I am trying to use Asterisk 13 across a WAN with SIP softphones and ATA’s. The server and client are on different private subnets, so there are routers and firewalls, but not NAT.
The problem is that remote softphones fail to ever register. Turning on SIP debug shows repeating REGISTER and SIP/2.0 401 Unauthorized messages over and over, but the authentication never completes (in fact, I never see the username and password sent).
Softphones in the same subnet as the server register immediately and work fine, so its obviously something to do with the data traversing the network, but I have confirmed with ncat that udp 5060 is definitely open between the client and server. I’ve tried every solution I could find on google (including every combination of nat= setting, insecure, canreinvite, localnet, tcp instead of udp, etc.)
I could have sworn I had this working at one point. I can’t figure out if I inadvertently changed some important setting or if something on our network changed (possibly some weird port redirection?) since then.
The following is an excerpt of the SIP debug. Client IP is 172.20.1.100 and server is at 192.168.2.200.
[Mar 12 21:30:43]
[Mar 12 21:30:43] <— SIP read from UDP:172.20.1.100:54719 —>
[Mar 12 21:30:43] REGISTER sip:192.168.2.200 SIP/2.0
[Mar 12 21:30:43] Via: SIP/2.0/UDP 172.20.1.100:5060;rport;branch=z9hG4bKPj3ed8ece0a5154b81a7e03116539ef418
[Mar 12 21:30:43] Max-Forwards: 70
[Mar 12 21:30:43] From: sip:1001@172.20.1.100;tag=d6dfd7db9c2c480697e838973e40a718
[Mar 12 21:30:43] To: sip:1001@172.20.1.100
[Mar 12 21:30:43] Call-ID: b56af895b181400a912fbbff224491f1
[Mar 12 21:30:43] CSeq: 43119 REGISTER
[Mar 12 21:30:43] User-Agent: PJSoftPhone::PJSUA v1.10.0/win32
[Mar 12 21:30:43] Contact: sip:1001@172.20.1.100:5060;ob
[Mar 12 21:30:43] Expires: 300
[Mar 12 21:30:43] Allow: PRACK, INVITE, ACK, BYE, CANCEL, UPDATE, SUBSCRIBE, NOTIFY, REFER, MESSAGE, OPTIONS
[Mar 12 21:30:43] Content-Length: 0
[Mar 12 21:30:43]
[Mar 12 21:30:43] <------------->
[Mar 12 21:30:43] — (12 headers 0 lines) —
[Mar 12 21:30:43] Sending to 172.20.1.100:54719 (no NAT)
[Mar 12 21:30:43] Sending to 172.20.1.100:54719 (no NAT)
[Mar 12 21:30:43]
[Mar 12 21:30:43] <— Transmitting (no NAT) to 172.20.1.100:54719 —>
[Mar 12 21:30:43] SIP/2.0 401 Unauthorized
[Mar 12 21:30:43] Via: SIP/2.0/UDP 172.20.1.100:5060;branch=z9hG4bKPj3ed8ece0a5154b81a7e03116539ef418;received=172.20.1.100;rport=54719
[Mar 12 21:30:43] From: sip:1001@172.20.1.100;tag=d6dfd7db9c2c480697e838973e40a718
[Mar 12 21:30:43] To: sip:1001@172.20.1.100;tag=as7aafb3eb
