Issue registering in grandstream

isthari · November 14, 2023, 10:47am

I have an grandstream PBX in the cloud
I need to register asterisk in that PBX to make calls

Some times the registration is ok, sometimes is not working

This is the configuration

[USER]
type=registration
transport=transport-udp-nat
outbound_auth=USER
server_uri=sip:USER@GRANDSTREAM.COM:7160
client_uri=sip:USER@GRANDSTREAM.COM
retry_interval=60
expiration=120
contact_user=3021
max_retries=0

[USER]
type=auth
auth_type=userpass
password=PASSWORD
username=USER

[USER]
type=aor
contact=sip:GRANDSTREAM.COM

[USER]
type=endpoint
transport=transport-udp-nat
context=USER
disallow=all
allow=opus
outbound_auth=USER
aors=USER
from_user=USER
direct_media=no

Sometimes asterisk sends the first REGISTER, grandstream answers with 401 unauthorized and the nonce, but asterisk does not send the new register with the password
This is the full capture

REGISTER sip:USER@GRANDSTREAM.COM:7160 SIP/2.0
Via: SIP/2.0/UDP ASTERISK-IP:5060;rport;branch=z9hG4bKPj31545c4c-3176-407b-9b49-ab98c4922025
From: <sip:USER@GRANDSTREAM.COM>;tag=2ca783ba-bfb5-4032-b0f8-8c44cf001ca9
To: <sip:USER@GRANDSTREAM.COM>
Call-ID: b482ecfd-dfe1-4864-95f5-15a31efd765c
CSeq: 30348 REGISTER
Contact: <sip:USER@ASTERISK-IP:5060>
Expires: 120
Allow: OPTIONS, REGISTER, SUBSCRIBE, NOTIFY, PUBLISH, INVITE, ACK, BYE, CANCEL, UPDATE, PRACK, REFER, MESSAGE
Max-Forwards: 70
User-Agent: Asterisk PBX 16.2.1~dfsg-2ubuntu1
Content-Length:  0


SIP/2.0 401 Unauthorized
Via: SIP/2.0/UDP ASTERISK-IP:5060;rport=5060;received=ASTERISK-IP;branch=z9hG4bKPj31545c4c-3176-407b-9b49-ab98c4922025
Call-ID: b482ecfd-dfe1-4864-95f5-15a31efd765c
From: <sip:USER@GRANDSTREAM.COM>;tag=2ca783ba-bfb5-4032-b0f8-8c44cf001ca9
To: <sip:USER@GRANDSTREAM.COM>;tag=z9hG4bKPj31545c4c-3176-407b-9b49-ab98c4922025
CSeq: 30348 REGISTER
WWW-Authenticate: Digest realm="grandstream",nonce="1699960608/39a8e7a335e68a33c888d6ae31beb479",opaque="48e793d541b1e193",algorithm=md5,qop="auth"
Server: Grandstream UCM6302V1.2C 1.0.15.10
Content-Length:  0

david551 · November 14, 2023, 1:26pm

What does Asterisk log when it receives the 401 response?

isthari · November 14, 2023, 7:23pm

File /var/log/asterisk/full has nothing, only

res_pjsip_outbound_registration.c:977 handle_registration_response: Maximum retries reached when attempting outbound registration to 'sip:USER@GRANDSTREAM.COM:7160' with client 'sip:USER@GRANDSTREAM.COM', stopping registration attempt

david551 · November 14, 2023, 7:55pm

Where did you capture the 401 response?

isthari · November 15, 2023, 9:56am

I’ve capture the data with tcpdump

If I execute
pjsip set logger on

After enable logging, I only have the outbound REGISTER in the log, but I cannot see the 401 message in the asterisk log

david551 · November 15, 2023, 2:29pm

Either the port number is wrong in the destination of the 401, or its sender is being blocked by the Linux (iptables) firewall.

isthari · November 15, 2023, 4:07pm

Thank you very much !

Grandstream was sending NOTIFY and OPTIONS messages.
Fail2ban detects these messages and finally blocks the IP address

Solved adding the ip address to fail2ban whitelist