[asterisk-users] Asterisk as a client: can I get the remote SIP server to ignore rport?
Markus
universe at truemetal.org
Wed Feb 19 11:53:11 CST 2014
Hi list,
I have a fresh install of Asterisk 12.0.0 and I'm going to use it only
as a client. I'm trying to SIP REGISTER with a remote SIP provider.
The situation is that Asterisk is running in a VMware VM with a RFC IP
address (192.168.1.2). The provider of the VM performs static NAT from
the RFC IP address to a dedicated public IP address, however, they are
rewriting ports at will. That's the problem.
Here's an excerpt from tcpdump:
IP 192.168.1.2.5060 > my.provider.com.5060: UDP, length 411
REGISTER sip:my.provider.com SIP/2.0
Via: SIP/2.0/UDP 192.168.1.2:5060;branch=z9hG4bK25a36d76
Max-Forwards: 70
From: <sip:1234 at my.provider.com>;tag=as762d7322
To: <sip:1234 at my.provider.com>
Call-ID: 778c50f84e80a9db60dcd35a2f8a1498 at 127.0.0.1
CSeq: 228 REGISTER
Supported: replaces, timer
User-Agent: Asterisk PBX 12.0.0
Expires: 120
Contact: <sip:1234 at 192.168.1.2:5060>
Content-Length: 0
Then the remote SIP provider answers of course with "401 Unauthorized"
but that reply never makes it to Asterisk, because it doesn't come in on
port 5060, where it actually originated on the VM, but on a random port
that the VM hosting providers' NAT router rewrote to, in the below case
port 63664. And the remote SIP provider tries to send the reply back on
that random port. Note MY.PUBLIC.IP.ADDRESS and rport below:
IP my.provider.com.5060 > 192.168.1.2.63664: UDP, length 534
SIP/2.0 401 Unauthorized
Via: SIP/2.0/UDP
192.168.1.2:5060;branch=z9hG4bK25a36d76;received=MY.PUBLIC.IP.ADDRESS;rport=63664
From: <sip:1234 at my.provider.com>;tag=as762d7322
To: <sip:1234 at my.provider.com>;tag=as45cffa11
Call-ID: 778c50f84e80a9db60dcd35a2f8a1498 at 127.0.0.1
CSeq: 228 REGISTER
Server: FPBX-2.10.0(1.8.15.1)
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY,
INFO, PUBLISH
Supported: replaces, timer
WWW-Authenticate: Digest algorithm=MD5, realm="asterisk", nonce="1d46fec6"
Content-Length: 0
I'm thinking the answer is "no", but is there any option how I can get
the remote SIP provider to answer me on port 5060? Without having them
to change anything in their config.
Thank you!
Markus
More information about the asterisk-users
mailing list