[asterisk-users] Asterisk16 - PJSIP - Error 401 on outbound registration
Administrator
admin at tootai.net
Sun Jan 19 08:42:12 CST 2020
Le 19/01/2020 à 00:31, Joshua C. Colp a écrit :
> On Sat, Jan 18, 2020 at 1:14 PM Administrator <admin at tootai.net
> <mailto:admin at tootai.net>> wrote:
>
>
> Le 17/01/2020 à 11:54, Administrator a écrit :
> >
> > Le 15/01/2020 à 19:24, Administrator a écrit :
> >> Hi all,
> >>
> >> we face a strange behavior while connecting an Asterisk16 instance
> >> with PJSIP to 2 providers: we receive error 401 Unauthorized,
> both of
> >> them having Kamailio as front-end. With other providers -we don't
> >> know if they run kamailio- registration is just fine.
> >>
> >> One of the provider took a pcap and told us that expiration was
> set
> >> to 0 that's why they don't accept the registration. We took a
> pcap on
> >> our side when SIP packet goes out of our server and we see that
> the
> >> expiration parameter is setted to 3600 !
> >>
> >> Asterisk version is Asterisk 16.2.1~dfsg-1+deb10u1 on Debian 10
> up to
> >> date. We also installed 16.7 from scratch, same problem. I have to
> >> mention that our test asterisk is also a Debian 10 with Asterisk
> >> stock 16.7 and _does_ register normally against the same
> provider :(
> >>
> >> If someone had a clue on this, welcome.
> >
> > We went a step further: when Asterisk is receiving the 401
> > Unauthorized it doesn't send the Authorization back, insteed it
> send
> > the Register back with the *same* CSeq which it shoudn't. Pjsip is
> >
> > pabx16*CLI> pjsip show version
> > PJPROJECT version currently running against: 2.8
>
> We removed the debian asterisk deb package and compiled from 16.7.0
> source. Problem stays, still ni CSeq increment. Pjsip is
>
> pabx16*CLI> pjsip show version
> PJPROJECT version currently running against: 2.9
>
> Anyone on this ?
>
>
> Is the response actually getting to Asterisk? Does it show up in
> "pjsip set logger on"? Is the REGISTER a retransmission and thus
> expected to be the same?
It become stranger and stranger: on one of the register peer we receive
in asterisk:
*CLI> [2020-01-19 15:23:18] WARNING[17469]:
res_pjsip_outbound_registration.c:1021 handle_registration_response:
Fatal response '401' received from 'sip:<myprovider>' on registration
attempt to 'sip:<myuser>@<myprovider>', stopping outbound registration
On the other one:
[2020-01-19 15:23:46] WARNING[17469]:
res_pjsip_outbound_registration.c:801 schedule_retry: No response
received from 'sip:<other provider>' on registration attempt to
'sip:<other user at other provider>', retrying in '60'
*BUT*
IP <other provider IP>.5060 10.1.58.14.64777: UDP, length 497
E...e...6....2N$
.:.... ..RQSIP/2.0 401 Unauthorized
Via: SIP/2.0/UDP <our public
IP>:5060;rport=64777;branch=z9hG4bKPjdfb1d5d6-efbd-4e43-a932-252cfa0e7a9b
From: <sip:<otheruser at other
provider>;tag=743c09d7-bdf9-4579-b7be-b087b0f19a46
To: <sip:<other user@<other
provider>;tag=a4993fce1db28f0d818901aca45fc7e1-39af
Call-ID: fadecc03-31e1-50ef-b686-d1a6b7ea0eda
CSeq: 49518 REGISTER
WWW-Authenticate: Digest realm="<other provider>",
nonce="XiRnoo5Qbfr8xRP1yNPD+Piy/eKORSub", qop="auth"
Content-Length: 0
So the answer is coming back to the server but not to asterisk. With the
debian package of asterisk-16 the 401 response was received by asterisk.
We now have 2 problems:
- why asterisk doesn't get the answer of one of the provider
- why when receiving the 401 from the other provider it doesn't then the
Authorization back
If it matter, server is a VM using ipv4 and ipv6, we have mtu setted to
1492 and use nft for FW rules.
--
Daniel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20200119/5c0fc860/attachment.html>
More information about the asterisk-users
mailing list