本文描述如何集成开放源解决方案(后缀, Maildrop, Kannel)用思科身份服务引擎(ISE)为了提供短消息服务(SMS)消息对有访客帐户的用户。
Cisco 建议您了解以下主题:
本文档中的信息基于以下软件和硬件版本:
本文档中的信息都是基于特定实验室环境中的设备编写的。本文档中使用的所有设备最初均采用原始(默认)配置。如果您使用的是真实网络,请确保您已经了解所有命令的潜在影响。
ISE允许您创建临时网络网络访问的访客帐户,典型地访客、访客、承包商、顾问和客户。这样帐户由赞助商用户创建通过赞助商门户。当您创建帐户时,发送与SMS的一动态生成的访问口令直接地到来宾用户移动电话是可能的。
思科ISE能通过与简单邮件传输协议(SMTP)的电子邮件发送这些凭证到Mail2SMS网关。此网关对SMS交付负责。
有在市场的多Mail2SMS网关解决方案。他们能通常接收与使用的数据不同的协议,例如SMTP、短的消息点对点(SMPP), FTP, HTTP (简单对象访问协议(SOAP),网站服务),并且传送SMS信息到特定移动电话。
构件您自己的SMS网关也许是最佳的。它允许:
有混合部署-也集成与一外部服务的一个个人SMS网关也许是值得的。
这是流:
此解决方案(后缀每个模块, Kannel smsbox和Kannel bearerbox)在独立服务器可以安装。为了简化在本例中,它在同一个服务器配置。
完成这些步骤为了配置ISE。
后缀是收到从ISE的电子邮件的SMTP服务器。默认配置使用除了一些次要变化。完成这些步骤为了配置它。
myhostname = smtp.test-cisco.com
mydomain = test-cisco.com
mydestination = $myhostname, $mydomain, localhost
local_transport = maildrop
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${user}
neptun ~ # useradd sms
neptun ~ # passwd sms
New password:
BAD PASSWORD: it is too simplistic/systematic
Retype new password:
passwd: password updated successfully
neptun ~ # chown -R sms:sms /home/sms/
现在,应该正确地传送所有电子邮件对SMS用户。当首先收到电子邮件时, maildir结构自动地创建。
在交付之前, maildrop搜索在主目录的.mailfilter用户的。如果找到该文件,脚本被执行。应该对用户只限制文件的权限:
neptun sms # touch /home/sms/.mailfilter
neptun sms # chmod go-rwx /home/sms/.mailfilter
这是文件的内容:
# Mailfilter script for parsing ISE SMS messages
# Author: Michal Garcarz at cisco.com
# Date: 1 Dec 2013
#DEFAULT="$HOME/.maildir/"
DATE=`date`
SHELL="/bin/bash"
# Our log file
logfile "/home/sms/maildrop.log"
# Our verbosity in the log file
VERBOSE="5"
log "-------------SMS MAILFILTER LOG-----------"
log "Email received at: $DATE"
if (/^Subject:.*Guest.*Text.*Notification.*/)
{
log "Email processed by script sending SMS via Kannel"
USERNAME=""
PASSWORD=""
TO=""
if (/^text:Username:(.*)/:b)
{
log "Username exists $MATCH1"
USERNAME=$MATCH1
}
if (/^text:Password:(.*)/:b)
{
log "Password exists $MATCH1"
PASSWORD=$MATCH1
}
if (/^to:(.*)/:b)
{
log "Mobile phone exists $MATCH1"
TO=$MATCH1
}
if ($USERNAME ne "" && $PASSWORD ne "" && $TO ne "")
{
log "Sending via HTTP to kannel username=$USERNAME password=$PASSWORD to=$TO"
DATA="ISE Guest portal Username: $USERNAME Password: $PASSWORD"
#also curl can be used instead of wget
xfilter "wget -O/dev/null \"http://192.168.112.100:13013/cgi-bin/sendsms?username=
tester&password=foobar&to=$TO&text=$DATA\" >> /tmp/maildrop-kannel.log 2>>
/tmp/maildrop-kannel.log"
}
#deliver to maildir (not used since xfilter returns !=0)
to $DEFAULT/
}
脚本:
有两日志文件在这里:
smsbox和bearerbox可以从单个文件配置。此配置使用外部SMPP服务器交付。如果搜索smpp sms服务提供商说明,找到在Web的多个服务是容易的。因为没有需要收到和路由SMS消息,配置简单。此解决方案仅是为发送并且使用一个SMPP供应商。
这是摘自/etc/kannel/kannel.conf的一个部分:
#bearerbox
group = core
admin-port = 13000
admin-password = bar
smsbox-port = 13001
log-level = 0
log-file = "/var/log/kannel/kannel.log"
access-log = "/var/log/kannel/access.log"
# SMSC SMPP
group = smsc
smsc = smpp
host = ****.com
port = 1775
smsc-username = 4ljt7wi3
smsc-password = ******
system-type =
address-range =
# SMSBOX SETUP
group = smsbox