[Mar 12 21:30:43] Call-ID: b56af895b181400a912fbbff224491f1
[Mar 12 21:30:43] CSeq: 43119 REGISTER
[Mar 12 21:30:43] Server: Asterisk PBX 13.2.0
[Mar 12 21:30:43] Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
[Mar 12 21:30:43] Supported: replaces, timer
[Mar 12 21:30:43] WWW-Authenticate: Digest algorithm=MD5, realm=“asterisk”, nonce=“10068310”
[Mar 12 21:30:43] Content-Length: 0
[Mar 12 21:30:43]
[Mar 12 21:30:43]
[Mar 12 21:30:43] <------------>
[Mar 12 21:30:43] Scheduling destruction of SIP dialog ‘b56af895b181400a912fbbff224491f1’ in 32000 ms (Method: REGISTER)
[Mar 12 21:30:44]
[Mar 12 21:30:44] <— SIP read from UDP:172.20.1.100:54719 —>
[Mar 12 21:30:44] REGISTER sip:192.168.2.200 SIP/2.0
[Mar 12 21:30:44] Via: SIP/2.0/UDP 172.20.1.100:5060;rport;branch=z9hG4bKPj3ed8ece0a5154b81a7e03116539ef418
[Mar 12 21:30:44] Max-Forwards: 70
[Mar 12 21:30:44] From: sip:1001@172.20.1.100;tag=d6dfd7db9c2c480697e838973e40a718
[Mar 12 21:30:44] To: sip:1001@172.20.1.100
[Mar 12 21:30:44] Call-ID: b56af895b181400a912fbbff224491f1
[Mar 12 21:30:44] CSeq: 43119 REGISTER
[Mar 12 21:30:44] User-Agent: PJSoftPhone::PJSUA v1.10.0/win32
[Mar 12 21:30:44] Contact: sip:1001@172.20.1.100:5060;ob
[Mar 12 21:30:44] Expires: 300
[Mar 12 21:30:44] Allow: PRACK, INVITE, ACK, BYE, CANCEL, UPDATE, SUBSCRIBE, NOTIFY, REFER, MESSAGE, OPTIONS
[Mar 12 21:30:44] Content-Length: 0
[Mar 12 21:30:44]
[Mar 12 21:30:44] <------------->
[Mar 12 21:30:44] — (12 headers 0 lines) —
[Mar 12 21:30:44] Sending to 172.20.1.100:54719 (no NAT)
[Mar 12 21:30:44]
[Mar 12 21:30:44] <— Transmitting (no NAT) to 172.20.1.100:54719 —>
[Mar 12 21:30:44] SIP/2.0 401 Unauthorized
[Mar 12 21:30:44] Via: SIP/2.0/UDP 172.20.1.100:5060;branch=z9hG4bKPj3ed8ece0a5154b81a7e03116539ef418;received=172.20.1.100;rport=54719
[Mar 12 21:30:44] From: sip:1001@172.20.1.100;tag=d6dfd7db9c2c480697e838973e40a718
[Mar 12 21:30:44] To: sip:1001@172.20.1.100;tag=as7aafb3eb
[Mar 12 21:30:44] Call-ID: b56af895b181400a912fbbff224491f1
[Mar 12 21:30:44] CSeq: 43119 REGISTER
[Mar 12 21:30:44] Server: Asterisk PBX 13.2.0
[Mar 12 21:30:44] Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
[Mar 12 21:30:44] Supported: replaces, timer
[Mar 12 21:30:44] WWW-Authenticate: Digest algorithm=MD5, realm=“asterisk”, nonce=“10068310”
[Mar 12 21:30:44] Content-Length: 0
[Mar 12 21:30:44]
[Mar 12 21:30:44]
[Mar 12 21:30:44] <------------>
[Mar 12 21:30:44] Scheduling destruction of SIP dialog ‘b56af895b181400a912fbbff224491f1’ in 32000 ms (Method: REGISTER)
[Mar 12 21:30:45]
[Mar 12 21:30:45] <— SIP read from UDP:172.20.1.100:54720 —>
