|
|
This is the manual for GNU Gatekeeper 2.3.2. Chapters: Contents · Introduction · Installation · Getting started · Basic Config · Routed Mode & Proxy · Routing · RAS Config · Authentication · Accounting · Neighbors · Per Endpoint Config · Advanced Config · Monitoring
3. Getting Started (Tutorial)
3.1 A first simple experimentTo confirm that all components are up and running, get 2 Linux workstations, both connected to the LAN. In addition to GnuGk the examples use a softphone called "OhPhone". On the first machine run the gatekeeper in direct mode:
The " Now start OhPhone on another console: OhPhone is now listening ( On the second machine run ohphone this way:
The second instance of OhPhone registers with the auto detected gatekeeper as user peter and tries to call user jan. The gatekeeper will resolve the username to the IP address from where user jan has registered (machine1 in this case) and OhPhone will call the other instance of OhPhone on machine1. The instance of OhPhone on machine1 will automatically accept the call and Peter and Jan can chat.
3.2 Using the Status interface to monitor the gatekeeperThe status interface presents a text-based means of interacting with an already-running gatekeeper. On a new console on machine1 we use telnet to connect to the gatekeeper:
You should receive an "Access forbidden!" message because access to the status port is restricted by default. Create a file called
Stop the gatekeeper with Ctrl-C and restart it, but specify that it should use the
Use telnet to connect to port 7000 and you should now be allowed to connect to the gatekeeper:
Now repeat the first experiment where Peter calls Jan and see which messages are handled by the gatekeeper in non-routed mode. There are a number of commands that can be issued in the telnet session - type "help" to see them. To end the telnet session with the gatekeeper type "quit" and hit Enter. However, the example configuration file we created is very insecure because it has a default allow rule, so there are no restrictions on who can connect and which commands they may execute. Change the configuration file to:
The 5th line was added by the addpasswd utility, which was used to create a user "gkadmin" with password "secret". This change now enforces authentication to the status port. Restart the gatekeeper with this new configuration and perform the telnet again. You should now be prompted for a username and password:
The GkStatus::Auth section contains additional information on securing the status port.
3.3 Running the gatekeeper in routed modeStarting the gatekeeper in routed mode means that the gatekeeper uses "gatekeeper routed signaling". All signaling messages go through the gatekeeper, giving it much greater control over the calls. Start GnuGk like this: will put the gatekeeper in routed mode. Telnet to the status port and make a call to see what messages are now handled by the gatekeeper. Note that all media packets (audio and video) are still sent directly between the endpoints (the 2 instances of ohphone).
3.4 A virtual PBX: Disconnecting callsUntil now the gatekeeper has acted only as a mechanism to resolve symbolic names to IP addresses. This is a critical function of a gatekeeper, but the gatekeeper is capable of much more. Because the gatekeeper has a lot of control over the calls,
it can also be used to terminate them. While
connected to the status port, you can list all active calls
with " For example, a simple script could be written to connect to the status port, obtain a list of ongoing calls and terminate them after 5 minutes to prevent users from using too many system resources. Other functions such as TransferCall are also available.
3.5 Routing calls to a gateway to reach external usersWithout using a gateway you can only call other people with an IP phone over the Internet. To reach people with ordinary telephones you must use a gateway.
The gatekeeper must be configured to specify which calls should be routed to the gateway and which numbers can be called directly. Use the [RasSrv::GWPrefixes] section of the config file to tell the gatekeeper the prefix of numbers that should be routed to the gateway.
This entry tells the gatekeeper to route all calls to E.164 numbers starting with "0" to the gateway that has registered with the H.323 alias "gw1". If there is no registered gateway with that alias the call will fail. NOTE: You must use the gateway alias - you cannot use the IP address of the gateway. A prefix can contain digits
3.6 Rewriting E.164 numbersWhen using a gateway you often have to use different numbers internally and rewrite them before sending them over a gateway into the telephone network. You can use the RasSrv::RewriteE164 section to configure that. Example: You want to call number 12345 with your IP Phone and would like to reach number 08765 behind a gateway called "gw1".
You can also configure rewriting of E.164 numbers based on which gateway you are receiving a call from or sending a call to using the RasSrv::GWRewriteE164 section. Example: You have two different gateways ("gw1" and "gw2") which you are sending calls with prefix 0044 to, but which require a different prefix to be added to the number after the routing has selected the gateway. This might be for identification purposes for example.
Example: You want to identify calls from a particular gateway "gw1" with a specific prefix before passing these calls to another gateway "gw2".
Rewrite expressions accept dot
Next Previous Contents � Chapters: Contents · Introduction · Installation · Getting started · Basic Config · Routed Mode & Proxy · Routing · RAS Config · Authentication · Accounting · Neighbors · Per Endpoint Config · Advanced Config · Monitoring
|
|
Last updated: 01. Mär 2010 Page maintained by Jan Willamowius |