Hello
Using chan_sip, I am getting random 403 to INVITE, while they look correct to me. Client sends a REGISTER, and a little bit later (before expires), sends an INVITE, gets a 401 back, sends an INVITE with credential and proper nonce, but gets a 403 by my asterisk server, while a message ‘Failed to authenticate device From: “0999887766” sip:0999887766@cl.ie.nt.ip:5062;tag=as7dcafed0’ appears on the CLI.
The client is defined as
[myusername]
host=dynamic
type=peer
etc…
insecure is not defined, No sip peer match the From (“0999887766”)
The SIP exchange is detailed below.
I would really like to understand why these 403 pop suddenly.
Regards,
J.
U 2019/05/21 14:12:52.262311 cl.ie.nt.ip:5062 -> se.rv.er.ip:5060
REGISTER sip:sip.myrealm.fr SIP/2.0..Via: SIP/2.0/UDP cl.ie.nt.ip:5062;branch=z9hG4bK2e51e6b3..Max-Forwards: 70..From: <sip:myusername@sip.myrealm.fr>;ta
g=as177dae82..To: <sip:myusername@sip.myrealm.fr>..Call-ID: 05e06a1c2f95884b4456e65c41ec309a@cl.ie.nt.ip..CSeq: 29444 REGISTER..Supported: replaces, timer..U
ser-Agent: Asterisk PBX..Authorization: Digest username="myusername", realm="myrealm.fr", algorithm=MD5, uri="sip:sip.myrealm.fr", nonce="75946caf", respon
se="1afdfe668c8bc2db532dae5c437bc4dc"..Expires: 120..Contact: <sip:s@cl.ie.nt.ip:5062>..Content-Length: 0....
#
U 2019/05/21 14:12:52.262802 se.rv.er.ip:5060 -> cl.ie.nt.ip:5062
SIP/2.0 200 OK..Via: SIP/2.0/UDP cl.ie.nt.ip:5062;branch=z9hG4bK2e51e6b3;received=cl.ie.nt.ip..From: <sip:myusername@sip.myrealm.fr>;tag=as177dae82..To: <s
ip:myusername@sip.myrealm.fr>;tag=as07f8bf43..Call-ID: 05e06a1c2f95884b4456e65c41ec309a@cl.ie.nt.ip..CSeq: 29444 REGISTER..Server: asteriskServer..Allow: INVITE,
ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE..Supported: replaces, timer..Expires: 180..Contact: <sip:s@cl.ie.nt.ip:5062>;expires
=180..Date: Tue, 21 May 2019 18:12:52 GMT..Content-Length: 0....
#
U 2019/05/21 14:13:04.306602 cl.ie.nt.ip:5062 -> se.rv.er.ip:5060
INVITE sip:0123456789@sip.myrealm.fr:5060 SIP/2.0..Via: SIP/2.0/UDP cl.ie.nt.ip:5062;branch=z9hG4bK3085aff0;rport..Max-Forwards: 70..From: "0999887766" <sip:
0999887766@cl.ie.nt.ip:5062>;tag=as7dcafed0..To: <sip:0123456789@sip.myrealm.fr:5060>..Contact: <sip:0999887766@cl.ie.nt.ip:5062>..Call-ID: 696a107d7bbf9b2
f20c246290da02be1@cl.ie.nt.ip:5062..CSeq: 102 INVITE..User-Agent: Asterisk PBX..Date: Tue, 21 May 2019 18:13:04 GMT..Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, RE
FER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE..Supported: replaces, timer..Content-Type: application/sdp..Content-Length: 275....v=0..o=root 715796804 715796804 I
N IP4 cl.ie.nt.ip..s=Asterisk PBX 13.15.0..c=IN IP4 cl.ie.nt.ip..t=0 0..m=audio 18588 RTP/AVP 18 101..a=rtpmap:18 G729/8000..a=fmtp:18 annexb=no..a=rtpmap:101
telephone-event/8000..a=fmtp:101 0-16..a=ptime:20..a=maxptime:230..a=sendrecv..
