401 for re register from some devices PJSIP

#1

I am facing an issue with some devices that will register fine but will lose registration after some time. I get the following message on cli


<--- Received SIP request (703 bytes) from UDP:192.168.1.151:5060 --->
REGISTER sip:192.168.1.18 SIP/2.0
Via: SIP/2.0/UDP 192.168.1.151:5060;rport;branch=z9hG4bK37597672
From: <sip:151@192.168.1.18>;tag=2110350079
To: <sip:151@192.168.1.18>
Call-ID: 1994622928
CSeq: 14405 REGISTER
Contact: <sip:151@192.168.1.151:5060;line=2690f3e684d1ac8>
Authorization: Digest username="151", realm="asterisk", nonce="1557693922/a366c487142bbdcd7fa067c35e643df9", uri="sip:192.168.1.18", response="3bad8a50964c3f8d5188874f3c351158", algorithm=MD5, cnonce="0a4f113b", opaque="10aaf9ad7f08a078", qop=auth, nc=00000001
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE, SUBSCRIBE, INFO
Max-Forwards: 70
User-Agent: DnakeVoip v1.0
Expires: 600
Content-Length: 0


<--- Transmitting SIP response (465 bytes) to UDP:192.168.1.151:5060 --->
SIP/2.0 401 Unauthorized
Via: SIP/2.0/UDP 192.168.1.151:5060;rport=5060;received=192.168.1.151;branch=z9hG4bK37597672
Call-ID: 1994622928
From: <sip:151@192.168.1.18>;tag=2110350079
To: <sip:151@192.168.1.18>;tag=z9hG4bK37597672
CSeq: 14405 REGISTER
WWW-Authenticate: Digest  realm="asterisk",nonce="1557694043/84f5830573a03a7eeb697e90e311b7e0",opaque="5c5bf2f3239112e4",stale=true,algorithm=md5,qop="auth"
Server: Asterisk PBX 15.2.2
Content-Length:  0

Following is the pjsip section of 151

[151]
trustrpid = yes



[151]
type = aor
max_contacts = 1
remove_existing = yes
qualify_frequency = 60
maximum_expiration = 3600
minimum_expiration = 60
default_expiration = 120

[151]
type = auth
username = 151
password = xxxxxx

[151]
type = endpoint
rewrite_contact=yes
dtmf_mode = rfc4733
disallow = all
allow = ulaw
allow = alaw
allow = gsm
allow = g726
allow = h264
allow = mpeg4
allow = vp8
allow = h263p
rtp_timeout = 30
timers = yes
direct_media = no
callerid=151 <151>
send_pai = yes
use_avpf = no
tos_audio = ef
tos_video = af41
auth = 151
outbound_auth = 151
aors = 151
#2

What happen after the first 401

#3

continues like that…

#4

After the 401 device must send a second register request with the auth details

#5

The nonce has, presumably, expired.

#6

How to get this solved?

#7

The UAC should re-authenticate with the updated nonce provide in the 401 response.

1 Like
#8

In my case all devices from a certain brand ‘Dnake’ can not get registered. While others are OK.
The point that is strange to me is that same devices when I used a previous build were working fine with a previous build of OpenWrt. My Asterisk is on a device with OpenWrt as OS. The build of OS where all devices work has no change in Asterisk or the main OS code itself. Rather just an update to some background scripts.

#9

Here is the debug log I collected, the issue is with devices with extensions 15x and 16x series
https://pastebin.com/QZd6JGKh

Here is the first 401

In the next attempt, the device updates the nonce but again asterisk responds with 401

Again in the next attempt, the device tries with this new nonce but asterisk would respond with 401 again

#10

You would need to provide evidence that they were re-authenticating with the correct nonce before it would be worth looking any further.

#11

https://pastebin.com/QZd6JGKh will this debug /verbose messages suffice for that. If you search for 151@ you can see that after every 401 response they request register with the nonce that was provided in the 401 response

#12

You seem to have lost hte time stamps, so, although there is a lot of traffic between the 401 and the next REGISTER, I cannot tell if it is a response to hte 401, or a periodic re-attempt. In the latter case, the none may well have expired, and, in any case , the UAC isn’t obeying hte authentication protocol.

You should take traces from log files, not from the console, to ensure you do have time stamps.

#13

Can you please explain this

Should I send you the messages from /var/log/asterisk/messages

#14

If the UAC receives a 401 on a re-REGISTER, it should immediately retransmit the REGISTER, using the nonce orm the 401. If it waits for some time before retransmitting, it is not obeying the protocol (and the nonce may again have expired by the time it does send it).

#15

Would increasing the value of nonce_lifetime help in this regard?