bearerbox-host = localhost
sendsms-port = 13013
sendsms-chars = "0123456789 +-"
global-sender = 12345
log-file = "/var/log/kannel/smsbox.log"
log-level = 0
access-log = "/var/log/kannel/access.log"
white-list =
black-list =
reply-couldnotfetch =
reply-couldnotrepresent =
reply-requestfailed =
reply-emptymessage =
# SEND-SMS USERS, this credentials has been used in wget script
group = sendsms-user
username = tester
password = foobar
user-deny-ip = "*.*.*.*"
user-allow-ip = "192.168.*.*"
# SMS SERVICE Default
# there should be default always (this is for receiving SMS messages - not used)
group = sms-service
keyword = default
text = "No service specified"
通过USB附加移动电话和配置GSM SMSC是可能的:
group = smsc
smsc = at #type = GSM
smsc-id = usb0-modem
my-number = 1234
modemtype = auto #types: wavecom, siemens, siemens-tc35, falcom,
nokiaphone, ericsson
device = /dev/ttyUSB0 #phone device seen on server
在多数电话上,它也要求激活调制解调器功能;例如,在机器人版本2.2和以上,它在设置/束缚和束缚可移植的Hotspot/USB启用。
切记运行bearerbox和smsbox。示例如下:
neptun ~ # /etc/init.d/kannel-bearerbox start
* Starting kannel bearerbox ... [ ok ]
neptun ~ # /etc/init.d/kannel-smsbox start
* Starting kannel smsbox ... [ ok ]
neptun ~ # netstat -atcpn
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:13013 0.0.0.0:* LISTEN 24170/smsbox
tcp 0 0 0.0.0.0:13000 0.0.0.0:* LISTEN 24151/bearerbox
tcp 0 0 0.0.0.0:13001 0.0.0.0:* LISTEN 24151/bearerbox
Bearerbox必须有配置的至少一个SMSC为了开始。
使用本部分可确认配置能否正常运行。
使用赞助商门户的默认端口(8443)。赞助商登录https://ise.test-cisco.com:8443/sponsorportal/。
确保赞助商安排一个电子邮件地址分配在我的设置:
创建与SMS通知的访客帐户:
您接收确认访客帐户顺利地创建:
ISE应该发送电子邮件到已配置的SMTP服务器。
SMTP服务器收到消息并且使用maildrop为了提供它到本地帐户(sms@test-cisco.com)。这是摘自/var/log/messages的一个部分:
Nov 30 22:39:47 neptun postfix/smtpd[18460]: connect from unknown[192.168.112.1]
Nov 30 22:39:47 neptun postfix/smtpd[18460]: 2B36030B32: client=unknown
[192.168.112.1]
Nov 30 22:39:47 neptun postfix/cleanup[18463]: 2B36030B32: message-id=
<563762958.941385847586377.JavaMail.root@ise2>
Nov 30 22:39:47 neptun postfix/qmgr[32658]: 2B36030B32: from=<sponsor@test-cisco.com>,
size=689, nrcpt=1 (queue active)
Nov 30 22:39:47 neptun postfix/pipe[18464]: 2B36030B32: to=<sms@test-cisco.com>,
relay=maildrop, delay=0.18, delays=0.14/0/0/0.04, dsn=2.0.0, status=sent (delivered
via maildrop service)
在您发送电子邮件对SMS前, maildir目录执行/home/sms/.mailfilter,进行一特定操作。
这是摘自/home/sms/maildrop.log的一个部分:
-------------SMS MAILFILTER LOG-----------
Email received at: Sat Nov 30 22:39:47 CET 2013
Email processed by script sending SMS via Kannel
Username exists jsmith02
Password exists t6ub79_6r
Mobile phone exists 4850xxxxxxx
Sending via HTTP to kannel username= jsmith02 password= t6ub79_6r to=4850xxxxxxx
mailfilter脚本读所有数据并且执行xfilter,呼叫wget为了通过所有参数到Kannel。
这是摘自/tmp/maildrop-kannel.log的一个部分:
--2013-11-30 22:39:47-- http://192.168.112.100:13013/cgi-bin/sendsms?username=
tester&password=foobar&to=4850xxxxxxx&text=ISE%20Guest%20portal%20Username:
%20%20jsmith02%20Password:%20%20t6ub79_6r
Connecting to 192.168.112.100:13013... connected.
