PJSIP Inbound Trunk Config

I have three servers. Two of them are at a data center providing SIP trunking to the third. One is running Asterisk 13 with chan_sip and the other Asterisk 16 with chan_pjsip.

The third is at an offsite location, and it registers with both of the other two. It’s also running Asterisk 13 with chan_sip. Outbound calls go to the Asterisk 13 server, and inbound calls come from the Asterisk 16 server. All is well here.

I want to eliminate the Asterisk 13 server at the data center from the mix, so that the Asterisk 16 server provides outbound calling as well. However, when I try to direct calls from the offsite location to the Asterisk 16 server, it fails. The trunk configurations on the offsite server for the two are identical, with the exception of the host= parameter of course. A successful outbound call to the Asterisk 13 server, with SIP debugging set ON shows an “INVITE” followed by a “100 Trying” response. The same “INVITE” sent to the Asterisk 16 server returns “401 Unauthorized” even though the INVITE packet contained the authorization details. The logs on the Asterisk 16 server show the following:

[2022-09-20 20:27:43] NOTICE[12892] res_pjsip/pjsip_distributor.c: Request ‘INVITE’ from ‘“” <sip:@10.1.50.2>’ failed for ‘:52818’ (callid: 15651e93792f618d7f2dc3f030be2f33@10.1.50.2:0) - Failed to authenticate

But the trunk does register and authenticate properly (again, calls in the other direction through this server work). The only thing I can think of is that my PJSIP endpoint definition on the Asterisk 16 server is not effectively the same as my SIP peer definition on the Asterisk 13 server. However, I have very little experience with PJSIP so I’m not sure how to go about troubleshooting this.

What should I be looking at to troubleshoot this? Or, what information can I post here that would be helpful in identifying the issue?

You need to supply a complete SIP trace. A single 401 usually doesn’t matter. This is what one would expect, because the other side decides whether the request is challenged or not.

The PJSIP configuration should also be provided, otherwise we’re just guessing. The chan_sip config can also be provided to compare.

That’s not possible. The authentication details contain information that can only come from the 401 to the initial INVITE. Also the NOTICE message is associated with 403, not 401.

I appreciate the responses in helping me where to look. I was able to determine that I was missing the “identify_by” parameter in my PJSIP endpoint configuration, so it wasn’t able to determine for which endpoint the call was related. Adding that and reloaded, calls are now flowing properly. So this has been resolved.