Asterisk 11.5 IAX RSA authentication

I have installed v11.5 and made a IAX trunk to an Asterisk 1.4.26 :blush:

I can send calls from 11.5 to 1.4 but not viceversa because 1.4 cannot authenticate with RSA. It says:

NOTICE[2650]: chan_iax2.c:5922 authenticate: Asked to authenticate to 192.168.xxx.xxx with an RSA key, but they don't allow RSA authentication WARNING[2650]: chan_iax2.c:8337 socket_process: I don't know how to authenticate asterisk1 to 192.168.xxx.xxx

IAX debug from Ast 11.5:

[quote]Rx-Frame Retry[ No] – OSeqno: 000 ISeqno: 000 Type: IAX Subclass: NEW
Timestamp: 00016ms SCall: 16384 DCall: 00000 [192.168.yyy.yyy:4569]
VERSION : 2

(omitted)

Tx-Frame Retry[000] – OSeqno: 000 ISeqno: 001 Type: IAX Subclass: AUTHREQ
Timestamp: 00014ms SCall: 06013 DCall: 16384 [192.168.yyy.yyy:4569]
[size=140] AUTHMETHODS : 3[/size]
CHALLENGE : \x31\x37\x37\x34\x30\x37\x31\x38\x37
USERNAME : asterisk1

Rx-Frame Retry[ No] – OSeqno: 001 ISeqno: 001 Type: IAX Subclass: ACK
Timestamp: 00014ms SCall: 16384 DCall: 06013 [192.168.yyy.yyy:4569]
Rx-Frame Retry[ No] – OSeqno: 001 ISeqno: 001 Type: IAX Subclass: HANGUP
Timestamp: 00107ms SCall: 16384 DCall: 06013 [192.168.yyy.yyy:4569]
CAUSE CODE : 0
[/quote]

11.5 is sending AUTHMETHODS = 3 (Unassigned) when it should be AUTHMETHODS = 4 (RSA).

Is it a bug in 11.x and 1.4 is working properly? Or should 1.4 respond with the RSA key anyways?

Thanks.


“keys show” show pub/priv keys loaded correctly with same sums.
“iax2 show peers” show status: OK

config files:

iax.conf Ast v11.5:

[asterisk1] type = friend host = xxxxxxx.xxxx.xxx auth = rsa trunk = yes context = xxxxxx qualify = yes inkeys = asterisk1 ; remote's pub key outkey = asterisk-telycom ; local priv key requirecalltoken = no jitterbuffer = no username = asterisk-telycom

iax.conf Ast v1.4

[asterisk-telycom] type=friend host=yyyy.yyyy.yyy requirecalltoken=no auth=rsa inkeys=asterisk-telycom outkey=asterisk1 username=asterisk1 trunk=yes jitterbuffer=no disallow=all allow=alaw allow=gsm context=xxxxx qualify=yes

SOLVED.

I have learnt that Asterisk sends AUTHMETHODS=3 when there is something wrong with authentication OR something wrong in the calling process. For instance, when there is not “such extension/context”.

My problem was that Ast v1.4 forced me to use a context I don’t have (in IAX.CONF it had “peercontext” option).

But asterisk didn’t tell us. Just AUTHMETHODS = 3 and HANGUP. :frowning: :frowning: :frowning:

I am also having difficulty registering my PBXs with RSA keys. I am currently running Asterisk 13.18.3 on both servers and can get them to authenticate with MD5 passphrases.

The issue that I am having is Asterisk locating the RSA keys. I have put them in the /var/lib/asterisk/keys/ directory and have changed ownership over to Asterisk:Asterisk. I do a “Keys init” in asterisk but Asterisk can’t find them or see them. I am not sure. I was following this guide: https://www.voip-info.org/wiki/view/Asterisk+iax+rsa+auth

Any help would be great!