I have Asterisk 13.22.00 (on the FreePBX) and use sip trunks to our sip peers with IP authorization instead on by “from field” for incoming calls. There is specific host specified and type is “friend” in the trunk sip settings. When using UDP transport, everything works fine, but if TCP is specified, Asterisk tries peer to be authorized by “from field” with “401 Unauthorized” message. It looks like asterisk doesn’t see that trunk. SIP channel driver is chan_sip.
FreePBX also includes a large amount of dialplan and AGI code, it not a general purpose configurator for Asterisk.
insecure=invite is pointless if you do not have secret.
I’d assume the source IP address is wrong, but you might want to check whether you have type=friend on local devices and the caller ID user part matches a local device name. Most system should have type=peer throughout.
There are two interfaces on sip peer: local - ZZZ and VPN - YYY. Peer operates with YYY through VPN. You mean, “field from” needs to be YYY? Yes, peer inserts into “from” a little incorrect address. But it doesn’t matter with UDP transport.
Furthemore, I have another peer with “right from header” incoming invite requests, but the result is the same. And I don’t know, why.
Prior to b2c4e8660a9c89d07041271371151779b7ec75f6 (ASTERISK_27457)
insecure=port was the defacto standard. That commit also prevented
insecure=port from being applied for sip/tcp or sip/tls.
Into consideration there are three sets of behaviour:
1. "previous" - before the above commit.
2. "current" - post above commit, pre this one.
3. "new" - post this commit.
The problem that the above commit tried to address was guests over TCP.
It succeeded in doing that ***but broke transport!=udp with host!=dynamic.***
My Asterisk version is 13.22, so it’s between the issue came along and it was solved. But it has been solved in different way than before and on the later Asterisk version I still have the problem with tcp port insecure.