#16
No.   Timestamp  (Dir) Address                  SIP Message                        
===== ========== ============================== ===================================
00000 1557746523 * ==> 192.168.1.101:5060       OPTIONS sip:101@192.168.1.101:5060 SIP/2.0
00001 1557746523 * <== 192.168.1.101:5060       SIP/2.0 200 OK
00002 1557746530 * ==> 192.168.1.108:5060       OPTIONS sip:108@192.168.1.108:5060 SIP/2.0
00003 1557746530 * <== 192.168.1.108:5060       SIP/2.0 200 OK
00004 1557746543 * ==> 192.168.1.104:5060       OPTIONS sip:104@192.168.1.104:5060 SIP/2.0
00005 1557746543 * <== 192.168.1.104:5060       SIP/2.0 200 OK
00006 1557746546 * <== 192.168.1.151:5060       REGISTER sip:192.168.1.18 SIP/2.0
00007 1557746546 * ==> 192.168.1.151:5060       SIP/2.0 401 Unauthorized
00008 1557746546 * <== 192.168.1.151:5060       REGISTER sip:192.168.1.18 SIP/2.0
00009 1557746546 * ==> 192.168.1.151:5060       SIP/2.0 200 OK
00010 1557746549 * ==> 192.168.1.110:5060       OPTIONS sip:110@192.168.1.110:5060 SIP/2.0
00011 1557746549 * <== 192.168.1.110:5060       SIP/2.0 200 OK
00012 1557746549 * <== 192.168.1.151:5060       OPTIONS sip:192.168.1.18 SIP/2.0
00013 1557746549 * ==> 192.168.1.151:5060       SIP/2.0 401 Unauthorized
00014 1557746549 * <== 192.168.1.151:5060       OPTIONS sip:192.168.1.18 SIP/2.0
00015 1557746549 * ==> 192.168.1.151:5060       SIP/2.0 200 OK
00016 1557746552 * ==> 82.178.22.45:42802       OPTIONS sip:140@82.178.22.45:42802;transport=TLS SIP/2.0
00017 1557746553 * <== 82.178.22.45:42802       SIP/2.0 200 OK
00018 1557746558 * ==> 192.168.1.103:5060       OPTIONS sip:103@192.168.1.103:5060 SIP/2.0
00019 1557746558 * <== 192.168.1.103:5060       SIP/2.0 200 OK
00020 1557746558 * ==> 192.168.1.102:5060       OPTIONS sip:102@192.168.1.102:5060 SIP/2.0
00021 1557746558 * <== 192.168.1.102:5060       SIP/2.0 200 OK
00022 1557746561 * ==> 192.168.1.151:5060       OPTIONS sip:151@192.168.1.151:5060;line=2690f3e684d1ac8 SIP/2.0
00023 1557746561 * <== 192.168.1.151:5060       SIP/2.0 200 OK
00024 1557746562 * ==> 192.168.1.105:5060       OPTIONS sip:105@192.168.1.105:5060 SIP/2.0
00025 1557746562 * <== 192.168.1.105:5060       SIP/2.0 200 OK
00026 1557746564 * <== 192.168.1.161:5060       REGISTER sip:192.168.1.18 SIP/2.0
00027 1557746564 * ==> 192.168.1.161:5060       SIP/2.0 401 Unauthorized
00028 1557746569 * ==> 192.168.1.106:5060       OPTIONS sip:106@192.168.1.106:5060 SIP/2.0
00029 1557746569 * <== 192.168.1.106:5060       SIP/2.0 200 OK
00030 1557746570 * ==> 46.140.240.122:45461     OPTIONS sip:140@46.140.240.122:45461;transport=TLS SIP/2.0
00031 1557746571 * <== 46.140.240.122:45461     SIP/2.0 200 OK
00032 1557746578 * ==> 192.168.1.107:5060       OPTIONS sip:107@192.168.1.107:5060 SIP/2.0
00033 1557746578 * <== 192.168.1.107:5060       SIP/2.0 200 OK
00034 1557746579 * <== 192.168.1.151:5060       OPTIONS sip:192.168.1.18 SIP/2.0
00035 1557746579 * ==> 192.168.1.151:5060       SIP/2.0 401 Unauthorized
00036 1557746579 * <== 192.168.1.151:5060       OPTIONS sip:192.168.1.18 SIP/2.0
00037 1557746579 * ==> 192.168.1.151:5060       SIP/2.0 200 OK
00038 1557746583 * ==> 192.168.1.101:5060       OPTIONS sip:101@192.168.1.101:5060 SIP/2.0
00039 1557746583 * <== 192.168.1.101:5060       SIP/2.0 200 OK
00040 1557746590 * ==> 192.168.1.108:5060       OPTIONS sip:108@192.168.1.108:5060 SIP/2.0
00041 1557746590 * <== 192.168.1.108:5060       SIP/2.0 200 OK
00042 1557746603 * ==> 192.168.1.104:5060       OPTIONS sip:104@192.168.1.104:5060 SIP/2.0
00043 1557746603 * <== 192.168.1.104:5060       SIP/2.0 200 OK
00044 1557746609 * ==> 192.168.1.110:5060       OPTIONS sip:110@192.168.1.110:5060 SIP/2.0
00045 1557746609 * <== 192.168.1.110:5060       SIP/2.0 200 OK
00046 1557746609 * <== 192.168.1.151:5060       OPTIONS sip:192.168.1.18 SIP/2.0