#
U 2019/05/21 14:13:04.306955 se.rv.er.ip:5060 -> cl.ie.nt.ip:5062
SIP/2.0 401 Unauthorized..Via: SIP/2.0/UDP cl.ie.nt.ip:5062;branch=z9hG4bK3085aff0;received=cl.ie.nt.ip;rport=5062..From: "0999887766" <sip:0999887766@137.74.1
54.86:5062>;tag=as7dcafed0..To: <sip:0123456789@sip.myrealm.fr:5060>;tag=as34b75b4d..Call-ID: 696a107d7bbf9b2f20c246290da02be1@cl.ie.nt.ip:5062..CSeq: 102 IN
VITE..Server: asteriskServer..Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE..Supported: replaces, timer..WWW-Authenticate:
Digest algorithm=MD5, realm="myrealm.fr", nonce="7a22b4d5"..Content-Length: 0....
#
U 2019/05/21 14:13:04.453110 cl.ie.nt.ip:5062 -> se.rv.er.ip:5060
ACK sip:0123456789@sip.myrealm.fr:5060 SIP/2.0..Via: SIP/2.0/UDP cl.ie.nt.ip:5062;branch=z9hG4bK3085aff0;rport..Max-Forwards: 70..From: "0999887766" <sip:059
6700667@cl.ie.nt.ip:5062>;tag=as7dcafed0..To: <sip:0123456789@sip.myrealm.fr:5060>;tag=as34b75b4d..Contact: <sip:0999887766@cl.ie.nt.ip:5062>..Call-ID: 696
a107d7bbf9b2f20c246290da02be1@cl.ie.nt.ip:5062..CSeq: 102 ACK..User-Agent: Asterisk PBX..Content-Length: 0....
#
U 2019/05/21 14:13:04.457121 cl.ie.nt.ip:5062 -> se.rv.er.ip:5060
INVITE sip:0123456789@sip.myrealm.fr:5060 SIP/2.0..Via: SIP/2.0/UDP cl.ie.nt.ip:5062;branch=z9hG4bK004e116a;rport..Max-Forwards: 70..From: "0999887766" <sip:
0999887766@cl.ie.nt.ip:5062>;tag=as7dcafed0..To: <sip:0123456789@sip.myrealm.fr:5060>..Contact: <sip:0999887766@cl.ie.nt.ip:5062>..Call-ID: 696a107d7bbf9b2
f20c246290da02be1@cl.ie.nt.ip:5062..CSeq: 103 INVITE..User-Agent: Asterisk PBX..Authorization: Digest username="myusername", realm="myrealm.fr", algorithm=MD
5, uri="sip:0123456789@sip.myrealm.fr:5060", nonce="7a22b4d5", response="5dddc058623ed01171e4b0de07dd7aa5"..Date: Tue, 21 May 2019 18:13:04 GMT..Allow: INVITE,
ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE..Supported: replaces, timer..Content-Type: application/sdp..Content-Length: 275....v=0
..o=root 715796804 715796805 IN IP4 cl.ie.nt.ip..s=Asterisk PBX 13.15.0..c=IN IP4 cl.ie.nt.ip..t=0 0..m=audio 18588 RTP/AVP 18 101..a=rtpmap:18 G729/8000..a=fm
tp:18 annexb=no..a=rtpmap:101 telephone-event/8000..a=fmtp:101 0-16..a=ptime:20..a=maxptime:230..a=sendrecv..
#
U 2019/05/21 14:13:04.457394 se.rv.er.ip:5060 -> cl.ie.nt.ip:5062
SIP/2.0 403 Forbidden..Via: SIP/2.0/UDP cl.ie.nt.ip:5062;branch=z9hG4bK004e116a;received=cl.ie.nt.ip;rport=5062..From: "0999887766" <sip:0999887766@137.74.154.
86:5062>;tag=as7dcafed0..To: <sip:0123456789@sip.myrealm.fr:5060>;tag=as34b75b4d..Call-ID: 696a107d7bbf9b2f20c246290da02be1@cl.ie.nt.ip:5062..CSeq: 103 INVIT
E..Server: asteriskServer..Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE..Supported: replaces, timer..Content-Length: 0...