Problem passing caller-id via SIP to other Asterisk

Hello all,

I have two Asterisk boxes (both version 1.4.19) on the local network set up so they can call eachother using SIP, just as if one were a sip provider and the other my local PBX. The configuration is relatively simple and it works. Even passing caller-id from one box to the other works.
So far so good, but here’s the catch…

Now suppose that a call from machine A to machine B specifies a CALLERID(num) that happens to match a known peer (a SIP phone) on machine B. In that case machine B refuses the call. Any other caller-id works just fine.
At first this may seem a logical reaction, for example to prevent spoofing. However, both machines service a totally different domain so machine B can clearly see that the caller-id specifies something on machine A’s
domain, not the phone it has registered locally.

Here are the relevant parts of the config files from both machines:

—[machine A]—
sip.conf:
[general]
domain=testdomain.org
[AtoB] ;The link between the two Asterisk boxes
type=friend
host=192.168.1.222
username=AtoB
secret=welcome
context=IncomingFromB
[testphone] ;A phone registering to machine A
type=friend
host=dynamic
secret=guessthis
context=Localphones

extensions.conf:
[Localphones] ;Some fairly useless things that the testphone can call
exten => 5XX,1,Answer()
exten => 5XX,n,Set(CALLERID(num)=123)
exten => 5XX,n,Dial(SIP/AtoB/3${EXTEN:1},30)
exten => 5XX,n,Hangup()

—[machine B]—
sip.conf:
[general]
domain=companyX.com
[AtoB]
type=friend
host=192.168.1.111
username=AtoB
secret=welcome
context=IncomingFromA
[123] ;A phone registering to machine B
type=friend
host=dynamic
secret=foobar
context=LocalPhones

extensions.conf:
[IncomingFromA] ;Incoming calls should hear their caller-id spelled out
exten => 333,1,Answer()
exten => 333,n,SayDigits(${CALLERID(num)})
exten => 333,n,Hangup

I know this is not a very useful system, but it’s not impossible that two sites have an overlapping dialplan and therefore produce problematic caller-ids.

Now suppose that “testphone” on machine A dials 533. The call will arrive at machine B with an INVITE message containing sip:123@testdomain.org in the From: line. After the message exchange to force proxy authentication, machine B finally replies with a 403 Forbidden response.
The Asterisk CLI of machine B reports:

WARNING[5291]: chan_sip.c:8446 check_auth: username mismatch, have <123>, digest has
NOTICE[5291]: chan_sip.c:13888 handle_request_invite: Failed to authenticate user “Tester” sip:123@testdomain.org;tag=as52d363f3

When I change the caller-id to 5678 or foobar or whatever, there’s no problem. All SIP messages look just the same (except for the different caller-id of course) and machine B accepts the call without any protest.

Can anybody explain

  • why the Asterisk doesn’t honour the different SIP domains and
  • (most importantly) how I can configure things to avoid the problem?

Any tips or solutions are greatly appreciated.

cu

Lucas