HTTP request sent, awaiting response... 202 Accepted
Length: 24 [text/html]
Saving to: `/dev/null'
0K 100% 1.14M=0s
2013-11-30 22:39:47 (1.14 MB/s) - `/dev/null' saved [24/24]
HTTP GET请求接受。
Kannel smsbox报道接收从wget的一个HTTP请求,并且发送该请求对bearerbox为了传送SMS。
这是摘自/var/log/kannel/smsbox.log的一个部分:
2013-11-30 22:39:47 [18184] [5] INFO: smsbox: Got HTTP request </cgi-bin/sendsms>
from <192.168.112.100>
2013-11-30 22:39:47 [18184] [5] INFO: sendsms used by <tester>
2013-11-30 22:39:47 [18184] [5] INFO: sendsms sender:<tester:12345>
(192.168.112.100) to:<4850xxxxxxx> msg:<ISE Guest portal Username:
jsmith02 Password: t6ub79_6r>
2013-11-30 22:39:47 [18184] [5] DEBUG: Stored UUID fd508632-9408-49e1-9eda-
3ce8d4b939d4
2013-11-30 22:39:47 [18184] [5] DEBUG: message length 57, sending 1 messages
2013-11-30 22:39:47 [18184] [5] DEBUG: Status: 202 Answer: <Sent.>
2013-11-30 22:39:47 [18184] [5] DEBUG: Delayed reply - wait for bearerbox
2013-11-30 22:39:47 [18184] [0] DEBUG: Got ACK (0) of fd508632-9408-49e1-9eda-
3ce8d4b939d4
Kannel bearerbox连接到远程SMPP服务器并且顺利地传送信息。
这是摘自/var/log/kannel/kannel.log的一个部分:
2013-11-30 22:39:47 [18165] [8] DEBUG: boxc_receiver: sms received
2013-11-30 22:39:47 [18165] [8] DEBUG: send_msg: sending msg to box: <127.0.0.1>
2013-11-30 22:39:47 [18165] [6] DEBUG: SMPP[SMPP:*****.com:1775/0:4ljt7wi3:]:
throughput (0.00,0.00)
2013-11-30 22:39:47 [18165] [6] DEBUG: SMPP[SMPP:*****.com:1775/0:4ljt7wi3:]:
Sending PDU:
2013-11-30 22:39:47 [18165] [6] DEBUG: SMPP PDU 0x2056bf0 dump:
2013-11-30 22:39:47 [18165] [6] DEBUG: type_name: submit_sm
2013-11-30 22:39:47 [18165] [6] DEBUG: command_id: 4 = 0x00000004
2013-11-30 22:39:47 [18165] [6] DEBUG: command_status: 0 = 0x00000000
2013-11-30 22:39:47 [18165] [6] DEBUG: sequence_number: 5 = 0x00000005
2013-11-30 22:39:47 [18165] [6] DEBUG: service_type: NULL
2013-11-30 22:39:47 [18165] [6] DEBUG: source_addr_ton: 2 = 0x00000002
2013-11-30 22:39:47 [18165] [6] DEBUG: source_addr_npi: 1 = 0x00000001
2013-11-30 22:39:47 [18165] [6] DEBUG: source_addr: "12345"
2013-11-30 22:39:47 [18165] [6] DEBUG: dest_addr_ton: 2 = 0x00000002
2013-11-30 22:39:47 [18165] [6] DEBUG: dest_addr_npi: 1 = 0x00000001
2013-11-30 22:39:47 [18165] [6] DEBUG: destination_addr: "4850xxxxxxx"
2013-11-30 22:39:47 [18165] [6] DEBUG: esm_class: 3 = 0x00000003
2013-11-30 22:39:47 [18165] [6] DEBUG: protocol_id: 0 = 0x00000000
