Hi Folks,
I am trying to make a inbound call toward the provider. I did cannibalized another configuration file 9henc the long access-list).
I am seeing an invalid error (404 SIP message)
essentially the INVITE goes to the Adtran which rejects it.
I do have a configuration with two PROVIDER that works. I've tried Ip and FQDN.. Still same error.
I admit that my knowledge in the Adtran configuration is extremely limited at this stage. I believe my "accept" are correct.
Is my configuration ok as far as the permissions? AS well is there a debug utility can I can use in the Adtran to take a closer peek?
I am using the Adtran as A B2BUA
Thank you in advance!
!
!
! ADTRAN, Inc. OS version R10.9.6.E
! Boot ROM version R10.9.3.B2
! Platform: Total Access 908e (3rd Gen), part number 4243908F1
! Serial number CFG1422022
!
!
hostname "something"
enable password XXXXX
!
!
clock timezone -5-Eastern-Time
!
ip subnet-zero
ip classless
ip default-gateway xxx.xxx.xxx.xxx
ip routing
ipv6 unicast-routing
!
!
domain-name "xxxxx"
name-server aaa.aaa.aaa.aaa
!
!
no auto-config
!
event-history on
no logging forwarding
no logging email
!
no service password-encryption
!
username "admin" password "XXXXX"
!
ip policy-timeout tcp telnet 14400
ip policy-timeout udp 5060 600
!
ip firewall
no ip firewall alg msn
no ip firewall alg mszone
no ip firewall alg h323
!
!
!
!
!
!
!
!
no dot11ap access-point-control
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface eth 0/1
description LAN Side
speed 100
ip address aaa.aaa.aaa.aaa 255.255.255.0
ip access-policy inside
ip flow ingress
ip flow egress
media-gateway ip primary
no shutdown
!
!
interface eth 0/2
description Wan Side
speed 100
ip address bbb.bbb.bbb.bbb 255.255.255.0
ip access-policy outside
ip flow ingress
ip flow egress
media-gateway ip primary
no shutdown
!
!
!
!
ip access-list extended REMOTE_MANAGEMENT_ACCESS
permit tcp any any eq www log
permit tcp any any eq telnet log
permit udp any any eq snmp log
permit tcp any any eq https log
permit tcp any any eq ssh log
permit tcp any any eq ftp log
permit icmp any any echo log
!
ip access-list extended web-acl-3
permit ip any any
!
ip access-list extended web-acl-4
remark any : eth 0/1
permit ip any any
!
ip access-list extended web-acl-6
permit tcp any any eq www
permit tcp any any eq https
permit tcp any any eq ssh
permit tcp any any eq telnet
permit udp any any eq snmp
permit icmp any any echo
!
ip access-list extended web-acl-8
remark sip
permit udp any any eq 5060
!
!
!
!
ip policy-class inside
nat source list web-acl-4 interface eth 0/2 overload policy outside
allow list web-acl-3
!
ip policy-class outside
allow list web-acl-6 self
allow list web-acl-8
!
!
!
ip route 0.0.0.0 0.0.0.0 xxx.xxx.xxx.xxx
!
no tftp server
no tftp server overwrite
http server
http session-timeout 1800
no http secure-server
snmp agent
no ip ftp server
no ip scp server
no ip sntp server
!
!
!
!
snmp-server community netsol RO
!
!
!
!
sip
sip udp 5060
no sip tcp
!
!
!
voice feature-mode network
voice transfer-mode local
voice forward-mode local
!
!
!
!
!
!
!
!
voice dial-plan 1 local NXX-NXX-XXXX
voice dial-plan 2 long-distance 1-NXX-NXX-XXXX
!
!
!
!
voice codec-list standard
codec g729
!
voice codec-list g711u
codec g711ulaw
!
voice codec-list All
codec g729
codec g711alaw
codec g711ulaw
!
!
!
voice trunk T02 type sip
description "xxxx"
sip-server primary yyy.yyy.yyy.yyy
domain "xxxxxxx"
hmr myTrunkOutboundPolicy out
trust-domain p-asserted-identity-required
codec-list All both
authentication username "xxxxx" password "xxxxxx"
!
voice trunk T03 type sip
description "Primary "
sip-server primary xxx.xxx.xxx.xxx
codec-list All both
transfer-mode network
!
voice trunk T04 type sip
description "xxx"
sip-server primary xxx.xxx.xxx.xxx
codec-list All both
!
!
voice grouped-trunk BELL
description "provider trunk"
trunk T02
accept NXX-NXX-XXXX cost 0
reject NXX-976-XXXX
!
!
voice grouped-trunk LAN
description "LAN"
trunk T03
trunk T04
accept 1111112222 cost 0
reject NXX-976-XXXX
!
!
voice user 1
connect sip
password "xxxx"
alias ping
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
sip grammar from host domain
sip grammar p-asserted-identity host domain
sip grammar to host domain
!
!
!
!
!
!
hmr policy myTrunkOutboundPolicy
rule-set mySecondRuleSet 10
!
!
hmr rule-set mySecondRuleSet
message-rule myAddUser message-type any 10
modify header from position first match-value /([^>]+)(.*)/ new-value /\1;user=phone\2/ 10
message-rule myAddUSer2 message-type any 20
modify header p-asserted-identity position first match-value /([^>]+)(.*)/ new-value /\1;user=phone\2/ 10
message-rule myAddUSer3 message-type any 30
modify header contact position first match-value /([^>]+)(.*)/ new-value /\1;user=phone\2/ 10
message-rule myAddUsernew message-type any 40
modify header diversion position first match-value /([^>]+)(.*)/ new-value /\1;user=phone\2/ 10
!
!
ip rtp quality-monitoring
ip rtp quality-monitoring sip
!
line con 0
login
!
line telnet 0 4
login
password tinman
shutdown
line ssh 0 4
login local-userlist
shutdown
!
!
!
!
!
end
Hello and thanks for posting to our forum. A debug should help us determine why the call is failing. Run the following debugs:
debug sip stack message
debug voice verbose
Then make the test call. The SIP portion of the debug will show the To: and From: as well as the IP where the SIP is coming from. The Voice portion of the debug will show how the call is being processed in the ADTRAN. To start, I would compare your accept lists with the number being dialed to make sure there is a match. If you are still having issues, you can provide the debug or open a ticket with Technical Support.
Thanks,
Geoff
Your configuration looks reasonable at first glance. 404 errors mean that the other side can't route the call, destination not found. These are often a dialplan issue such as the provider wanting a leading 1 plus ten digits, or not wanting the leading 1 if you provide it, or they want e.164 format. As Geoff mentioned, debugs would shed more light.