00047 1557746609 * ==> 192.168.1.151:5060       SIP/2.0 401 Unauthorized
00048 1557746609 * <== 192.168.1.151:5060       OPTIONS sip:192.168.1.18 SIP/2.0
00049 1557746609 * ==> 192.168.1.151:5060       SIP/2.0 200 OK
00050 1557746612 * ==> 82.178.22.45:42802       OPTIONS sip:140@82.178.22.45:42802;transport=TLS SIP/2.0
00051 1557746612 * <== 82.178.22.45:42802       SIP/2.0 200 OK
00052 1557746618 * ==> 192.168.1.103:5060       OPTIONS sip:103@192.168.1.103:5060 SIP/2.0
00053 1557746618 * <== 192.168.1.103:5060       SIP/2.0 200 OK
00054 1557746618 * ==> 192.168.1.102:5060       OPTIONS sip:102@192.168.1.102:5060 SIP/2.0
00055 1557746618 * <== 192.168.1.102:5060       SIP/2.0 200 OK
00056 1557746621 * ==> 192.168.1.151:5060       OPTIONS sip:151@192.168.1.151:5060;line=2690f3e684d1ac8 SIP/2.0
00057 1557746621 * <== 192.168.1.151:5060       SIP/2.0 200 OK
00058 1557746622 * ==> 192.168.1.105:5060       OPTIONS sip:105@192.168.1.105:5060 SIP/2.0
00059 1557746622 * <== 192.168.1.105:5060       SIP/2.0 200 OK
00060 1557746629 * ==> 192.168.1.106:5060       OPTIONS sip:106@192.168.1.106:5060 SIP/2.0
00061 1557746629 * <== 192.168.1.106:5060       SIP/2.0 200 OK
00062 1557746630 * ==> 46.140.240.122:45461     OPTIONS sip:140@46.140.240.122:45461;transport=TLS SIP/2.0
00063 1557746631 * <== 46.140.240.122:45461     SIP/2.0 200 OK
00064 1557746634 * <== 192.168.1.152:5060       REGISTER sip:192.168.1.18 SIP/2.0
00065 1557746634 * ==> 192.168.1.152:5060       SIP/2.0 401 Unauthorized
00066 1557746638 * ==> 192.168.1.107:5060       OPTIONS sip:107@192.168.1.107:5060 SIP/2.0
00067 1557746638 * <== 192.168.1.107:5060       SIP/2.0 200 OK
00068 1557746639 * <== 192.168.1.151:5060       OPTIONS sip:192.168.1.18 SIP/2.0
00069 1557746639 * ==> 192.168.1.151:5060       SIP/2.0 401 Unauthorized
00070 1557746639 * <== 192.168.1.151:5060       OPTIONS sip:192.168.1.18 SIP/2.0
00071 1557746639 * ==> 192.168.1.151:5060       SIP/2.0 200 OK
00072 1557746640 * <== 192.168.1.153:5060       REGISTER sip:192.168.1.18 SIP/2.0
00073 1557746640 * ==> 192.168.1.153:5060       SIP/2.0 401 Unauthorized
00074 1557746643 * ==> 192.168.1.101:5060       OPTIONS sip:101@192.168.1.101:5060 SIP/2.0
00075 1557746643 * <== 192.168.1.101:5060       SIP/2.0 200 OK
00076 1557746650 * ==> 192.168.1.108:5060       OPTIONS sip:108@192.168.1.108:5060 SIP/2.0
00077 1557746650 * <== 192.168.1.108:5060       SIP/2.0 200 OK
00078 1557746663 * ==> 192.168.1.104:5060       OPTIONS sip:104@192.168.1.104:5060 SIP/2.0
00079 1557746663 * <== 192.168.1.104:5060       SIP/2.0 200 OK
00080 1557746669 * ==> 192.168.1.110:5060       OPTIONS sip:110@192.168.1.110:5060 SIP/2.0
00081 1557746669 * <== 192.168.1.110:5060       SIP/2.0 200 OK
00082 1557746669 * <== 192.168.1.151:5060       OPTIONS sip:192.168.1.18 SIP/2.0
00083 1557746669 * ==> 192.168.1.151:5060       SIP/2.0 401 Unauthorized
00084 1557746669 * <== 192.168.1.151:5060       OPTIONS sip:192.168.1.18 SIP/2.0
00085 1557746669 * ==> 192.168.1.151:5060       SIP/2.0 200 OK
00086 1557746672 * ==> 82.178.22.45:42802       OPTIONS sip:140@82.178.22.45:42802;transport=TLS SIP/2.0
00087 1557746672 * <== 82.178.22.45:42802       SIP/2.0 200 OK
00088 1557746678 * ==> 192.168.1.103:5060       OPTIONS sip:103@192.168.1.103:5060 SIP/2.0
00089 1557746678 * <== 192.168.1.103:5060       SIP/2.0 200 OK
00090 1557746678 * ==> 192.168.1.102:5060       OPTIONS sip:102@192.168.1.102:5060 SIP/2.0
00091 1557746678 * <== 192.168.1.102:5060       SIP/2.0 200 OK
00092 1557746681 * ==> 192.168.1.151:5060       OPTIONS sip:151@192.168.1.151:5060;line=2690f3e684d1ac8 SIP/2.0
00093 1557746681 * <== 192.168.1.151:5060       SIP/2.0 200 OK
00094 1557746682 * ==> 192.168.1.105:5060       OPTIONS sip:105@192.168.1.105:5060 SIP/2.0
00095 1557746682 * <== 192.168.1.105:5060       SIP/2.0 200 OK
