Sip Extensions Problem

actwon · March 7, 2012, 8:33pm

Hi! Hope everyone is well.

My issue is my sip soft phone (Bria) will not connect (remotely nor local). I have taken several tcpdumps and I see the same messages:

freepbx.sip > host-a.rport ICMP port unreachable

Now, before anyone starts flaming and said that I need to search (which I have extensively). What I have noticed is that the the above entry is a tcpdump from my mac os x laptop (host-a). The tcpdump on the freepbx server is as follows:

freepbx.sip > gateway.rport ICMP port unreachable.

The freepbx server is re-writing the packet with the gateway as the destination instead of the host-a who made the request. This gives me a SIP 401 Unauthorized error when trying to login to my extension.

A little more info:

Host-A and freepbx are on different subnets (inside of firewall)
Freepbx is Nat’d to the outside world (sip settings)
static routes are in place to get to Host-A.

Any help is appreciated.

TimNur · March 14, 2012, 11:36am

Does the original SIP message contain any Route or Record-Route header ?

actwon · March 14, 2012, 2:58pm

I’m not sure about the route or record-route headers. Below is a snippet of the communication between the freepbx server and client machine

maclap is client going to freepbx
mtvmastrx01 is freepbx server

– begin –

18:26:57.730532 IP (tos 0x0, ttl 64, id 52094, offset 0, flags [none], proto UDP (17), length 597)
maclap.mydomain.38641 > mtvmastrx01.mydomain.sip: [udp sum ok] SIP, length: 569
REGISTER sip:mydomain SIP/2.0
Via: SIP/2.0/UDP 192.168.1.27:38641;branch=z9hG4bK-d8754z-8f5d761a1eb12631-1—d8754z-
Max-Forwards: 70
Contact: sip:[email protected]:38641;rinstance=f3acff830e397a66;transport=udp
To: "PBXUser 100"sip:100@mydomain
From: "PBXUser 100"sip:100@mydomain;tag=cf63447e
Call-ID: MDg0Mjk3NTk2MGQ0NTY3MjFkNWEzYjMzYTNjMDZlM2M.
CSeq: 30 REGISTER
Expires: 3600
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE, SUBSCRIBE, INFO
User-Agent: Bria 3 release 3.2.2 stamp 63092
Content-Length: 0

0x0000:  5245 4749 5354 4552 2073 6970 3a73 6970
0x0010:  2e6d 7465 6b6b 612e 636f 6d20 5349 502f
0x0020:  322e 300d 0a56 6961 3a20 5349 502f 322e
0x0030:  302f 5544 5020 3133 322e 3835 2e31 2e32
0x0040:  373a 3338 3634 313b 6272 616e 6368 3d7a
0x0050:  3968 4734 624b 2d64 3837 3534 7a2d 3866
0x0060:  3564 3736 3161 3165 6231 3236 3331 2d31
0x0070:  2d2d 2d64 3837 3534 7a2d 0d0a 4d61 782d
0x0080:  466f 7277 6172 6473 3a20 3730 0d0a 436f
0x0090:  6e74 6163 743a 203c 7369 703a 3130 3040
0x00a0:  3133 322e 3835 2e31 2e32 373a 3338 3634
0x00b0:  313b 7269 6e73 7461 6e63 653d 6633 6163
0x00c0:  6666 3833 3065 3339 3761 3636 3b74 7261
0x00d0:  6e73 706f 7274 3d75 6470 3e0d 0a54 6f3a
0x00e0:  2022 4e61 7468 616e 6965 6c20 4461 7669
0x00f0:  7322 3c73 6970 3a31 3030 4073 6970 2e6d
0x0100:  7465 6b6b 612e 636f 6d3e 0d0a 4672 6f6d
0x0110:  3a20 224e 6174 6861 6e69 656c 2044 6176
0x0120:  6973 223c 7369 703a 3130 3040 7369 702e
0x0130:  6d74 656b 6b61 2e63 6f6d 3e3b 7461 673d
0x0140:  6366 3633 3434 3765 0d0a 4361 6c6c 2d49
0x0150:  443a 204d 4467 304d 6a6b 334e 546b 324d
0x0160:  4751 304e 5459 334d 6a46 6b4e 5745 7a59
0x0170:  6a4d 7a59 544e 6a4d 445a 6c4d 324d 2e0d
0x0180:  0a43 5365 713a 2033 3020 5245 4749 5354
0x0190:  4552 0d0a 4578 7069 7265 733a 2033 3630
0x01a0:  300d 0a41 6c6c 6f77 3a20 494e 5649 5445
0x01b0:  2c20 4143 4b2c 2043 414e 4345 4c2c 204f
0x01c0:  5054 494f 4e53 2c20 4259 452c 2052 4546
0x01d0:  4552 2c20 4e4f 5449 4659 2c20 4d45 5353
0x01e0:  4147 452c 2053 5542 5343 5249 4245 2c20
0x01f0:  494e 464f 0d0a 5573 6572 2d41 6765 6e74
0x0200:  3a20 4272 6961 2033 2072 656c 6561 7365
0x0210:  2033 2e32 2e32 2073 7461 6d70 2036 3330
0x0220:  3932 0d0a 436f 6e74 656e 742d 4c65 6e67
0x0230:  7468 3a20 300d 0a0d 0a

