[asterisk-users] SIP - Authenticated vs Unauthenticated Calls

[Joshua Colp]

Tim Nelson wrote:
> Greetings-

Hola,

> I'm running into an issue as follows, in simplified form:
>
> A remote Asterisk box, when registered/peered via SIP to a central server, and makes a call to that central server, is *sometimes* authenticated and calls go through properly (via from-internal context), and *sometimes* is unauthenticated, and all calls are greeted with congestion() via the from-sip-external context. Yes, as you can tell, FreePBX is in play here too.
>
> Grabbing captures of a working call vs a non-working call, I'm seeing on the working call, the central Asterisk server is responding to the INVITE with a 407 Proxy Authentication Needed, box responds, call goes through. On the non-working calls, the central Asterisk server is responding with a simple 100 Trying, then 200 OKs the session as it throws it into from-sip-external assuming the box is not authenticated.
>
> So... and pardon my rambling above... why is this the case? In what circumstances would Asterisk respond to the same peer differently, seemingly at random?

chan_sip can match to a peer a few different ways:

1. The user portion of the From header matches a configured peer in sip.conf
2. The received IP address/port matches a configured peer in sip.conf 
using "insecure=very" or combination thereof.

It's possible that you are relying on #1 but not explicitly overriding 
the user portion in the calling Asterisk using fromuser. Without doing 
this the user portion carries caller ID number information, with can 
obviously change between calls.

That's my best guess without "sip set debug on" output for a non-working 
call and the configuration.

Cheers,

-- 
Joshua Colp
Digium, Inc. | Senior Software Developer
445 Jan Davis Drive NW - Huntsville, AL 35806 - USA
Check us out at:  www.digium.com  & www.asterisk.org