00096 1557746685 * <== 192.168.1.161:5060       REGISTER sip:192.168.1.18 SIP/2.0
00097 1557746685 * ==> 192.168.1.161:5060       SIP/2.0 401 Unauthorized
00098 1557746689 * ==> 192.168.1.106:5060       OPTIONS sip:106@192.168.1.106:5060 SIP/2.0
00099 1557746689 * <== 192.168.1.106:5060       SIP/2.0 200 OK
00100 1557746690 * ==> 46.140.240.122:45461     OPTIONS sip:140@46.140.240.122:45461;transport=TLS SIP/2.0
00101 1557746691 * <== 46.140.240.122:45461     SIP/2.0 200 OK
00102 1557746698 * ==> 192.168.1.107:5060       OPTIONS sip:107@192.168.1.107:5060 SIP/2.0
00103 1557746698 * <== 192.168.1.107:5060       SIP/2.0 200 OK
00104 1557746699 * <== 192.168.1.151:5060       OPTIONS sip:192.168.1.18 SIP/2.0
00105 1557746699 * ==> 192.168.1.151:5060       SIP/2.0 401 Unauthorized
00106 1557746699 * <== 192.168.1.151:5060       OPTIONS sip:192.168.1.18 SIP/2.0
00107 1557746699 * ==> 192.168.1.151:5060       SIP/2.0 200 OK
00108 1557746703 * ==> 192.168.1.101:5060       OPTIONS sip:101@192.168.1.101:5060 SIP/2.0
00109 1557746703 * <== 192.168.1.101:5060       SIP/2.0 200 OK
00110 1557746710 * ==> 192.168.1.108:5060       OPTIONS sip:108@192.168.1.108:5060 SIP/2.0
00111 1557746710 * <== 192.168.1.108:5060       SIP/2.0 200 OK
00112 1557746723 * ==> 192.168.1.104:5060       OPTIONS sip:104@192.168.1.104:5060 SIP/2.0
00113 1557746723 * <== 192.168.1.104:5060       SIP/2.0 200 OK
00114 1557746726 * <== 192.168.1.101:5060       REGISTER sip:192.168.1.18 SIP/2.0
00115 1557746726 * ==> 192.168.1.101:5060       SIP/2.0 401 Unauthorized
00116 1557746726 * <== 192.168.1.101:5060       REGISTER sip:192.168.1.18 SIP/2.0
00117 1557746726 * ==> 192.168.1.101:5060       SIP/2.0 200 OK
00118 1557746729 * ==> 192.168.1.110:5060       OPTIONS sip:110@192.168.1.110:5060 SIP/2.0
00119 1557746729 * <== 192.168.1.110:5060       SIP/2.0 200 OK
00120 1557746729 * <== 192.168.1.151:5060       OPTIONS sip:192.168.1.18 SIP/2.0
00121 1557746729 * ==> 192.168.1.151:5060       SIP/2.0 401 Unauthorized
00122 1557746729 * <== 192.168.1.151:5060       OPTIONS sip:192.168.1.18 SIP/2.0
00123 1557746729 * ==> 192.168.1.151:5060       SIP/2.0 200 OK
00124 1557746732 * ==> 82.178.22.45:42802       OPTIONS sip:140@82.178.22.45:42802;transport=TLS SIP/2.0
00125 1557746732 * <== 82.178.22.45:42802       SIP/2.0 200 OK
00126 1557746738 * ==> 192.168.1.103:5060       OPTIONS sip:103@192.168.1.103:5060 SIP/2.0
00127 1557746738 * <== 192.168.1.103:5060       SIP/2.0 200 OK
00128 1557746738 * ==> 192.168.1.102:5060       OPTIONS sip:102@192.168.1.102:5060 SIP/2.0
00129 1557746738 * <== 192.168.1.102:5060       SIP/2.0 200 OK
00130 1557746741 * ==> 192.168.1.151:5060       OPTIONS sip:151@192.168.1.151:5060;line=2690f3e684d1ac8 SIP/2.0
00131 1557746741 * <== 192.168.1.151:5060       SIP/2.0 200 OK
00132 1557746742 * ==> 192.168.1.105:5060       OPTIONS sip:105@192.168.1.105:5060 SIP/2.0
00133 1557746742 * <== 192.168.1.105:5060       SIP/2.0 200 OK
00134 1557746749 * ==> 192.168.1.106:5060       OPTIONS sip:106@192.168.1.106:5060 SIP/2.0
00135 1557746749 * <== 192.168.1.106:5060       SIP/2.0 200 OK
00136 1557746750 * ==> 46.140.240.122:45461     OPTIONS sip:140@46.140.240.122:45461;transport=TLS SIP/2.0
00137 1557746751 * <== 46.140.240.122:45461     SIP/2.0 200 OK
00138 1557746755 * <== 192.168.1.152:5060       REGISTER sip:192.168.1.18 SIP/2.0
00139 1557746755 * ==> 192.168.1.152:5060       SIP/2.0 401 Unauthorized
00140 1557746758 * ==> 192.168.1.107:5060       OPTIONS sip:107@192.168.1.107:5060 SIP/2.0
00141 1557746758 * <== 192.168.1.107:5060       SIP/2.0 200 OK
00142 1557746759 * <== 192.168.1.151:5060       OPTIONS sip:192.168.1.18 SIP/2.0
00143 1557746759 * ==> 192.168.1.151:5060       SIP/2.0 401 Unauthorized
00144 1557746759 * <== 192.168.1.151:5060       OPTIONS sip:192.168.1.18 SIP/2.0
