Asterisk ignores 407 authentication request for MessageSend

Asterisk Asterisk SIP
1

I am trying to send SMS via asterisk.
I added the following lines to sip.conf:

accept_outofcall_message = yes
outofcall_message_context = messages
auth_message_requests = yes

And my message context in dialplan is:

[messages]
exten => _XX,1,MessageSend(sip:${EXTEN},"${CALLERID(name)}"${MESSAGE(from)})
exten => _XXXXXXXX,1,MessageSend(sip:${EXTEN}@myisp.com,""<sip:username@myisp.com>)

I successfully may send IM between extensions.
But if I try to send SMS to the outside number, my sip provider asks for authentication which asterisk ignores.

<--- SIP read from UDP:192.168.1.5:59688 --->
MESSAGE sip:88888888@192.168.1.4 SIP/2.0
Via: SIP/2.0/UDP 192.168.1.5:59688;rport;branch=z9hG4bKPj3bad6edd8c074235949866c2a2dabb2a
Max-Forwards: 70
From: <sip:01@192.168.1.4>;tag=a57fe3bb3bb443c883d6ed07e7ad8c3f
To: <sip:88888888@192.168.1.4>
Call-ID: 561a6ecf40cc48c48a87753263bac453
CSeq: 2933 MESSAGE
Accept: text/plain, application/im-iscomposing+xml
User-Agent: MicroSIP/3.19.17
Route: <sip:192.168.1.4;lr>
Authorization: Digest username="01", realm="asterisk", nonce="7b7aebc2", uri="sip:88888888@192.168.1.4", response="ba56f722bb453a214b8d12cf94e328de", algorithm=MD5
Content-Type: text/plain
Content-Length: 4

asdf
<------------->
--- (13 headers 1 lines) ---
Receiving message!
Found peer '01' for '01' from 192.168.1.5:59688
Looking for 88888888 in messages (domain 192.168.1.4)

<--- Transmitting (no NAT) to 192.168.1.5:59688 --->
SIP/2.0 202 Accepted
Via: SIP/2.0/UDP 192.168.1.5:59688;branch=z9hG4bKPj3bad6edd8c074235949866c2a2dabb2a;received=192.168.1.5;rport=59688
From: <sip:01@192.168.1.4>;tag=a57fe3bb3bb443c883d6ed07e7ad8c3f
To: <sip:88888888@192.168.1.4>;tag=as4e7b3b54
Call-ID: 561a6ecf40cc48c48a87753263bac453
CSeq: 2933 MESSAGE
Server: Asterisk PBX 15.7.3
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
Supported: replaces, timer
Content-Length: 0


<------------>
Scheduling destruction of SIP dialog '561a6ecf40cc48c48a87753263bac453' in 6400 ms (Method: MESSAGE)
    -- Executing [88888888@messages:1] MessageSend("Message/ast_msg_queue", "sip:88888888@myisp.com,""<sip:+77777777@myisp.com>") in new stack
Reliably Transmitting (no NAT) to myisp.com:5060:
MESSAGE sip:88888888@myisp.com SIP/2.0
Via: SIP/2.0/UDP 192.168.1.4:5060;branch=z9hG4bK73606fe4
Max-Forwards: 70
From: "asterisk" <sip:+77777777@myisp.com>;tag=as5e948041
To: <sip:88888888@myisp.com>
Contact: <sip:+77777777@192.168.1.4:5060>
Call-ID: 1c1632815fdd06374f43c1955264e960@127.0.1.1:5060
CSeq: 102 MESSAGE
User-Agent: Asterisk PBX 15.7.3
Content-Type: text/plain;charset=UTF-8
Content-Length: 4

asdf
---
Scheduling destruction of SIP dialog '1c1632815fdd06374f43c1955264e960@127.0.1.1:5060' in 32000 ms (Method: MESSAGE)
    -- Auto fallthrough, channel 'Message/ast_msg_queue' status is 'UNKNOWN'

<--- SIP read from UDP:myisp.com:5060 --->
SIP/2.0 407 Proxy Authentication Required
Via: SIP/2.0/UDP 192.168.1.4:5060;branch=z9hG4bK73606fe4
Call-ID: 1c1632815fdd06374f43c1955264e960@127.0.1.1:5060
From: "asterisk"<sip:+77777777@myisp.com>;tag=as5e948041
To: <sip:88888888@myisp.com>;tag=6kvx7v64
CSeq: 102 MESSAGE
Warning: 399 38002.588.S.261.12.102.0.17.34315.0.0.myisp.com "Proxy authentication required"
Reason: Q.850;cause=21,SIP;cause=407
Proxy-Authenticate: Digest realm="myisp.com",nonce="jRAwB6IWO+Up+WByL/ZGCA==",algorithm=MD5,qop="auth"
Content-Length: 0

<------------->
--- (10 headers 0 lines) ---
Really destroying SIP dialog '1c1632815fdd06374f43c1955264e960@127.0.1.1:5060' Method: MESSAGE

<--- SIP read from UDP:myisp.com:5060 --->
hello
<------------->
Really destroying SIP dialog '30e8958105222637443249k28105rmwp' Method: REGISTER
Really destroying SIP dialog '561a6ecf40cc48c48a87753263bac453' Method: MESSAGE

