xml
# ./pap2t-5-1-6-LS-spc-linux-i386.bin --sample-xml /var/www/html/AT002369eb61b4.xml
# spc: generated PAP2T sample configuration /var/www/html/AT002369eb61b4.xml
- We have to do a few configuration changes in our newly generated file, make sure some fields have these values
# vi /var/www/html/AT002369eb61b4.xml
<Profile_Rule ua="na">http://192.168.150.239/AT$MA.xml</Profile_Rule>
- and also SIP registration values
<Proxy_1_ ua="na">192.168.150.239</Proxy_1_>
<Use_Outbound_Proxy_1_ ua="na">no</Use_Outbound_Proxy_1_>
<Outbound_Proxy_1_ ua="na"></Outbound_Proxy_1_>
<Use_OB_Proxy_In_Dialog_1_ ua="na">Yes</Use_OB_Proxy_In_Dialog_1_>
<Register_1_ ua="na">Yes</Register_1_>
<Make_Call_Without_Reg_1_ ua="na">No</Make_Call_Without_Reg_1_>
<Register_Expires_1_ ua="na">3600</Register_Expires_1_>
<Ans_Call_Without_Reg_1_ ua="na">No</Ans_Call_Without_Reg_1_>
<Use_DNS_SRV_1_ ua="na">No</Use_DNS_SRV_1_>
<DNS_SRV_Auto_Prefix_1_ ua="na">No</DNS_SRV_Auto_Prefix_1_>
<Proxy_Fallback_Intvl_1_ ua="na">3600</Proxy_Fallback_Intvl_1_>
<Proxy_Redundancy_Method_1_ ua="na">Normal</Proxy_Redundancy_Method_1_> <!-- options: Normal/Based on SRV Port -->
<Voice_Mail_Server_1_ ua="na"></Voice_Mail_Server_1_>
<Mailbox_Subscribe_Expires_1_ ua="na">2147483647</Mailbox_Subscribe_Expires_1_>
<!-- Subscriber Information -->
<Display_Name_1_ ua="na">Danish</Display_Name_1_>
<User_ID_1_ ua="na">001</User_ID_1_>
<Password_1_ ua="na">admin@#123</Password_1_>
<Use_Auth_ID_1_ ua="na">No</Use_Auth_ID_1_>
<Auth_ID_1_ ua="na"></Auth_ID_1_>
<Mini_Certificate_1_ ua="na"></Mini_Certificate_1_>
<SRTP_Private_Key_1_ ua="na"></SRTP_Private_Key_1_>
- We have to make sure URL is working
# lynx --dump "192.168.150.239/AT002369eb61b4.xml"
- Now we need to configure PAP2. We open web panel of our PAP2 device http://{PAP2 IP}/
- Switch to Admin Login.
- Press “switch to advanced view” and select tab “Provisioning”, we need to add newly created XML URL to be placed in Profile Rule.
- Our provisioning settings should look like this
- Value $MA will be replaced by actual mac address while invoking the URL.Save settings.
- Go to system tab and put IP 192.168.150.239 in Syslog server and Debug server fields. Increase Debug level to 3.Save settings.
- Reboot PAP2.
- Confirm things are working by logging in to PAP2 panel and see Line1 configuration.
- Also from syslog and asterisk
# tail -f /var/log/messages
Mar 24 16:23:58 192.168.150.237 fs: 10678:10689:65536:073207327999
Mar 24 16:23:58 pbs 64512
Mar 24 16:23:58 PAP2T-NA 00: 23:69:eb:61:b4 -- Requesting resync http://192.168.150.239:80/AT002369eb61b4.xml
Mar 24 16:23:58 PAP2T-NA 00: 23:69:eb:61:b4 -- Requesting resync http://192.168.150.239:80/AT002369eb61b4.xml
Mar 24 16:23:58 FMM >>>> Requesting profile
Mar 24 16:23:59 content len (hdr) =40670
Mar 24 16:24:01 content len (pld) =40670
Mar 24 16:24:01 response code =200
Mar 24 16:24:03 PAP2T-NA 00: 23:69:eb:61:b4 -- Successful resync http://192.168.150.239:80/AT002369eb61b4.xml
Mar 24 16:24:03 PAP2T-NA 00: 23:69:eb:61:b4 -- Successful resync http://192.168.150.239:80/AT002369eb61b4.xml
Mar 24 16:24:03 FMM >>>> Successful profile
Mar 24 16:24:03 192.168.150.237 fu: 1:4c02, 001d 001e 0038 0049 004d 03cc 043c 0445 0001
Mar 24 16:24:03 192.168.150.237 fu: 1:4c59, 03e4 05a8 0001
]# asterisk -rx " sip show peers"
Name/username Host Dyn Forcerport Comedia ACL Port Status Description
001/001 192.168.150.237 D No No A 5060 OK (17 ms)
002 (Unspecified) D No No A 0 UNKNOWN
003/003 192.168.150.102 D No No A 50590 OK (9 ms)
- Dialing and connecting call with other extension (can be registered to any softphone)
-- Executing [001@relate:1] Dial("SIP/003-00000013", "SIP/001,,") in new stack
== Using SIP RTP TOS bits 184
== Using SIP RTP CoS mark 5
-- Called SIP/001
-- Connected line update to SIP/003-00000013 prevented.
-- SIP/001-00000014 is ringing
-- Connected line update to SIP/003-00000013 prevented.
-- SIP/001-00000014 answered SIP/003-00000013
- This is straight forward provisioning setup but plaintext xml can be seriously insecure. There are other bumpy yet adventurously funny rides in this area including security/SSL, compression , encryption ,auto-detection of UAC,mass preprovisioning using DHCP and triggering from server side. I will write about them as I explore myself.
danishmoosa 