00145 1557746759 * ==> 192.168.1.151:5060       SIP/2.0 200 OK
00146 1557746761 * <== 192.168.1.153:5060       REGISTER sip:192.168.1.18 SIP/2.0
00147 1557746761 * ==> 192.168.1.153:5060       SIP/2.0 401 Unauthorized
00148 1557746763 * ==> 192.168.1.101:5060       OPTIONS sip:101@192.168.1.101:5060 SIP/2.0
00149 1557746763 * <== 192.168.1.101:5060       SIP/2.0 200 OK
00150 1557746770 * ==> 192.168.1.108:5060       OPTIONS sip:108@192.168.1.108:5060 SIP/2.0
00151 1557746770 * <== 192.168.1.108:5060       SIP/2.0 200 OK
00152 1557746783 * ==> 192.168.1.104:5060       OPTIONS sip:104@192.168.1.104:5060 SIP/2.0
00153 1557746783 * <== 192.168.1.104:5060       SIP/2.0 200 OK
00154 1557746789 * ==> 192.168.1.110:5060       OPTIONS sip:110@192.168.1.110:5060 SIP/2.0
00155 1557746789 * <== 192.168.1.110:5060       SIP/2.0 200 OK
00156 1557746789 * <== 192.168.1.151:5060       OPTIONS sip:192.168.1.18 SIP/2.0
00157 1557746789 * ==> 192.168.1.151:5060       SIP/2.0 401 Unauthorized
00158 1557746789 * <== 192.168.1.151:5060       OPTIONS sip:192.168.1.18 SIP/2.0
00159 1557746789 * ==> 192.168.1.151:5060       SIP/2.0 200 OK
00160 1557746792 * ==> 82.178.22.45:42802       OPTIONS sip:140@82.178.22.45:42802;transport=TLS SIP/2.0
00161 1557746797 * <== 82.178.22.45:42802       SIP/2.0 200 OK
00162 1557746798 * ==> 192.168.1.103:5060       OPTIONS sip:103@192.168.1.103:5060 SIP/2.0
00163 1557746798 * <== 192.168.1.103:5060       SIP/2.0 200 OK
00164 1557746798 * ==> 192.168.1.102:5060       OPTIONS sip:102@192.168.1.102:5060 SIP/2.0
00165 1557746798 * <== 192.168.1.102:5060       SIP/2.0 200 OK
00166 1557746801 * ==> 192.168.1.151:5060       OPTIONS sip:151@192.168.1.151:5060;line=2690f3e684d1ac8 SIP/2.0
00167 1557746801 * <== 192.168.1.151:5060       SIP/2.0 200 OK
00168 1557746802 * ==> 192.168.1.105:5060       OPTIONS sip:105@192.168.1.105:5060 SIP/2.0
00169 1557746802 * <== 192.168.1.105:5060       SIP/2.0 200 OK
00170 1557746806 * <== 192.168.1.161:5060       REGISTER sip:192.168.1.18 SIP/2.0
00171 1557746806 * ==> 192.168.1.161:5060       SIP/2.0 401 Unauthorized
00172 1557746809 * ==> 192.168.1.106:5060       OPTIONS sip:106@192.168.1.106:5060 SIP/2.0
00173 1557746809 * <== 192.168.1.106:5060       SIP/2.0 200 OK
00174 1557746810 * ==> 46.140.240.122:45461     OPTIONS sip:140@46.140.240.122:45461;transport=TLS SIP/2.0
00175 1557746812 * <== 46.140.240.122:45461     SIP/2.0 200 OK
00176 1557746815 * <== 192.168.1.151:5060       REGISTER sip:192.168.1.18 SIP/2.0
00177 1557746815 * ==> 192.168.1.151:5060       SIP/2.0 401 Unauthorized
00178 1557746815 * <== 192.168.1.151:5060       REGISTER sip:192.168.1.18 SIP/2.0
00179 1557746815 * ==> 192.168.1.151:5060       SIP/2.0 200 OK
00180 1557746818 * ==> 192.168.1.107:5060       OPTIONS sip:107@192.168.1.107:5060 SIP/2.0
00181 1557746818 * <== 192.168.1.107:5060       SIP/2.0 200 OK
00182 1557746819 * <== 192.168.1.151:5060       OPTIONS sip:192.168.1.18 SIP/2.0
00183 1557746819 * ==> 192.168.1.151:5060       SIP/2.0 401 Unauthorized
00184 1557746819 * <== 192.168.1.151:5060       OPTIONS sip:192.168.1.18 SIP/2.0
00185 1557746819 * ==> 192.168.1.151:5060       SIP/2.0 200 OK
00186 1557746823 * ==> 192.168.1.101:5060       OPTIONS sip:101@192.168.1.101:5060 SIP/2.0
00187 1557746823 * <== 192.168.1.101:5060       SIP/2.0 200 OK
00188 1557746830 * ==> 192.168.1.108:5060       OPTIONS sip:108@192.168.1.108:5060 SIP/2.0
00189 1557746830 * <== 192.168.1.108:5060       SIP/2.0 200 OK
00190 1557746843 * ==> 192.168.1.104:5060       OPTIONS sip:104@192.168.1.104:5060 SIP/2.0
00191 1557746843 * <== 192.168.1.104:5060       SIP/2.0 200 OK
00192 1557746849 * ==> 192.168.1.110:5060       OPTIONS sip:110@192.168.1.110:5060 SIP/2.0
00193 1557746849 * <== 192.168.1.110:5060       SIP/2.0 200 OK
