[asterisk-users] What means? Correct auth, but based on stale nonce received

Martin asterisklist at callthem.info
Tue Apr 14 16:20:30 CDT 2009


Y, it can be that someone wants to register with a sniffed SIP packet.

it's basically the nonce="" value is not the same Asterisk sent for
that REGISTER session

Martin

On Tue, Apr 14, 2009 at 11:10 AM, Danny Nicholas <danny at debsinc.com> wrote:
> http://lists.digium.com/pipermail/asterisk-users/2005-July/110220.html
>
> It means that a SIP device is re-using an old authentication challenge.
> If it still registers and can place calls, there's no problem to worry
> about. It's just a warning.
>
>
> -----Original Message-----
> From: asterisk-users-bounces at lists.digium.com
> [mailto:asterisk-users-bounces at lists.digium.com] On Behalf Of Tiago Durante
> Sent: Tuesday, April 14, 2009 11:06 AM
> To: Asterisk Users Mailing List - Non-Commercial Discussion
> Subject: [asterisk-users] What means? Correct auth,but based on stale nonce
> received
>
> Hi masters!
>
> I've this Asterisk 1.4.15 running. yesterday I had to change the
> firewall schema that I had before.
>
> I use to have a FW that would be my network FW/Proxy and do the NATs
> for Asterisk. This FW was receiving too many requests from my LAN and
> it was making the Asterisk 'cut' the calls or reach very high latency.
>
> Yesterday I added a new FW just for this Asterisk. The same
> configuration as the old firewall, loading the same modules, same
> NATs.
>
> But now some ATAs (sip) can't register against this Asterisk and the
> ones that can generates these messages:
>
> [Apr 14 13:01:45] NOTICE[29235]: chan_sip.c:8375 check_auth: Correct
> auth, but based on stale nonce received from
> 'sip:XXXXX at 200.X.X.X:5060'
> [Apr 14 13:01:45] NOTICE[29235]: chan_sip.c:8375 check_auth: Correct
> auth, but based on stale nonce received from
> 'sip:XXXXX at 200.X.X.X:5060'
>
> Does any one know why this happens?
>
> Thank you!!!
>
> --
> Tiago Durante
>
> ,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,
> Perseverance is the hard work you do after you
> get tired of doing the hard work you already did.
> -- Newt Gingrich
>
> _______________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>   http://lists.digium.com/mailman/listinfo/asterisk-users
>
>
> _______________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>   http://lists.digium.com/mailman/listinfo/asterisk-users
>



More information about the asterisk-users mailing list