<--- SIP read from UDP:192.168.1.5:59688 --->

<------------->

I am able to successfully send SMS directly from softphone. Unlike asterisk, it responses to provider with following packet.

from myisp.com
User Datagram Protocol, Src Port: 5060, Dst Port: 54881
Session Initiation Protocol (407)
    Status-Line: SIP/2.0 407 Proxy Authentication Required
    Message Header
        Via: SIP/2.0/UDP 192.168.1.5:54881;branch=z9hG4bKPjd9b1dc4d7ae94fffa665dd88b306c04b;rport
        Call-ID: 84163001760a43409bc389a709c3a3cc
        [Generated Call-ID: 84163001760a43409bc389a709c3a3cc]
        From: <sip:+77777777@myisp.com>;tag=fbf7cd40c65d49af8a0479d246d04fd8
        To: <sip:88888888@myisp.com>;tag=4e6l4e4z
        CSeq: 23005 MESSAGE
        Warning: 399 38002.588.S.261.12.103.0.17.34315.0.0.myisp.com "Proxy authentication required"
        Reason: Q.850;cause=21,SIP;cause=407
        Proxy-Authenticate: Digest realm="myisp.com",nonce="pTC6Oa+VIWowZl+4+voIMw==",algorithm=MD5,qop="auth"
        Content-Length: 0
---------------------------------------------------------------------------------------------------------------------
to myisp.com
User Datagram Protocol, Src Port: 54881, Dst Port: 5060
Session Initiation Protocol (MESSAGE)
    Request-Line: MESSAGE sip:88888888@myisp.com SIP/2.0
    Message Header
        Via: SIP/2.0/UDP 192.168.1.5:54881;rport;branch=z9hG4bKPjd9d00cdb5f9c411faa40b0c5d5cf3145
        Max-Forwards: 70
        From: <sip:+77777777@myisp.com>;tag=fbf7cd40c65d49af8a0479d246d04fd8
        To: <sip:88888888@myisp.com>
        Call-ID: 84163001760a43409bc389a709c3a3cc
        [Generated Call-ID: 84163001760a43409bc389a709c3a3cc]
        CSeq: 23006 MESSAGE
        Accept: text/plain, application/im-iscomposing+xml
        User-Agent: MicroSIP/3.19.17
        Route: <sip:myisp.com;lr>
         [truncated]Proxy-Authorization: Digest username="+77777777@myisp.com", realm="myisp.com", nonce="pTC6Oa+VIWowZl+4+voIMw==", uri="sip:88888888@myisp.com", response="0c5235a285cef4c9e132af09bb4113d1", algorithm=MD5,
        Content-Type: text/plain
        Content-Length:    11

How to send SMS via asterisk

2

You haven’t provided your configuration to demonstrate that you have provided the information that would allow Asterisk to respond to 407. I can’t even tell whether you have a sip.conf entry for myisp.com.

You have not provided logging at a detail that shows how it reacts to the 407 internally.

You are not sending an SMS, you are sending a SIP message. If the provider turns that into an SMS, that is something outside Asterisk.

There is no longer any official support for chan_sip.

3

My full sip conf is:

[general]
accept_outofcall_message = yes
outofcall_message_context = messages
auth_message_requests = yes
register => +77777777@myisp.com:asdfdfdfdf:+77777777@myisp.com@myisp.com/+77777777

[77777777]
username=+77777777@myisp.com
type=friend
qualify=yes
secret=asdfdfdfdf
host=myisp.com
fromuser=+77777777
fromdomain=myisp.com
disallow=all
context=from-trunk
allow=ulaw&alaw

[01]
type=peer
context=from-internal
secret=password
host=dynamic
nat=no
qualify=yes
canreinvite=no
call-limit=1
dtmfmode=auto
disallow=all
allow=ulaw
allow=alaw

extensions.conf

[from-internal]
exten => _XX,1,Dial(SIP/${EXTEN})
exten => _XXXXXXXX,1,Dial(SIP/7777777/${EXTEN})

[from-trunk]
exten => +77777777,1,Dial(SIP/01)

[messages]
exten => _XX,1,MessageSend(sip:${EXTEN},"${CALLERID(name)}"${MESSAGE(from)})
exten => _XXXXXXXX,1,MessageSend(sip:${EXTEN}@myisp.com,""<sip:username@myisp.com>)

I may successfully call outside and receive calls. During outbound calls asterisk does respond to “407 authentication required” requests from INVITE. However, doesn’t respond to authentication requests from MESSAGE.
I may successfully send SIP messages to local extensions.
I may successfully send SMS via SIP using microsip or any other softphone. Provider translates SIP messages to SMS.

4

The description of MessageSend is not clear as to whether or not it always treats the URI literally, but it certainly won’t match any section in your sip.conf, so it will be treated lterally, so won’t take authentication information from sip.conf.

In any case, you don’t have the authentication section that would be needed to support handling 407 responses.

5

How to create the authentication section that would support 407 requests?

6

The whole purpose of the authentication section is to do that. It is documented in the sample configuration file.

7

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.