is the IP of the machine/VM running the open5gs containers. Login with following credentials
```
Username : admin
Password : 1423
```
-Follow the instructions in [VoLTE Setup](https://open5gs.org/open5gs/docs/tutorial/02-VoLTE-setup/):
-- Step 18, set IMSI, Ki, OP, SQN and APN of your SIM cards.
- **Important!** Set the type of both APN to IPv4. Kamailio does not support VoLTE over
- IPv6 at the moment. (See the screenshot below.)
-- Step 20, add IMS subscriptions to FHoSS.
+Add users with their corresponding IMSI, Ki, OP/OPc value and APN settings. The APN settings should look like below:
+
+
+APN Configuration:
+---------------------------------------------------------------------------------------------------------------------
+| APN | Type | QCI | ARP | Capability | Vulnerablility | MBR DL/UL(Kbps) | GBR DL/UL(Kbps) | PGW IP |
+---------------------------------------------------------------------------------------------------------------------
+| internet | IPv4 | 9 | 8 | Disabled | Disabled | unlimited/unlimited | | |
+---------------------------------------------------------------------------------------------------------------------
+| ims | IPv4 | 5 | 1 | Disabled | Disabled | 3850/1530 | | |
+| | | 1 | 2 | Enabled | Enabled | 128/128 | 128/128 | |
+| | | 2 | 4 | Enabled | Enabled | 128/128 | 128/128 | |
+---------------------------------------------------------------------------------------------------------------------
+
+
+**Important!** Set the type of both APN to IPv4. Kamailio does not support VoLTE over IPv6 at the moment. (See the screenshot below)
![Set both type to IPv4 only](https://raw.githubusercontent.com/miaoski/docker_open5gs/gh-pages/screenshots/subscriber-type-ipv4.png)
-For already running systems, copy SQN from Open5GS and type it in FHoSS. You
-can type SQN in decimal. FHoSS will automagically convert it to hex.
+- Provision IMSI and MSISDN in osmohlr to allow [SMS over SGs](https://github.com/herlesupreeth/docker_open5gs#provisioning-of-imsi-and-msisdn-with-osmohlr-as-follows)
-Pay special attention to copy/paste. You might have leading or trailing spaces
-in FHoSS, resulting in failed connections!
+- Provision SIM information in pyHSS [IMS](https://github.com/herlesupreeth/docker_open5gs#provisioning-of-sim-information-in-pyhss-is-as-follows)
#### 7. Debugging with Wireshark
@@ -152,15 +183,13 @@ Thanks to Open5GS, the topology is super similar to [SAE on Wikipedia](https://e
![Network topology of Open5GS + IMS](https://raw.githubusercontent.com/miaoski/docker_open5gs/master/network-topology.png)
-
**APN**
On your cellphone, there should be *internet* and *ims*.
-CoIMS should look like the one below. If you don't know what CoIMS is, please
-refer to step 23 of VoLTE Setup.
+If CoIMS is used to force enable VoLTE on the Android device, it should look like in the screenshot below:
@@ -173,13 +202,11 @@ When DNS is not properly set, you may end up with 478 Unresolvable destination (
![478 unresolvable destination](https://raw.githubusercontent.com/miaoski/docker_open5gs/gh-pages/screenshots/478-unresolvable-destination.png)
-If the port if not open, or DNS is not properly configured, the phone cannot
-reach P-CSCF and fails.
+If the port if not open, or DNS is not properly configured, the phone cannot reach P-CSCF and fails.
![RST at port 5060](https://raw.githubusercontent.com/miaoski/docker_open5gs/gh-pages/screenshots/RST-5060.png)
-If there is an NAT between PGW and P-CSCF, IPsec-NAT would not work, and the
-PCAP looks like the one below. N.B. that you need to run P-CSCF as root, in
+If there is an NAT between PGW and P-CSCF, IPsec-NAT would not work, and the PCAP looks like the one below. Note that you need to run P-CSCF as root, in
order to add xfrm state and policy.
![401 Unauthorized](https://raw.githubusercontent.com/miaoski/docker_open5gs/gh-pages/screenshots/401-unauthorized.png)
@@ -193,17 +220,12 @@ Herle Supreeth has shared PCAP files of successful calls, including
- [Non-IPSec UE to IPSec UE calling]({{ site.url }}{{ site.baseurl }}/assets/pcapng/nonipsec_to_ipsec_call.pcapng)
- [IPSec UE to Non-IPSec UE calling]({{ site.url }}{{ site.baseurl }}/assets/pcapng/ipsec_to_nonipsec_call.pcapng)
-The successful calls were made with a commercial eNB (in his case a Casa
-smallcell), while srsENB the ACK takes a very long time to reach the UE,
-resulting in disconnected calls.
**UE registration**
![UE registration with IPSec](https://raw.githubusercontent.com/miaoski/docker_open5gs/gh-pages/screenshots/ue-ipsec.png)
-From the screenshot, we see a UE that supports IPSec got a response from
-S-CSCF, indicating that ipsec-3gpp is supported, protocol is ESP (ethernet
-proto 50, IPSec). Client port (port-c) is 5100 and server port (port-s) 6100.
+From the screenshot, we see a UE that supports IPSec got a response from S-CSCF, indicating that ipsec-3gpp is supported, protocol is ESP (ethernet proto 50, IPSec). Client port (port-c) is 5100 and server port (port-s) 6100.
Refer to [IMS/SIP - Basic Procedures](https://www.sharetechnote.com/html/IMS_SIP_Procedure_Reg_Auth_IPSec.html) if you want to know more.
Also, notice that packets after 401 Unauthorized are transmitted over ESP.
@@ -216,8 +238,7 @@ If a UE does not support IPSec, you don't see the "security-server", as shown be
![ipsec to ipsec call](https://raw.githubusercontent.com/miaoski/docker_open5gs/gh-pages/screenshots/ipsec-to-ipsec%20calls.png)
-The Wireshark above shows that after several IPSec (ESP) packets, S-CSCF is
-sending a SIP INVITE for UE 03 to UE 04. To be more precise,
+The Wireshark above shows that after several IPSec (ESP) packets, S-CSCF is sending a SIP INVITE for UE 03 to UE 04. To be more precise,
```
Request-Line: INVITE sip:0398765432100;phone-context=0498765432100@0498765432100;user=phone SIP/2.0