OpenGatekeeper H323 Proxy

	Configuring OpenGatekeeper H.323 Proxy

	Home page OpenH323Proxy SourceForge project's home General Info (former start page) Latest news!!! Frequently Asked Questions Download Code Installing and building the code Configuring Reporting bugs Discussion forum Client settings Client's list TODO list	I would like to annouce me, Roman Skvirsky, the developer of this project, looking for a remote work (software development) or project related to VoIP development. I have experience in C/C++/H.323(Win32/FreeBSD/Linux), IP telephony, multimedia development. In June of 2005 I finished large H.323/SIP project for Swiss company. The project was based on OpenH.323 stack and involved components like gatekeeper, softphones, voice mail servers, conference servers, H.323<->PSTN/ISDN gateways and many other. I was project manager and head of St. Petersburg (Russia) office where major development work was done. Now I am available for new projects. I have team of 3 experienced developers that can be involved into another project. The list of recently finished projects is available here: http://www.rsdevs.com/projects.shtml. I am open for proposals. Feel free contact me at skvirsky@gmail.com or roman_skvirsky@mail.ru Introduction OpenH323Proxy reads it's configuration from the configuration file stored in ~/.pwlib_config/opengate_proxy.ini These configuration settings control the behaviour of OpenH323Proxy and are divided into various sections described below. If an entry is not present then the default value is assumed. You can find an example of the configuration file here. For more information please read the FAQ. [System] section Log Level Default value = 1 in release build, 3 in debug build Controls the verbosity of the error log. Level 1 will log errors, 2 will include warnings and 3 will add informational messages. These messages go to the system log by default, use the command line parameter -c to redirect them to the console. IsGKRouted Default value = 0 Set to 1 to enable gatekeeper routed calls. Route H245 Default value = 0 Set to 1 to also route H.245 messages if routing calls Local Address Default value = * Sets the local address for Opengate to bind to, useful in multi homed enviroments if you want to serve only one network . Gatekeeper Id Default value = "Opengate:" + hostname Sets the gatekeeper id that Opengate will use. Endpoint TTL Default value = 10:00 (ten minutes) The time to live for endpoint registrations. Used to determine if registered endpoints are still alive and haven't been switched off, crashed, disconnected from the network or died for whatever reason. The format is MM:SS (minutes and seconds). Set to 0 to disable this feature. Max Bandwidth Default value = 0 Sets the maximum bandwidth available for all calls in the Gatekeeper's zone. If the value is zero then unlimited bandwidth is allowed. Min Call Bandwidth Default value = 10000 The minimum bandwidth allocated per call. This is needed because some clients (e.g. NetMeeting 3.0) don't ask for all the bandwidth that they actually require. dns Default value = (empty) IP address of the primary DNS server. It is used to obtain the gatekeeper address for a user with an email style address. For example if the user mpolci@ictp.trieste.it is not registered and the neighbours gks doesn't know him, the gatekeeper query the DNS for the TXT field of the domain ictp.trieste.it in order to obtain the address of the gatekeeper relative to the domain. Then it sends a request to this gatekeeper to obtain the address of the user. Accept Unregistered Calls Default value = 0 Set to 1 to route the calls from endpoints registered in another gatekeeper (i.e. registered in a neighbour gatekeeper). If you use the proxy to allow H.323 calls in a network protected by a firewall or in conjuction with a NAT router you should enable this if you want to receive calls froms endpoints registered in an external gatekeeper. Disable ARJ To Route Call Default value = 0 Used only if IsGKRouted is set to 1. When a registered endpoint receive a direct call from another endpoint, it send an admission confirm to the gatekeeper before continuing the call. In this situation the gatekeeper normally reply with an admission reject and indicates "route call to gatekeeper" as motivation. Some clients (e.g. Microsoft Netmeeting 3.01) doesn't handle correctly this situation and abort the communication. If set to 1 the gatekeeper reply with an admission confirm and allow the communication, but in this case the call signals aren't routed. [Log] section This section controls the message log of the gatekeeper activity. File Default value = opengate_proxy.log The file in which to log messages Level Default value = 0 The verbosity of the message log. Levels are: 0 none 1 type of messages only 2 full details of messages sent and received [Neighbours] section This section contains a list of gatekeepers to communicate with to try and identify endpoints. The list is in the format name=address. Name is for reference purposes only, OpenGatekeeper does not look at. Address can either be the domain name of the gatekeeper or it's IP address. e.g. First=opengate.egoboo.com Second=192.168.0.100 [Prefixes] section This section contains a list of statically defined prefixes for gateways that don't specify prefixes in their registration messages. The list is in the format Gateway IP address=prefix. The address can either be a DNS name or an IP in dotted format. The prefix is assumed to be a telephone (E.164) number. Multiple prefixes can be defined for each gateway. e.g. gateway.egoboo.com=020 gateway.egoboo.com=0800 192.168.0.100=0700 [Proxy] section Proxy Enabled Default value = 0 Set to 1 to enable the proxy of media data (audio, video and T.120 channels). If enable it you should set to 1 the options IsGKRouted and Route H245 in the [system] section. You should define an "internal network" using the options Internal Network Address and Internal Network Mask. The proxy route channels only of the communications between one endpoint in the internal network and one external. Internal Network Address Default value = 127.0.0.1 The address of the network behind the proxy. For example if your network is 192.168.1.x you should indicate 192.168.1.0 For NAT router indicate translated network. Internal Network Mask Default value = 255.255.255.255 The netmask of the network behind the proxy. Check IP Default value = 1 Security check. The proxy allows only the media channels using the same ip of call signalling channels. Set to 0 to disable this check. Check Port Number Default value = 1 Security check. The proxy allows only the media channels using non system port number(over 1024). Set to 0 to disable this check. DNS setup Set up your DNS server to report the name of your gatekeeper. You need to add a TXT DNS record that reports the string "ras openh323proxy.somedomain.com" replacing "openh323proxy.somedomain.com" with the actual dns name of your NAT/Firewall that is running openh323proxy. I.E. using tinydns server from (http://cr.yp.to) you should add the following line to your data file: "openh323proxy.somedomain.com:ras\040openh323proxy.somedomain.com" the \040 octal code is for the space character. This assumes your domain is "somedomain.com" and that your NAT/Firewall computer is "openh323proxy.somedomain.com". Register using Netmeeting then make call using "buddyname@somedomain.com", then gatekeeper will query your DNS server for the TXT record, see the "ras openh323proxy.somedomain.com", their gatekeeper will connect to your gatekeeper on openh323proxy.somedomain.com, their gatekeeper will ask your gatekeeper for "buddyname@somedomain.com", your gatekeeper will reply that you are available and report your IP address as the IP of your gatekeeper proxy, which will get reported to your buddy's client from his gatekeeper. Then when your buddy's client tries to call you at your gatekeeper proxy's IP, it will pick up and proxy the call in to your client and ring, you'll be video conferencing. Great thanks to nobody :))) If both users are behind different NAT? If you are behind YOUR NAT and your friend also is behind HIS OWN NAT, you CAN connect if and ONLY if both of you have gatekeepers/proxy and the neighbours section is correctly set up. That is: you have your friends ip in neighbour section and vice versa. Thanks to Fabio.
	PR link: Photo RSDevs Ltd Hosted by Sourceforge. Maintained by Marco Polci and Roman Skvirsky Last updated 21th of May 2002	Copyright © Marco Polci 2000, 2001