00194 1557746849 * <== 192.168.1.151:5060       OPTIONS sip:192.168.1.18 SIP/2.0
00195 1557746849 * ==> 192.168.1.151:5060       SIP/2.0 401 Unauthorized
00196 1557746849 * <== 192.168.1.151:5060       OPTIONS sip:192.168.1.18 SIP/2.0
00197 1557746849 * ==> 192.168.1.151:5060       SIP/2.0 200 OK
00198 1557746852 * ==> 82.178.22.45:42802       OPTIONS sip:140@82.178.22.45:42802;transport=TLS SIP/2.0
00199 1557746852 * <== 82.178.22.45:42802       SIP/2.0 200 OK
00200 1557746858 * ==> 192.168.1.103:5060       OPTIONS sip:103@192.168.1.103:5060 SIP/2.0
00201 1557746858 * <== 192.168.1.103:5060       SIP/2.0 200 OK
00202 1557746858 * ==> 192.168.1.102:5060       OPTIONS sip:102@192.168.1.102:5060 SIP/2.0
00203 1557746858 * <== 192.168.1.102:5060       SIP/2.0 200 OK
00204 1557746861 * ==> 192.168.1.151:5060       OPTIONS sip:151@192.168.1.151:5060;line=2690f3e684d1ac8 SIP/2.0
00205 1557746861 * <== 192.168.1.151:5060       SIP/2.0 200 OK
00206 1557746862 * ==> 192.168.1.105:5060       OPTIONS sip:105@192.168.1.105:5060 SIP/2.0
00207 1557746862 * <== 192.168.1.105:5060       SIP/2.0 200 OK
00208 1557746869 * ==> 192.168.1.106:5060       OPTIONS sip:106@192.168.1.106:5060 SIP/2.0
00209 1557746869 * <== 192.168.1.106:5060       SIP/2.0 200 OK
00210 1557746870 * ==> 46.140.240.122:45461     OPTIONS sip:140@46.140.240.122:45461;transport=TLS SIP/2.0
00211 1557746871 * <== 46.140.240.122:45461     SIP/2.0 200 OK
00212 1557746876 * <== 192.168.1.152:5060       REGISTER sip:192.168.1.18 SIP/2.0
00213 1557746876 * ==> 192.168.1.152:5060       SIP/2.0 401 Unauthorized
00214 1557746878 * ==> 192.168.1.107:5060       OPTIONS sip:107@192.168.1.107:5060 SIP/2.0
00215 1557746878 * <== 192.168.1.107:5060       SIP/2.0 200 OK
00216 1557746879 * <== 192.168.1.151:5060       OPTIONS sip:192.168.1.18 SIP/2.0
00217 1557746879 * ==> 192.168.1.151:5060       SIP/2.0 401 Unauthorized
00218 1557746879 * <== 192.168.1.151:5060       OPTIONS sip:192.168.1.18 SIP/2.0
00219 1557746879 * ==> 192.168.1.151:5060       SIP/2.0 200 OK
00220 1557746882 * <== 192.168.1.153:5060       REGISTER sip:192.168.1.18 SIP/2.0
00221 1557746882 * ==> 192.168.1.153:5060       SIP/2.0 401 Unauthorized
00222 1557746883 * ==> 192.168.1.101:5060       OPTIONS sip:101@192.168.1.101:5060 SIP/2.0
00223 1557746883 * <== 192.168.1.101:5060       SIP/2.0 200 OK
00224 1557746890 * ==> 192.168.1.108:5060       OPTIONS sip:108@192.168.1.108:5060 SIP/2.0
00225 1557746890 * <== 192.168.1.108:5060       SIP/2.0 200 OK
00226 1557746903 * ==> 192.168.1.104:5060       OPTIONS sip:104@192.168.1.104:5060 SIP/2.0
00227 1557746903 * <== 192.168.1.104:5060       SIP/2.0 200 OK
00228 1557746909 * ==> 192.168.1.110:5060       OPTIONS sip:110@192.168.1.110:5060 SIP/2.0
00229 1557746909 * <== 192.168.1.110:5060       SIP/2.0 200 OK
00230 1557746909 * <== 192.168.1.151:5060       OPTIONS sip:192.168.1.18 SIP/2.0
00231 1557746909 * ==> 192.168.1.151:5060       SIP/2.0 401 Unauthorized
00232 1557746909 * <== 192.168.1.151:5060       OPTIONS sip:192.168.1.18 SIP/2.0
00233 1557746909 * ==> 192.168.1.151:5060       SIP/2.0 200 OK
00234 1557746912 * ==> 82.178.22.45:42802       OPTIONS sip:140@82.178.22.45:42802;transport=TLS SIP/2.0
00235 1557746912 * <== 82.178.22.45:42802       SIP/2.0 200 OK
00236 1557746918 * ==> 192.168.1.103:5060       OPTIONS sip:103@192.168.1.103:5060 SIP/2.0
00237 1557746918 * <== 192.168.1.103:5060       SIP/2.0 200 OK
00238 1557746918 * ==> 192.168.1.102:5060       OPTIONS sip:102@192.168.1.102:5060 SIP/2.0
00239 1557746918 * <== 192.168.1.102:5060       SIP/2.0 200 OK
00240 1557746921 * ==> 192.168.1.151:5060       OPTIONS sip:151@192.168.1.151:5060;line=2690f3e684d1ac8 SIP/2.0
00241 1557746921 * <== 192.168.1.151:5060       SIP/2.0 200 OK
00242 1557746922 * ==> 192.168.1.105:5060       OPTIONS sip:105@192.168.1.105:5060 SIP/2.0
