Majren
August 3, 2012, 12:46am
1
Hi guys!
I’m guessing that this might be a repeated post as I don’t think I am the only person having problems with this. My appologies if I’m repeating, it happens that when you look for answers sometimes they play hard to get…
Here is my question. I have an old Freepbx, an asterisk 1.2 in production. I want/NEED to upgrade to a newer version with LTS, so I’m migrating to 1.8. I have a serious problem where my carriers don’t require me to authenticate to them, they accept everything I throw at them from my public IPs. When I configure the trunks to them in asterisk 1.8 I keep getting Authenticate problems like this one:
SIP/2.0 401 Unauthorized
Via: SIP/2.0/UDP XX.XX.XX.XX:5060;branch=z9hG4bK559e073f
Record-Route: sip:YY.YY.YY.YY;ftag=as5385450f;lr
From: 8888888888 sip:[email protected] ;tag=as5385450f
To: sip:[email protected]
Call-ID: [email protected] :5060
CSeq: 102 INVITE
Server: Sippy
WWW-Authenticate: Digest realm=“YY.YY.YY.YY”,nonce=“6a55e59332683becfbcb7a10a9af9aa3a9d6”
For months I’ve been looking for help in forums, but haven’t gotten lucky. Setting a user/password on the trunk is not an option as I have MANY other equipments (not Asterisk) hitting those same carriers.
Could anyone shed a light on where to look, please? Here is my trunk config:
CARRIER
allow=g729
host=YY.YY.YY.YY
qualify=yes
type=peer
I have tried many, many SIP options, but don’t really have an inventory of what I’ve done and how I’ve done it. This battle has been going on for months now and my memory fails me to remember all those settings…
I appreciate all the help I can get!
Thanks!!!
Asterisk version 1.8.7
FreePBX version 2.9.0.12
Do you have g.729 CODEC installed?
add the line insecure=port,invite and you should be all set.
You also have to put disallow=all above your allow if you only want g.729.
You also don’t have a context, you don’t need it if not receiving calls on this trunk.
What version FreePBX?
dicko
(dicko)
August 3, 2012, 1:13am
3
don’t register against such trunks you don’t need it, and allow anonymous sip calls from these servers.
Majren
August 3, 2012, 3:02am
4
@dicko
I’m not registering to the carrier, that thing you see up there that I posted is the only configuration I have for that trunk. I still need to configure the outgoing trunk to the carrier and that’s where I have problems…
@SkykingOH
I tried adding the fields you mentioned, but it does not seem to work…
This is what I got…
disallow=all
allow=g729
host=psip2.smartisvoip.com
qualify=yes
type=peer
insecure=port,invite
You didn’t answer my question on what version of FreePBX?
Also you didn’t answer about g.729 CODEC.
What error is it giving now?
Majren
August 3, 2012, 3:14am
6
Oh, Sorry SkykingOH.
I do have g729 and here are my versions:
Asterisk version 1.8.7
FreePBX version 2.9.0.12
Thanks for the help.
Ok good, I just wanted to make sure you are running a FreePBX that supports 1.8
What error are you getting with the insecure line?
Just for grins try type=friend
Majren
August 3, 2012, 1:09pm
8
I keep getting unauthorized:
<— SIP read from UDP:206.165.69.152:5060 —>
SIP/2.0 100 trying – your call is important to us
Via: SIP/2.0/UDP XX.XX.XX.XX:5060;branch=z9hG4bK160ed170
From: “8888888888” sip:[email protected] ;tag=as385b8b3b
To: sip:[email protected]
Call-ID: [email protected] :5060
CSeq: 102 INVITE
Server: Sip EXpress router (0.9.6 (i386/freebsd))
Content-Length: 0
<------------->
— (8 headers 0 lines) —
<— SIP read from UDP:206.165.69.152:5060 —>
SIP/2.0 401 Unauthorized
Via: SIP/2.0/UDP XX.XX.XX.XX:5060;branch=z9hG4bK160ed170
Record-Route: sip:YY.YY.YY.YY;ftag=as385b8b3b;lr
From: 8888888888 sip:[email protected] ;tag=as385b8b3b
To: sip:[email protected]
Call-ID: [email protected] :5060
CSeq: 102 INVITE
Server: Sippy
WWW-Authenticate: Digest realm=“YY.YY.YY.YY”,nonce=“fdf1ea8159e5ff87d72cf0390ca2850b029f”
Changing the fype to friend did no godd either…
I keep getting this as well:
[2002-03-21 19:52:49] NOTICE[3635]: chan_sip.c:19661 handle_response_invite: Failed to authenticate on INVITE to '“8888888888” sip:[email protected] ;tag=as385b8b3b’
Really destroying SIP dialog ‘[email protected] :5060’ Method: INVITE
Thanks!
