Rejected by acl "domains". Falling back to Digest auth.

classic Classic list List threaded Threaded
3 messages Options
TF
Reply | Threaded
Open this post in threaded view
|

Rejected by acl "domains". Falling back to Digest auth.

TF
This post has NOT been accepted by the mailing list yet.
I am new to FreeSwitch so its complexity is still confusing me quite a bit.
But I have it installed.
I can use an 'inside' Softphone on another workstation to connect and it works fine.

But when I attempt to use an 'outside' SIP phone, it does not work.
In the FS Logs I can see the arrival of the call, but it fails with the following error:
   Rejected by acl "domains". Falling back to Digest auth.

In my acl_conf.xml  file I have the 'outside' trunk IP entered ('n' substituted below for real numbers).
       <list name="lan" default="allow">
      <node type="allow" cidr="nnn.nn.nnn.40/32"/>
      <node type="allow" cidr="nnn.nn.nnn.41/32"/>
    </list>

    <list name="domains" default="deny">
     
      <node type="allow" domain="$${domain}"/>
     
      <node type="allow" cidr="nnn.nn.nnn.40/32"/>
      <node type="allow" cidr="nnn.nn.nnn.41/32"/>
    </list>

One, of many, confusing things is that I find 6 different acl_conf.xml files in different directories under my FreeSWITCH root directory.  
**    c:\freeswitch-1.0.7/conf/curl/autoload_configs/acl_conf.xml
**    c:\freeswitch-1.0.7/conf/insideout/autoload_configs/acl_conf.xml
**    c:\freeswitch-1.0.7/conf/rayo/autoload_configs/acl_conf.xml
**    c:\freeswitch-1.0.7/conf/sbc/autoload_configs/acl_conf.xml
**    c:\freeswitch-1.0.7/conf/vanilla/autoload_configs/acl_conf.xml
**    c:\freeswitch-1.0.7/Debug/conf/autoload_configs/acl_conf.xml  
The last one is the one I THINK is the right one because it has the most IP definitions entered into it by previous individuals.

Regardless, I am still unable to make the connection.

Is there anything more that you need me to provide to help identify the problem?

I appreciate any assistance you can offer to resolve this problem.

Thank you,
TF



TF
Reply | Threaded
Open this post in threaded view
|

Re: Rejected by acl "domains". Falling back to Digest auth.

TF
This post has NOT been accepted by the mailing list yet.
One thing I noticed while looking for other answers on the web.

On one FreeSwitch How-to Installation site it says that Internal communications use Port 5060 and External communications use Port 5080.

1. Is this correct and typical?
2. Is FreeSwitch configured off-the-shelf in that manner?

The reason I ask is that my 'outside' trunk is using Port 5060.
If this needs to be changed, I need to confirm it (or not).

Thanks,
TF
TF
Reply | Threaded
Open this post in threaded view
|

Re: Rejected by acl "domains". Falling back to Digest auth.

TF
This post has NOT been accepted by the mailing list yet.
In reply to this post by TF
Within FreeSwitch, within the vars.xml I swapped the port settings for the  external_sip_port   with the setting for  internal_sip_port and the error message:
    Rejected by acl "domains". Falling back to Digest auth.
went away.

Again, since there are about 6 different   vars.xml  files in different sub-directories, it was a quessing game as to which one would be the correct one so as to implement the change, but I got lucky.

I was able to go into my FS_CLI  window and type:   sofia status    and confirm the various listening ports.

Things are still not working, but at least that error message is gone.