00243 1557746922 * <== 192.168.1.105:5060       SIP/2.0 200 OK
00244 1557746923 * <== 192.168.1.107:5060       REGISTER sip:192.168.1.18 SIP/2.0
00245 1557746923 * ==> 192.168.1.107:5060       SIP/2.0 401 Unauthorized
00246 1557746923 * <== 192.168.1.107:5060       REGISTER sip:192.168.1.18 SIP/2.0
00247 1557746923 * ==> 192.168.1.107:5060       SIP/2.0 200 OK
00248 1557746926 * <== 192.168.1.104:5060       REGISTER sip:192.168.1.18 SIP/2.0
00249 1557746926 * ==> 192.168.1.104:5060       SIP/2.0 401 Unauthorized
00250 1557746926 * <== 192.168.1.104:5060       REGISTER sip:192.168.1.18 SIP/2.0
00251 1557746926 * ==> 192.168.1.104:5060       SIP/2.0 200 OK
00252 1557746927 * <== 192.168.1.161:5060       REGISTER sip:192.168.1.18 SIP/2.0
00253 1557746927 * ==> 192.168.1.161:5060       SIP/2.0 401 Unauthorized
00254 1557746929 * ==> 192.168.1.106:5060       OPTIONS sip:106@192.168.1.106:5060 SIP/2.0
00255 1557746929 * <== 192.168.1.106:5060       SIP/2.0 200 OK
00256 1557746930 * ==> 46.140.240.122:45461     OPTIONS sip:140@46.140.240.122:45461;transport=TLS SIP/2.0
00257 1557746931 * <== 46.140.240.122:45461     SIP/2.0 200 OK
00258 1557746933 * <== 192.168.1.108:5060       REGISTER sip:192.168.1.18 SIP/2.0
00259 1557746933 * ==> 192.168.1.108:5060       SIP/2.0 401 Unauthorized
00260 1557746933 * <== 192.168.1.108:5060       REGISTER sip:192.168.1.18 SIP/2.0
00261 1557746933 * ==> 192.168.1.108:5060       SIP/2.0 200 OK
00262 1557746935 * <== 192.168.1.103:5060       REGISTER sip:192.168.1.18 SIP/2.0
00263 1557746935 * ==> 192.168.1.103:5060       SIP/2.0 401 Unauthorized
00264 1557746935 * <== 192.168.1.103:5060       REGISTER sip:192.168.1.18 SIP/2.0
00265 1557746935 * ==> 192.168.1.103:5060       SIP/2.0 200 OK
00266 1557746938 * ==> 192.168.1.107:5060       OPTIONS sip:107@192.168.1.107:5060 SIP/2.0
00267 1557746938 * <== 192.168.1.107:5060       SIP/2.0 200 OK
00268 1557746939 * <== 192.168.1.151:5060       OPTIONS sip:192.168.1.18 SIP/2.0
00269 1557746939 * ==> 192.168.1.151:5060       SIP/2.0 401 Unauthorized
00270 1557746939 * <== 192.168.1.151:5060       OPTIONS sip:192.168.1.18 SIP/2.0
00271 1557746939 * ==> 192.168.1.151:5060       SIP/2.0 200 OK
00272 1557746943 * ==> 192.168.1.101:5060       OPTIONS sip:101@192.168.1.101:5060 SIP/2.0
00273 1557746943 * <== 192.168.1.101:5060       SIP/2.0 200 OK
00274 1557746943 * <== 192.168.1.106:5060       REGISTER sip:192.168.1.18 SIP/2.0
00275 1557746943 * ==> 192.168.1.106:5060       SIP/2.0 401 Unauthorized
00276 1557746943 * <== 192.168.1.106:5060       REGISTER sip:192.168.1.18 SIP/2.0
00277 1557746944 * ==> 192.168.1.106:5060       SIP/2.0 200 OK
00278 1557746945 * <== 192.168.1.102:5060       REGISTER sip:192.168.1.18 SIP/2.0
00279 1557746945 * ==> 192.168.1.102:5060       SIP/2.0 401 Unauthorized
00280 1557746945 * <== 192.168.1.102:5060       REGISTER sip:192.168.1.18 SIP/2.0
00281 1557746945 * ==> 192.168.1.102:5060       SIP/2.0 200 OK
00282 1557746948 * <== 192.168.1.105:5060       REGISTER sip:192.168.1.18 SIP/2.0
00283 1557746948 * ==> 192.168.1.105:5060       SIP/2.0 401 Unauthorized
00284 1557746948 * <== 192.168.1.105:5060       REGISTER sip:192.168.1.18 SIP/2.0
00285 1557746948 * ==> 192.168.1.105:5060       SIP/2.0 200 OK
00286 1557746949 * <== 192.168.1.110:5060       REGISTER sip:192.168.1.18 SIP/2.0
00287 1557746949 * ==> 192.168.1.110:5060       SIP/2.0 401 Unauthorized
00288 1557746949 * <== 192.168.1.110:5060       REGISTER sip:192.168.1.18 SIP/2.0
00289 1557746949 * ==> 192.168.1.110:5060       SIP/2.0 200 OK
00290 1557746950 * ==> 192.168.1.108:5060       OPTIONS sip:108@192.168.1.108:5060 SIP/2.0
00291 1557746950 * <== 192.168.1.108:5060       SIP/2.0 200 OK
00292 1557746963 * ==> 192.168.1.104:5060       OPTIONS sip:104@192.168.1.104:5060 SIP/2.0
