I have just started exploring Asterisk mainly because of Video SFU support in version 15. I recently cloned Asterisk source code from GIT master branch and successfully built the code. The Asterisk is currently running on AWS EC2 instance.
As I am trying to configure different modules as explained in the link below to set up an environment for making WebRTC video calls using SFU video mode on Asterisk.
http://blogs.asterisk.org/2017/09/20/asterisk-15-multi-stream-media-sfu/
After making all the config modifications as per the above blog, I am noticing an issue with SIP REGISTER REQUEST and chan_sip is complaining about wrong password, if I try to request guest account from CMP2K client.
Here is the SIP log message that I notice and I don’t see anything wrong with the password that I have set up on the Asterisk server and CMP2K client instances. I have outlined the configuration changes that I have made in different config files and the snippet of SIP log messages.
Any idea and help with this issue will be much appreciated.
Thanks and Regards,
Ashok
- Modifications and additions to /etc/asterisk/pjsip.conf
[transport_wss]
type=transport
bind=0.0.0.0
protocol=wss
[guest]
type=aor
max_contacts=1
[authguest]
type=auth
auth_type=userpass
username=guest
password=12345 ; This is a completely insecure password. Do NOT expose this
; system to the Internet without utilizing a better password.
[guest]
type=endpoint
transport=transport-wss
context=default
direct_media=no
allow=!all,ulaw,vp8,h264,alaw,opus,gsm
aors=guest
auth=authguest
allowguest=yes
max_audio_streams=10
max_video_streams=10
webrtc=yes
avpf=yes
nat=yes,force_rport
dtls_cert_file=/etc/asterisk/keys/asterisk.pem
dtls_ca_file=/etc/asterisk/keys/ca.crt
transport=tls,udp,ws ; Asterisk will allow this peer to register on UDP or WebSockets
dtlsverify=no ; Tell Asterisk to not verify your DTLS certs
rtcp_mux=yes
- Changes to sip.conf
[general]
tcpenable=yes
tcpbindaddr=0.0.0.0
allowoverlap=no ; existing setting
Other existing settings -->
basic-options ; a template
dtmfmode=rfc2833
context=from-office
type=friend
natted-phone ; another template inheriting basic-options
directmedia=no
host=dynamic
public-phone ; another template inheriting basic-options
directmedia=yes
my-codecs ; a template for my preferred codecs
disallow=all
allow=ilbc
allow=g729
allow=gsm
allow=g723
allow=ulaw
; Or, more simply:
;allow=!all,ilbc,g729,gsm,g723,ulaw
ulaw-phone ; and another one for ulaw-only
disallow=all
allow=ulaw
; Again, more simply:
;allow=!all,ulaw
-
Additions and modifications to http.conf
[general]
enabled=yes
bindaddr=0.0.0.0
bindport=8088
tlsenable=yes
tlsbindaddr=0.0.0.0:8089
tlscertfile=/etc/asterisk/keys/asterisk.pem
enablestatic=yes -
Additions and modifications confbridge.conf
[default_bridge]
type=bridge
video_mode=sfu
[default_user]
type=user
music_on_hold_when_empty=yes
music_on_hold_class=default
- Additions and modifications to extensions.conf --> added dialplan for echo and video-conference applications
