Trying to setup a trunk between Cisco UCM 11 and Asterisk 13. I plan to just use Asterisk for extending media functions - at this point, offloading voicemail.
What I want to achieve is that calls coming in from the CUCM trunk are treated as regular internal Asterisk calls, and will hit the local dialplan directly and route accordingly.
To do this I have added in the trunk settings, on both PEER and USER;
type=friend
context=from-internal
This isn’t working, for one reason or another that I can’t determine. In the Asterisk logs I get;
res_pjsip/pjsip_distributor.c: Request from '<sip:172.22.4.123>' failed for '172.22.4.123:5060' (callid: [email protected]) - No matching endpoint found
Well, fair enough - I don’t have a PJSIP extension setup for anything I am trying to dial. I do however have a chan_sip extension (800) setup which I am trying to reach. I also have a Misc Application setup too as a little test on 801.
The problem that I am finding though is that everything Call Manager sends to the Asterisk server get a 401 Unauthorised response, even just OPTIONS packets.
First of all, I think I need to tackle this Unauthorised problem. I understand why Asterisk is sending the challenge - but, I don’t want it to because the Call Manager side isn’t all that kind regards authentication on SIP trunks.
Is it possible to setup a trunk to explicitly trust anything from a single IP address? I want to setup a raw SIP trunk between the, where Asterisk will process ANY SIP packet coming from CUCM.
I know there is a setting to allow Anonymous Calls in Advanced Settings (or, something) but I don’t want to enable this system-wide and end up relaying dodgy calls.
Yes, but not with PJ-SIP (unless this really important feature changed and no one said anything).
You can do Host-based authentication using IP addresses in Chan-SIP.
Also “Friend” is “Peer” and “User” at the same time. You might be able to get by with using “Friend” in your incoming trunk and skip the outgoing trunk settings altogether. Or is it the outgoing trunk and skip the incoming… I always get those confused.
Here is my peer config; disallow=all allow=alaw canreinvite=no dtmfmode=rfc2833 host=172.22.4.123 insecure=invite,port port=5060 qualify=yes type=friend
Not working, I’ve put that in USER as well to try that. Tried insecure=yes|invite|invite,port|very - no luck. Asterisk always replies to anything from CUCM with 401 auth challenge…
Huge faceplam … nothing seemed to be making any difference so I went looking into global SIP settings only to notice that can_sip is listening on port 5061, so I guess my calls coming in on port 5060 were being passed to pjsip!
I have to leave this right now, but tomorrow I will come back to test that out but I would expect that’s probably the cause of why nothing was having much effect!