Auth_rejection_permanent functionality

Hello,
I don’t know if I misunderstood meaning of this option or it is not working properly.
I have SIP trunk configured with registration.
In registration I have set ‘auth_rejection_permanent = no’.
If I look on registration in CLI I see: ‘auth_rejection_permanent : false’.
But if asterisk receives 403 answer it will stop outbound registration and ignores this setting.
Doesn’t matter if I configure it directly in pjsip.conf or by wizard.
Here is trace with asterisk WARNING:

<--- Transmitting SIP request (564 bytes) to UDP:1.1.1.1:5060 --->
REGISTER sip:sbc.provider.net SIP/2.0
Via: SIP/2.0/UDP 2.2.2.2:5060;rport;branch=z9hG4bKPj99af0257-e6f9-4dc8-abc8-b71740602aca
From: <sip:authiduathid@sbc.provider.net>;tag=25d3cdae-6787-4fd3-9f2f-0ad0ddbecab1
To: <sip:authiduathid@sbc.provider.net>
Call-ID: fedc62d5-cebc-4974-b204-e40e3bfefd2b
CSeq: 22112 REGISTER
Contact: <sip:nnnnnnnnn@2.2.2.2:5060>
Expires: 60
Allow: OPTIONS, REGISTER, SUBSCRIBE, NOTIFY, PUBLISH, INVITE, ACK, BYE, CANCEL, UPDATE, PRACK, MESSAGE, REFER
Max-Forwards: 70
User-Agent: Asterisk PBX
Content-Length:  0


<--- Received SIP response (359 bytes) from UDP:1.1.1.1:5060 --->
SIP/2.0 100 Trying
Call-ID: fedc62d5-cebc-4974-b204-e40e3bfefd2b
CSeq: 22112 REGISTER
From: <sip:authiduathid@sbc.provider.net>;tag=25d3cdae-6787-4fd3-9f2f-0ad0ddbecab1
To: <sip:authiduathid@sbc.provider.net>
Via: SIP/2.0/UDP 2.2.2.2:5060;received=2.2.2.2;rport=5060;branch=z9hG4bKPj99af0257-e6f9-4dc8-abc8-b71740602aca
Content-Length: 0


<--- Received SIP response (406 bytes) from UDP:1.1.1.1:5060 --->
SIP/2.0 403 authentication failed
Call-ID: fedc62d5-cebc-4974-b204-e40e3bfefd2b
CSeq: 22112 REGISTER
From: <sip:authiduathid@sbc.provider.net>;tag=25d3cdae-6787-4fd3-9f2f-0ad0ddbecab1
To: <sip:authiduathid@sbc.provider.net>;tag=01-32551-b5f37b2e-1635edf14
Via: SIP/2.0/UDP 2.2.2.2:5060;received=2.2.2.2;rport=5060;branch=z9hG4bKPj99af0257-e6f9-4dc8-abc8-b71740602aca
Content-Length: 0


[Jun 10 14:22:36.936] WARNING[108826]: res_pjsip_outbound_registration.c:1006 handle_registration_response: Fatal response '403' received from 'sip:sbc.provider.net' on registration attempt to 'sip:authiduathid@sbc.provider.net', stopping outbound registration

Did I miss something?

Thank you
Tomas Podolsky

The option does not apply to that response. You can use the “forbidden_retry_interval” and “max_retries” options to have it continue to try though.

So if I understand it well, ‘auth_rejection_permanent’ is STRICTLY applicable to failed authentication challenge only?

Yes, that is correct.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.