I just upgraded to 17.
Smooth upgrade, no issues.
Now all my phones fail to authenticate.
(4 Mitel/Astra Dect, 1 Grandstream WLAN, 1 Grandstream Video, 1 old Snom 260, 1 Softphone)
Registration and connections to and from my providers (so any external connections) are working properly.
All devices are using pjsip (and had done so before migration).
Thus not a sip->pjsip conversion issue.
If I add a new (soft-)phone via GUI it also fails to register using the same errors.
Looks something is fundamentally wrong, but I fyet failed to figure out any reason.
Any hints where to look to get more insight into the problem?
Thanks for any help.
Rainer
The relevant portion from the log seems to me:
[2024-08-19 08:46:14] DEBUG[17449] res_pjsip_endpoint_identifier_user.c: Attempting identify by From username '299' domain '10.202.10.2'
[2024-08-19 08:46:14] DEBUG[17449] res_pjsip_endpoint_identifier_user.c: Identified by From username '299' domain '10.202.10.2'
[2024-08-19 08:46:14] DEBUG[17449] res_pjsip_authenticator_digest.c: Using default realm 'asterisk' on incoming auth '299-auth'.
[2024-08-19 08:46:14] DEBUG[17449] res_pjsip_authenticator_digest.c: Calculated nonce 1724049974/c5c2ffba6a8dfc6e488b122751671188. Actual nonce is 1724049974/c5c2ffba6a8dfc6e488b122751671188
[2024-08-19 08:46:14] DEBUG[17449] res_pjsip_authenticator_digest.c: Realm: asterisk Username: 299 Result: FAIL
The full context from log:
[2024-08-19 08:46:14] VERBOSE[17447] res_pjsip_logger.c: <--- Received SIP request (837 bytes) from UDP:10.202.3.100:53519 --->
REGISTER sip:10.202.10.2 SIP/2.0
Via: SIP/2.0/UDP 10.202.3.100:53519;branch=z9hG4bKmuvfnzZP30SY;rport
From: "BU11" <sip:[email protected]>;tag=76DDpvSJCtgg
To: "BU11" <sip:[email protected]>
Call-ID: rA-ElBb49t1vNcXt8I9i
CSeq: 1592 REGISTER
Contact: <sip:[email protected]:55390;x-reg=007B06BF091460CF>;expires=0
Contact: <sip:[email protected]:53519;x-reg=A054BF48FE0A94EA>;expires=600
Content-Length: 0
User-Agent: Sipnetic/1.1.3 Android
Supported: path
Allow: INVITE,ACK,OPTIONS,BYE,CANCEL,INFO,SUBSCRIBE,NOTIFY,REFER,PRACK,MESSAGE
Authorization: Digest username="299",realm="asterisk",nonce="1724049974/c5c2ffba6a8dfc6e488b122751671188",opaque="70cac5556cb9dd44",uri="sip:10.202.10.2",cnonce="16307bc79999014960b61b50090d32d6",qop=auth,nc=00000003,algorithm=MD5,response="3f06fad11152b5a03d60c9d75d8e70b2"
Max-Forwards: 70
[2024-08-19 08:46:14] DEBUG[17447] res_pjsip/pjsip_distributor.c: Could not find matching transaction for Request msg REGISTER/cseq=1592 (rdata0x7f0268006078)
[2024-08-19 08:46:14] DEBUG[17447] res_pjsip/pjsip_distributor.c: Calculated serializer pjsip/distributor-0000003a to use for Request msg REGISTER/cseq=1592 (rdata0x7f0268006078)
[2024-08-19 08:46:14] DEBUG[17449] netsock2.c: Splitting '10.202.3.100' into...
[2024-08-19 08:46:14] DEBUG[17449] netsock2.c: ...host '10.202.3.100' and port ''.