[Mar 12 21:30:45] REGISTER sip:192.168.2.200 SIP/2.0
[Mar 12 21:30:45] Via: SIP/2.0/UDP 172.20.1.100:5060;rport;branch=z9hG4bKPj3ed8ece0a5154b81a7e03116539ef418
[Mar 12 21:30:45] Max-Forwards: 70
[Mar 12 21:30:45] From: sip:1001@172.20.1.100;tag=d6dfd7db9c2c480697e838973e40a718
[Mar 12 21:30:45] To: sip:1001@172.20.1.100
[Mar 12 21:30:45] Call-ID: b56af895b181400a912fbbff224491f1
[Mar 12 21:30:45] CSeq: 43119 REGISTER
[Mar 12 21:30:45] User-Agent: PJSoftPhone::PJSUA v1.10.0/win32
[Mar 12 21:30:45] Contact: sip:1001@172.20.1.100:5060;ob
[Mar 12 21:30:45] Expires: 300
[Mar 12 21:30:45] Allow: PRACK, INVITE, ACK, BYE, CANCEL, UPDATE, SUBSCRIBE, NOTIFY, REFER, MESSAGE, OPTIONS
[Mar 12 21:30:45] Content-Length: 0
[Mar 12 21:30:45]
[Mar 12 21:30:45] <------------->
[Mar 12 21:30:45] — (12 headers 0 lines) —
[Mar 12 21:30:45] Sending to 172.20.1.100:54720 (no NAT)
[Mar 12 21:30:45]
[Mar 12 21:30:45] <— Transmitting (no NAT) to 172.20.1.100:54720 —>
[Mar 12 21:30:45] SIP/2.0 401 Unauthorized
[Mar 12 21:30:45] Via: SIP/2.0/UDP 172.20.1.100:5060;branch=z9hG4bKPj3ed8ece0a5154b81a7e03116539ef418;received=172.20.1.100;rport=54720
[Mar 12 21:30:45] From: sip:1001@172.20.1.100;tag=d6dfd7db9c2c480697e838973e40a718
[Mar 12 21:30:45] To: sip:1001@172.20.1.100;tag=as7aafb3eb
[Mar 12 21:30:45] Call-ID: b56af895b181400a912fbbff224491f1
[Mar 12 21:30:45] CSeq: 43119 REGISTER
[Mar 12 21:30:45] Server: Asterisk PBX 13.2.0
[Mar 12 21:30:45] Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
[Mar 12 21:30:45] Supported: replaces, timer
[Mar 12 21:30:45] WWW-Authenticate: Digest algorithm=MD5, realm=“asterisk”, nonce=“10068310”
[Mar 12 21:30:45] Content-Length: 0
[Mar 12 21:30:45]
[Mar 12 21:30:45]
[Mar 12 21:30:45] <------------>
[Mar 12 21:30:45] Scheduling destruction of SIP dialog ‘b56af895b181400a912fbbff224491f1’ in 32000 ms (Method: REGISTER)
[Mar 12 21:30:47]
[Mar 12 21:30:47] <— SIP read from UDP:172.20.1.100:54721 —>
[Mar 12 21:30:47] REGISTER sip:192.168.2.200 SIP/2.0
[Mar 12 21:30:47] Via: SIP/2.0/UDP 172.20.1.100:5060;rport;branch=z9hG4bKPj3ed8ece0a5154b81a7e03116539ef418
[Mar 12 21:30:47] Max-Forwards: 70
[Mar 12 21:30:47] From: sip:1001@172.20.1.100;tag=d6dfd7db9c2c480697e838973e40a718
[Mar 12 21:30:47] To: sip:1001@172.20.1.100
[Mar 12 21:30:47] Call-ID: b56af895b181400a912fbbff224491f1
[Mar 12 21:30:47] CSeq: 43119 REGISTER
[Mar 12 21:30:47] User-Agent: PJSoftPhone::PJSUA v1.10.0/win32
[Mar 12 21:30:47] Contact: sip:1001@172.20.1.100:5060;ob
[Mar 12 21:30:47] Expires: 300