[default]
exten => echo,1,Answer()
same => n,StreamEcho(3)
same => n,Hangup()
exten => video-conference,1,Answer()
same => n,ConfBridge(guest)
same => n,Hangup()
SIP debug log from the Asterisk server running on AWS EC2 instance:
== WebSocket connection from ‘xx.xxx.xx.xx:50505’ for protocol ‘sip’ accepted using version ‘13’
<— SIP read from WS:12.229.59.89:50505 —>
REGISTER sip:xx.xxx.xxx.xx SIP/2.0
Via: SIP/2.0/WSS xx.xxx.xxx.xx;branch=z9hG4bK8055612
Max-Forwards: 69
To: sip:guest@xx.xxx.xxx.xx
From: sip:guest@xx.xxx.xxx.xx;tag=57emgdfp7h
Call-ID: 0modgqkd3pphq14f55ebej
CSeq: 1 REGISTER
Contact: sip:guest@xx.xxx.xxx.xx;+sip.ice;reg-id=1;+sip.instance=“urn:uuid:da6af3e3-94a0-4ed3-ac6a-5c259271ebe1”;expires=300
Expires: 300
Allow: INVITE,ACK,CANCEL,BYE,UPDATE,MESSAGE,OPTIONS,REFER,INFO
Supported: path,gruu,outbound
User-Agent: JsSIP 3.0.13
Content-Length: 0
<------------->
— (13 headers 0 lines) —
<— Transmitting (no NAT) to 12.229.59.89:5060 —>
SIP/2.0 401 Unauthorized
Via: SIP/2.0/WSS xx.xxx.xxx.xx;branch=z9hG4bK8055612;received=12.229.59.89
From: sip:guest@xx.xxx.xxx.xx;tag=57emgdfp7h
To: sip:guest@xx.xxx.xxx.xx;tag=as491821f7
Call-ID: 0modgqkd3pphq14f55ebej
CSeq: 1 REGISTER
Server: Asterisk PBX GIT-master-e132f22
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
Supported: replaces, timer
WWW-Authenticate: Digest algorithm=MD5, realm=“asterisk”, nonce="0858f39d"
Content-Length: 0
<------------>
Scheduling destruction of SIP dialog ‘0modgqkd3pphq14f55ebej’ in 32000 ms (Method: REGISTER)
<— SIP read from WS:12.229.59.89:50505 —>
REGISTER sip:xx.xxx.xxx.xx SIP/2.0
Via: SIP/2.0/WSS xx.xxx.xxx.xx;branch=z9hG4bK1125142
Max-Forwards: 69
To: sip:guest@xx.xxx.xxx.xx
From: sip:guest@xx.xxx.xxx.xx;tag=57emgdfp7h
Call-ID: 0modgqkd3pphq14f55ebej
CSeq: 2 REGISTER
Authorization: Digest algorithm=MD5, username=“guest”, realm=“asterisk”, nonce=“0858f39d”, uri=“sip:xx.xxx.xxx.xx”, response="aef59f5f6243bb57def2a48908242d6b"
Contact: sip:guest@xx.xxx.xxx.xx;+sip.ice;reg-id=1;+sip.instance=“urn:uuid:da6af3e3-94a0-4ed3-ac6a-5c259271ebe1”;expires=300
Expires: 300
Allow: INVITE,ACK,CANCEL,BYE,UPDATE,MESSAGE,OPTIONS,REFER,INFO
Supported: path,gruu,outbound
User-Agent: JsSIP 3.0.13
Content-Length: 0
<------------->
— (14 headers 0 lines) —
<— Transmitting (no NAT) to 12.229.59.89:5060 —>
SIP/2.0 403 Forbidden
Via: SIP/2.0/WSS xx.xxx.xxx.xx;branch=z9hG4bK1125142;received=12.229.59.89
From: sip:guest@xx.xxx.xxx.xx;tag=57emgdfp7h
To: sip:guest@xx.xxx.xxx.xx;tag=as491821f7
Call-ID: 0modgqkd3pphq14f55ebej
CSeq: 2 REGISTER
Server: Asterisk PBX GIT-master-e132f22
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
Supported: replaces, timer
Content-Length: 0
<------------>
[Feb 13 20:47:53] NOTICE[6078]: chan_sip.c:28899 handle_request_register: Registration from ‘sip:guest@xx.xxx.xxx.xx’ failed for ‘12.229.59.89:50505’ - Wrong password
Scheduling destruction of SIP dialog ‘0modgqkd3pphq14f55ebej’ in 32000 ms (Method: REGISTER)