401 UNAUTHORIZED response to REGISTER request

levimill1 · August 12, 2022, 10:14pm

I inherited an ancient FreePBX system (12.0.76.6) that serves several existing Digium endpoints at multiple branch offices without issue. We recently acquired a Sangoma P320 desk phone to add to the system but are running into some bizarre issues when trying to register the SIP account. The phone sends a REGISTER request but keeps getting denied by the PBX with a 401 UNAUTHORIZED response. I know enough to be dangerous, but I cannot for the life of me figure out why this device won’t register. Anybody willing to help me troubleshoot? I can provide any additional info that you may require.

levimill1 · August 12, 2022, 10:16pm

Actually, I’m having the exact same problem with a couple of fax ATA devices, but only intermittently. Sometimes they register, but registration fails later on. The devices are at a remote site, connected via IPsec VPN.

david55 · August 12, 2022, 10:33pm

Do the subsequent registers include authentication? How long after the 401 are they sent? Is the nonce the same as in the preceding 401? Does the following 401 contain the same nonce?

levimill1 · August 12, 2022, 11:24pm

Alright, I don’t know enough to be that dangerous. I don’t think the subsequent registers include authentication, but I’m not sure exactly what to look for.

I just ran another packet capture, and now the PBX is just flooding the device with MESSAGE packets which appear to contain a certificate of some kind. The phone is not sending anything in response.

david55 · August 12, 2022, 11:29pm

If there is no authentication data it either means the 401 never arrived or the device has no password to offer.

SIP MESSAGE requests aren’t something that would be generated unsolicited. They would normally be the result of forwarding ones that had been received. Maybe you are suffering a denial of service attack?

levimill1 · August 12, 2022, 11:34pm

I have a feeling this has something to do with the firewalls/VPN between sites, or there’s something wrong with the FreePBX server. The old Digium phones seem to work just fine, but this new Sangoma phone just isn’t working properly. I think we’d be seeing a multitude of issues if we were under a DoS attack, but this one phone and a couple of ATAs are the only devices not working.

system · September 12, 2022, 11:35pm

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.