[Mar 12 21:30:47] Allow: PRACK, INVITE, ACK, BYE, CANCEL, UPDATE, SUBSCRIBE, NOTIFY, REFER, MESSAGE, OPTIONS
[Mar 12 21:30:47] Content-Length: 0
[Mar 12 21:30:47]
[Mar 12 21:30:47] <------------->
[Mar 12 21:30:47] — (12 headers 0 lines) —
[Mar 12 21:30:47] Sending to 172.20.1.100:54721 (no NAT)
[Mar 12 21:30:47]
[Mar 12 21:30:47] <— Transmitting (no NAT) to 172.20.1.100:54721 —>
[Mar 12 21:30:47] SIP/2.0 401 Unauthorized
[Mar 12 21:30:47] Via: SIP/2.0/UDP 172.20.1.100:5060;branch=z9hG4bKPj3ed8ece0a5154b81a7e03116539ef418;received=172.20.1.100;rport=54721
[Mar 12 21:30:47] From: sip:1001@172.20.1.100;tag=d6dfd7db9c2c480697e838973e40a718
[Mar 12 21:30:47] To: sip:1001@172.20.1.100;tag=as7aafb3eb
[Mar 12 21:30:47] Call-ID: b56af895b181400a912fbbff224491f1
[Mar 12 21:30:47] CSeq: 43119 REGISTER
[Mar 12 21:30:47] Server: Asterisk PBX 13.2.0
[Mar 12 21:30:47] Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
[Mar 12 21:30:47] Supported: replaces, timer
[Mar 12 21:30:47] WWW-Authenticate: Digest algorithm=MD5, realm=“asterisk”, nonce=“10068310”
[Mar 12 21:30:47] Content-Length: 0
[Mar 12 21:30:47]
[Mar 12 21:30:47]
[Mar 12 21:30:47] <------------>
[Mar 12 21:30:47] Scheduling destruction of SIP dialog ‘b56af895b181400a912fbbff224491f1’ in 32000 ms (Method: REGISTER)
[Mar 12 21:30:51]
[Mar 12 21:30:51] <— SIP read from UDP:172.20.1.100:54722 —>
[Mar 12 21:30:51] REGISTER sip:192.168.2.200 SIP/2.0
[Mar 12 21:30:51] Via: SIP/2.0/UDP 172.20.1.100:5060;rport;branch=z9hG4bKPj3ed8ece0a5154b81a7e03116539ef418
[Mar 12 21:30:51] Max-Forwards: 70
[Mar 12 21:30:51] From: sip:1001@172.20.1.100;tag=d6dfd7db9c2c480697e838973e40a718
[Mar 12 21:30:51] To: sip:1001@172.20.1.100
[Mar 12 21:30:51] Call-ID: b56af895b181400a912fbbff224491f1
[Mar 12 21:30:51] CSeq: 43119 REGISTER
[Mar 12 21:30:51] User-Agent: PJSoftPhone::PJSUA v1.10.0/win32
[Mar 12 21:30:51] Contact: sip:1001@172.20.1.100:5060;ob
[Mar 12 21:30:51] Expires: 300
[Mar 12 21:30:51] Allow: PRACK, INVITE, ACK, BYE, CANCEL, UPDATE, SUBSCRIBE, NOTIFY, REFER, MESSAGE, OPTIONS
[Mar 12 21:30:51] Content-Length: 0
[Mar 12 21:30:51]
[Mar 12 21:30:51] <------------->
[Mar 12 21:30:51] — (12 headers 0 lines) —
[Mar 12 21:30:51] Sending to 172.20.1.100:54722 (no NAT)
[Mar 12 21:30:51]
[Mar 12 21:30:51] <— Transmitting (no NAT) to 172.20.1.100:54722 —>
[Mar 12 21:30:51] SIP/2.0 401 Unauthorized
[Mar 12 21:30:51] Via: SIP/2.0/UDP 172.20.1.100:5060;branch=z9hG4bKPj3ed8ece0a5154b81a7e03116539ef418;received=172.20.1.100;rport=54722
[Mar 12 21:30:51] From: sip:1001@172.20.1.100;tag=d6dfd7db9c2c480697e838973e40a718