[2024-08-19 08:46:14] DEBUG[17449] res_pjsip_endpoint_identifier_ip.c: Source address 10.202.3.100:53519 does not match identify 'Vodafone-542978'
[2024-08-19 08:46:14] DEBUG[17449] res_pjsip_endpoint_identifier_ip.c: Source address 10.202.3.100:53519 does not match identify 'Vodafone-9953051'
[2024-08-19 08:46:14] DEBUG[17449] res_pjsip_endpoint_identifier_ip.c: Source address 10.202.3.100:53519 does not match identify 'Vodafone-542903'
[2024-08-19 08:46:14] DEBUG[17449] res_pjsip_endpoint_identifier_ip.c: Source address 10.202.3.100:53519 does not match identify 'Vodafone-9952564'
[2024-08-19 08:46:14] DEBUG[17449] res_pjsip_endpoint_identifier_ip.c: Source address 10.202.3.100:53519 does not match identify 'Vodafone-542977'
[2024-08-19 08:46:14] DEBUG[17449] res_pjsip_endpoint_identifier_ip.c: Source address 10.202.3.100:53519 does not match identify 'Vodafone-9953007'
[2024-08-19 08:46:14] DEBUG[17449] res_pjsip_endpoint_identifier_ip.c: Source address 10.202.3.100:53519 does not match identify 'Sipgate6590590'
**[2024-08-19 08:46:14] DEBUG[17449] res_pjsip_endpoint_identifier_user.c: Attempting identify by From username '299' domain '10.202.10.2'**
**[2024-08-19 08:46:14] DEBUG[17449] res_pjsip_endpoint_identifier_user.c: Identified by From username '299' domain '10.202.10.2'**
**[2024-08-19 08:46:14] DEBUG[17449] res_pjsip_authenticator_digest.c: Using default realm 'asterisk' on incoming auth '299-auth'.**
**[2024-08-19 08:46:14] DEBUG[17449] res_pjsip_authenticator_digest.c: Calculated nonce 1724049974/c5c2ffba6a8dfc6e488b122751671188. Actual nonce is 1724049974/c5c2ffba6a8dfc6e488b122751671188**
**[2024-08-19 08:46:14] DEBUG[17449] res_pjsip_authenticator_digest.c: Realm: asterisk Username: 299 Result: FAIL**
[2024-08-19 08:46:14] NOTICE[17449] res_pjsip/pjsip_distributor.c: Request 'REGISTER' from '"BU11" <sip:[email protected]>' failed for '10.202.3.100:53519' (callid: rA-ElBb49t1vNcXt8I9i) - Failed to authenticate
[2024-08-19 08:46:14] DEBUG[17449] netsock2.c: Splitting '10.202.10.2' into...
[2024-08-19 08:46:14] DEBUG[17449] netsock2.c: ...host '10.202.10.2' and port ''.
[2024-08-19 08:46:14] DEBUG[17449] netsock2.c: Splitting '10.202.3.100' into...
[2024-08-19 08:46:14] DEBUG[17449] netsock2.c: ...host '10.202.3.100' and port ''.
[2024-08-19 08:46:14] DEBUG[17449] netsock2.c: Splitting '10.202.3.100' into...
[2024-08-19 08:46:14] DEBUG[17449] netsock2.c: ...host '10.202.3.100' and port ''.
[2024-08-19 08:46:14] DEBUG[17449] res_pjsip_nat.c: Request is being sent to local address, skipping NAT manipulation
[2024-08-19 08:46:14] DEBUG[17449] netsock2.c: Splitting '10.202.3.100' into...
[2024-08-19 08:46:14] DEBUG[17449] netsock2.c: ...host '10.202.3.100' and port ''.
[2024-08-19 08:46:14] VERBOSE[17449] res_pjsip_logger.c: <--- Transmitting SIP response (487 bytes) to UDP:10.202.3.100:53519 --->
SIP/2.0 401 Unauthorized
Via: SIP/2.0/UDP 10.202.3.100:53519;rport=53519;received=10.202.3.100;branch=z9hG4bKmuvfnzZP30SY
Call-ID: rA-ElBb49t1vNcXt8I9i
From: "BU11" <sip:[email protected]>;tag=76DDpvSJCtgg
To: "BU11" <sip:[email protected]>;tag=z9hG4bKmuvfnzZP30SY
CSeq: 1592 REGISTER
WWW-Authenticate: Digest realm="asterisk",nonce="1724049974/c5c2ffba6a8dfc6e488b122751671188",opaque="23d469d55b8c3340",algorithm=MD5,qop="auth"
Server: FPBX-17.0.19.1(21.4.1)
Content-Length: 0