Can you send out the output of SIP show peer trunkname please
Majren
August 3, 2012, 3:32pm
10
My server’s name is Berlix. Here is the output:
berlix*CLI> sip show peer Smart_Net_Stns
Name : Smart_Net_Stns
Secret :
MD5Secret :
Remote Secret:
Context : from-trunk-sip-Smart_Net_Stns
Subscr.Cont. :
Language :
AMA flags : Unknown
Transfer mode: open
CallingPres : Presentation Allowed, Not Screened
Callgroup :
Pickupgroup :
MOH Suggest :
Mailbox :
VM Extension : *97
LastMsgsSent : 32767/65535
Call limit : 0
Max forwards : 0
Dynamic : No
Callerid : “” <>
MaxCallBR : 384 kbps
Expire : -1
Insecure : port,invite
Force rport : No
ACL : No
DirectMedACL : No
T.38 support : No
T.38 EC mode : Unknown
T.38 MaxDtgrm: -1
DirectMedia : Yes
PromiscRedir : No
User=Phone : No
Video Support: No
Text Support : No
Ign SDP ver : No
Trust RPID : No
Send RPID : No
Subscriptions: Yes
Overlap dial : Yes
DTMFmode : rfc2833
Timer T1 : 500
Timer B : 32000
ToHost :
Addr->IP : :5060
Defaddr->IP : (null)
Prim.Transp. : UDP
Allowed.Trsp : UDP
Def. Username:
SIP Options : (none)
Codecs : 0x100 (g729)
Codec Order : (g729:20)
Auto-Framing : No
100 on REG : Yes
Status : OK (54 ms)
Useragent :
Reg. Contact :
Qualify Freq : 60000 ms
Sess-Timers : Accept
Sess-Refresh : uas
Sess-Expires : 1800 secs
Min-Sess : 90 secs
RTP Engine : asterisk
Parkinglot :
Use Reason : No
Encryption : No
berlix*CLI>
Turn direct media off, Asterisk is trying to invite the call off the box and it is failing authentication (IP based). It took me a couple of passes to find this.
Majren
August 3, 2012, 7:55pm
12
…sorry to pop your bubble, but it didn’t help… :(. Here is my 'sip show peer ’ output again…
berlix*CLI> sip show peer Smart_Net_Stns
Name : Smart_Net_Stns
Secret :
MD5Secret :
Remote Secret:
Context : from-trunk-sip-Smart_Net_Stns
Subscr.Cont. :
Language :
AMA flags : Unknown
Transfer mode: open
CallingPres : Presentation Allowed, Not Screened
Callgroup :
Pickupgroup :
MOH Suggest :
Mailbox :
VM Extension : *97
LastMsgsSent : 32767/65535
Call limit : 0
Max forwards : 0
Dynamic : No
Callerid : “” <>
MaxCallBR : 384 kbps
Expire : -1
Insecure : port,invite
Force rport : No
ACL : No
DirectMedACL : No
T.38 support : No
T.38 EC mode : Unknown
T.38 MaxDtgrm: -1
DirectMedia : No
PromiscRedir : No
User=Phone : No
Video Support: No
Text Support : No
Ign SDP ver : No
Trust RPID : No
Send RPID : No
Subscriptions: Yes
Overlap dial : Yes
DTMFmode : rfc2833
Timer T1 : 500
Timer B : 32000
ToHost : psip2.smartisvoip.com
Addr->IP : 206.165.69.152:5060
Defaddr->IP : (null)
Prim.Transp. : UDP
Allowed.Trsp : UDP
Def. Username:
SIP Options : (none)
Codecs : 0x100 (g729)
Codec Order : (g729:20)
Auto-Framing : No
100 on REG : Yes
Status : OK (93 ms)
Useragent :
Reg. Contact :
Qualify Freq : 60000 ms
Sess-Timers : Accept
Sess-Refresh : uas
Sess-Expires : 1800 secs
Min-Sess : 90 secs
RTP Engine : asterisk
Parkinglot :
Use Reason : No
Encryption : No
Thanks again!
Majren
August 13, 2012, 8:27pm
13
Anyone have any other suggestion so I can try it out…?
All help is GREATLY appreciated!
Thanks!