00293 1557746963 * <== 192.168.1.104:5060       SIP/2.0 200 OK
00294 1557746969 * ==> 192.168.1.110:5060       OPTIONS sip:110@192.168.1.110:5060 SIP/2.0
00295 1557746969 * <== 192.168.1.110:5060       SIP/2.0 200 OK
00296 1557746969 * <== 192.168.1.151:5060       OPTIONS sip:192.168.1.18 SIP/2.0
00297 1557746969 * ==> 192.168.1.151:5060       SIP/2.0 401 Unauthorized
00298 1557746969 * <== 192.168.1.151:5060       OPTIONS sip:192.168.1.18 SIP/2.0
00299 1557746969 * ==> 192.168.1.151:5060       SIP/2.0 200 OK
00300 1557746972 * ==> 82.178.22.45:42802       OPTIONS sip:140@82.178.22.45:42802;transport=TLS SIP/2.0
00301 1557746972 * <== 82.178.22.45:42802       SIP/2.0 200 OK
00302 1557746978 * ==> 192.168.1.103:5060       OPTIONS sip:103@192.168.1.103:5060 SIP/2.0
00303 1557746978 * <== 192.168.1.103:5060       SIP/2.0 200 OK
00304 1557746978 * ==> 192.168.1.102:5060       OPTIONS sip:102@192.168.1.102:5060 SIP/2.0
00305 1557746978 * <== 192.168.1.102:5060       SIP/2.0 200 OK
00306 1557746981 * ==> 192.168.1.151:5060       OPTIONS sip:151@192.168.1.151:5060;line=2690f3e684d1ac8 SIP/2.0
00307 1557746981 * <== 192.168.1.151:5060       SIP/2.0 200 OK
00308 1557746982 * ==> 192.168.1.105:5060       OPTIONS sip:105@192.168.1.105:5060 SIP/2.0
00309 1557746982 * <== 192.168.1.105:5060       SIP/2.0 200 OK
00310 1557746989 * ==> 192.168.1.106:5060       OPTIONS sip:106@192.168.1.106:5060 SIP/2.0
00311 1557746989 * <== 192.168.1.106:5060       SIP/2.0 200 OK
00312 1557746990 * ==> 46.140.240.122:45461     OPTIONS sip:140@46.140.240.122:45461;transport=TLS SIP/2.0
00313 1557746991 * <== 46.140.240.122:45461     SIP/2.0 200 OK
00314 1557746997 * <== 192.168.1.152:5060       REGISTER sip:192.168.1.18 SIP/2.0
00315 1557746997 * ==> 192.168.1.152:5060       SIP/2.0 401 Unauthorized
00316 1557746998 * ==> 192.168.1.107:5060       OPTIONS sip:107@192.168.1.107:5060 SIP/2.0
00317 1557746998 * <== 192.168.1.107:5060       SIP/2.0 200 OK
00318 1557746999 * <== 192.168.1.151:5060       OPTIONS sip:192.168.1.18 SIP/2.0
00319 1557746999 * ==> 192.168.1.151:5060       SIP/2.0 401 Unauthorized
00320 1557746999 * <== 192.168.1.151:5060       OPTIONS sip:192.168.1.18 SIP/2.0
00321 1557746999 * ==> 192.168.1.151:5060       SIP/2.0 200 OK
00322 1557747003 * <== 192.168.1.153:5060       REGISTER sip:192.168.1.18 SIP/2.0
00323 1557747003 * ==> 192.168.1.153:5060       SIP/2.0 401 Unauthorized
00324 1557747010 * ==> 46.140.240.122:45461     OPTIONS sip:140@46.140.240.122:45461;transport=TLS SIP/2.0
00325 1557747010 * <== 46.140.240.122:45461     SIP/2.0 200 OK

Seems these devices are taking long time to attempt REGISTER with the new nonce

#17

This is what the CSeq is for, after each 401 the CSeq for the REGISTER should go up +1. So if you look at extension 152 in all of this you will see it have a CSeq of 19332 in the first REGISTER for it you see in the original pastebin. After the 401 to it, the next one has a CSeq of 193333 but it’s still getting 401’s back and the CSeq keeps being increased

Is this DnakeVoip agent the only one having this problem?

#18

I think it is more a case that are wronlgy treating the register as having worked, so not sending another until it is due.

#19

I used retransmit loosely. The CSEQ should increae when resending with a revised nonce. The issue here is that the send with the revised nonce should have happened in milliseconds, not in hte minutes the logs show.

The CSEQ doesn’t tell me whether it is milliseconds or mnutes later.

Increasing hte nonce timeout may make things a bit better, but I would think there would still be a risk of registrations dropping out, and, of course, youj are increasing your vlunerabiliy to a replay attack.

#20

Yes there are two types of devices from Dnake that we use and both have the issues, other devices are OK.