[Mar 12 21:30:51] To: sip:1001@172.20.1.100;tag=as7aafb3eb
[Mar 12 21:30:51] Call-ID: b56af895b181400a912fbbff224491f1
[Mar 12 21:30:51] CSeq: 43119 REGISTER
[Mar 12 21:30:51] Server: Asterisk PBX 13.2.0
[Mar 12 21:30:51] Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
[Mar 12 21:30:51] Supported: replaces, timer
[Mar 12 21:30:51] WWW-Authenticate: Digest algorithm=MD5, realm=“asterisk”, nonce=“10068310”
[Mar 12 21:30:51] Content-Length: 0
[Mar 12 21:30:51]
[Mar 12 21:30:51]
[Mar 12 21:30:51] <------------>
[Mar 12 21:30:51] Scheduling destruction of SIP dialog ‘b56af895b181400a912fbbff224491f1’ in 32000 ms (Method: REGISTER)
[Mar 12 21:30:55]
[Mar 12 21:30:55] <— SIP read from UDP:172.20.1.100:54723 —>
[Mar 12 21:30:55] REGISTER sip:192.168.2.200 SIP/2.0
[Mar 12 21:30:55] Via: SIP/2.0/UDP 172.20.1.100:5060;rport;branch=z9hG4bKPj3ed8ece0a5154b81a7e03116539ef418
[Mar 12 21:30:55] Max-Forwards: 70
[Mar 12 21:30:55] From: sip:1001@172.20.1.100;tag=d6dfd7db9c2c480697e838973e40a718
[Mar 12 21:30:55] To: sip:1001@172.20.1.100
[Mar 12 21:30:55] Call-ID: b56af895b181400a912fbbff224491f1
[Mar 12 21:30:55] CSeq: 43119 REGISTER
[Mar 12 21:30:55] User-Agent: PJSoftPhone::PJSUA v1.10.0/win32
[Mar 12 21:30:55] Contact: sip:1001@172.20.1.100:5060;ob
[Mar 12 21:30:55] Expires: 300
[Mar 12 21:30:55] Allow: PRACK, INVITE, ACK, BYE, CANCEL, UPDATE, SUBSCRIBE, NOTIFY, REFER, MESSAGE, OPTIONS
[Mar 12 21:30:55] Content-Length: 0
[Mar 12 21:30:55]
[Mar 12 21:30:55] <------------->
[Mar 12 21:30:55] — (12 headers 0 lines) —
[Mar 12 21:30:55] Sending to 172.20.1.100:54723 (no NAT)
[Mar 12 21:30:55]
[Mar 12 21:30:55] <— Transmitting (no NAT) to 172.20.1.100:54723 —>
[Mar 12 21:30:55] SIP/2.0 401 Unauthorized
[Mar 12 21:30:55] Via: SIP/2.0/UDP 172.20.1.100:5060;branch=z9hG4bKPj3ed8ece0a5154b81a7e03116539ef418;received=172.20.1.100;rport=54723
[Mar 12 21:30:55] From: sip:1001@172.20.1.100;tag=d6dfd7db9c2c480697e838973e40a718
[Mar 12 21:30:55] To: sip:1001@172.20.1.100;tag=as7aafb3eb
[Mar 12 21:30:55] Call-ID: b56af895b181400a912fbbff224491f1
[Mar 12 21:30:55] CSeq: 43119 REGISTER
[Mar 12 21:30:55] Server: Asterisk PBX 13.2.0
[Mar 12 21:30:55] Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
[Mar 12 21:30:55] Supported: replaces, timer
[Mar 12 21:30:55] WWW-Authenticate: Digest algorithm=MD5, realm=“asterisk”, nonce=“10068310”
[Mar 12 21:30:55] Content-Length: 0
[Mar 12 21:30:55]
[Mar 12 21:30:55]
[Mar 12 21:30:55] <------------>
[Mar 12 21:30:55] Scheduling destruction of SIP dialog ‘b56af895b181400a912fbbff224491f1’ in 32000 ms (Method: REGISTER)