2013-11-30 22:39:47 [18165] [6] DEBUG: priority_flag: 0 = 0x00000000
2013-11-30 22:39:47 [18165] [6] DEBUG: schedule_delivery_time: NULL
2013-11-30 22:39:47 [18165] [6] DEBUG: validity_period: NULL
2013-11-30 22:39:47 [18165] [6] DEBUG: registered_delivery: 0 = 0x00000000
2013-11-30 22:39:47 [18165] [6] DEBUG: replace_if_present_flag: 0 = 0x00000000
2013-11-30 22:39:47 [18165] [6] DEBUG: data_coding: 0 = 0x00000000
2013-11-30 22:39:47 [18165] [6] DEBUG: sm_default_msg_id: 0 = 0x00000000
2013-11-30 22:39:47 [18165] [6] DEBUG: sm_length: 57 = 0x00000039
2013-11-30 22:39:47 [18165] [6] DEBUG: short_message:
2013-11-30 22:39:47 [18165] [6] DEBUG: Octet string at 0x205ec70:
2013-11-30 22:39:47 [18165] [6] DEBUG: len: 57
2013-11-30 22:39:47 [18165] [6] DEBUG: size: 58
2013-11-30 22:39:47 [18165] [6] DEBUG: immutable: 0
2013-11-30 22:39:47 [18165] [6] DEBUG: data: 49 53 45 20 47 75 65 73
74 20 70 6f 72 74 61 6c ISE Guest portal
2013-11-30 22:39:47 [18165] [6] DEBUG: data: 20 55 73 65 72 6e 61 6d
65 3a 20 20 6a 73 6d 69 Username: jsmi
2013-11-30 22:39:47 [18165] [6] DEBUG: data: 74 68 30 32 20 50 61 73
73 77 6f 72 64 3a 20 20 th02 Password:
2013-11-30 22:39:47 [18165] [6] DEBUG: data: 74 36 75 62 37 39 11 36
72 t6ub79.6r
2013-11-30 22:39:47 [18165] [6] DEBUG: Octet string dump ends.
2013-11-30 22:39:47 [18165] [6] DEBUG: SMPP PDU dump ends.
2013-11-30 22:39:47 [18165] [6] DEBUG: SMPP[SMPP:******.com:1775/0:4ljt7wi3:]:
throughput (1.00,0.00)
2013-11-30 22:39:47 [18165] [6] DEBUG: SMPP[SMPP:******.com:1775/0:4ljt7wi3:]:
throughput (1.00,0.00)
2013-11-30 22:39:47 [18165] [6] DEBUG: SMPP[SMPP:******.com:1775/0:4ljt7wi3:]:
Got PDU:
2013-11-30 22:39:47 [18165] [6] DEBUG: SMPP PDU 0x2056bf0 dump:
2013-11-30 22:39:47 [18165] [6] DEBUG: type_name: submit_sm_resp
2013-11-30 22:39:47 [18165] [6] DEBUG: command_id: 2147483652 = 0x80000004
2013-11-30 22:39:47 [18165] [6] DEBUG: command_status: 0 = 0x00000000
2013-11-30 22:39:47 [18165] [6] DEBUG: sequence_number: 5 = 0x00000005
2013-11-30 22:39:47 [18165] [6] DEBUG: message_id: "4128473611307259"
2013-11-30 22:39:47 [18165] [6] DEBUG: SMPP PDU dump ends.
2013-11-30 22:39:47 [18165] [6] DEBUG: SMPP[SMPP:******.com:1775/0:4ljt7wi3:]:
throughput (1.00,0.00)
注意源地址设置作为12345。此设置不重要。重视的外部SMPP服务器重写。采购其它服务为了不同地被提交是可能的。
来宾用户接收SMS :
本部分提供了可用于对配置进行故障排除的信息。
当您创建访客帐户时,您也许遇到此错误:无法传送文本消息对以下来宾用户:xxxx。 您必须添加您的对Settings页的电子邮件地址。如果收到该错误消息,请验证赞助商电子邮件地址。