18:26:57.735155 IP (tos 0x60, ttl 127, id 21244, offset 0, flags [none], proto UDP (17), length 513)
mtvmastrx01.mydomain.sip > maclap.mydomain.10041: [udp sum ok] SIP, length: 485
SIP/2.0 100 Trying
Via: SIP/2.0/UDP 192.168.1.27:38641;branch=z9hG4bK-d8754z-8f5d761a1eb12631-1—d8754z-;received=192.168.54.1;rport=33991
From: "PBXUser 100"sip:100@mydomain;tag=cf63447e
To: "PBXUser 100"sip:100@mydomain
Call-ID: MDg0Mjk3NTk2MGQ0NTY3MjFkNWEzYjMzYTNjMDZlM2M.
CSeq: 30 REGISTER
Server: FPBX-2.10.0(1.8.8.0)
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH
Supported: replaces, timer
Content-Length: 0

0x0000:  5349 502f 322e 3020 3130 3020 5472 7969
0x0010:  6e67 0d0a 5669 613a 2053 4950 2f32 2e30
0x0020:  2f55 4450 2031 3332 2e38 352e 312e 3237
0x0030:  3a33 3836 3431 3b62 7261 6e63 683d 7a39
0x0040:  6847 3462 4b2d 6438 3735 347a 2d38 6635
0x0050:  6437 3631 6131 6562 3132 3633 312d 312d
0x0060:  2d2d 6438 3735 347a 2d3b 7265 6365 6976
0x0070:  6564 3d31 3332 2e38 352e 3534 2e31 3b72
0x0080:  706f 7274 3d33 3339 3931 0d0a 4672 6f6d
0x0090:  3a20 224e 6174 6861 6e69 656c 2044 6176
0x00a0:  6973 223c 7369 703a 3130 3040 7369 702e
0x00b0:  6d74 656b 6b61 2e63 6f6d 3e3b 7461 673d
0x00c0:  6366 3633 3434 3765 0d0a 546f 3a20 224e
0x00d0:  6174 6861 6e69 656c 2044 6176 6973 223c
0x00e0:  7369 703a 3130 3040 7369 702e 6d74 656b
0x00f0:  6b61 2e63 6f6d 3e0d 0a43 616c 6c2d 4944
0x0100:  3a20 4d44 6730 4d6a 6b33 4e54 6b32 4d47
0x0110:  5130 4e54 5933 4d6a 466b 4e57 457a 596a
0x0120:  4d7a 5954 4e6a 4d44 5a6c 4d32 4d2e 0d0a
0x0130:  4353 6571 3a20 3330 2052 4547 4953 5445
0x0140:  520d 0a53 6572 7665 723a 2046 5042 582d
0x0150:  322e 3130 2e30 2831 2e38 2e38 2e30 290d
0x0160:  0a41 6c6c 6f77 3a20 494e 5649 5445 2c20
0x0170:  4143 4b2c 2043 414e 4345 4c2c 204f 5054
0x0180:  494f 4e53 2c20 4259 452c 2052 4546 4552
0x0190:  2c20 5355 4253 4352 4942 452c 204e 4f54
0x01a0:  4946 592c 2049 4e46 4f2c 2050 5542 4c49
0x01b0:  5348 0d0a 5375 7070 6f72 7465 643a 2072
0x01c0:  6570 6c61 6365 732c 2074 696d 6572 0d0a
0x01d0:  436f 6e74 656e 742d 4c65 6e67 7468 3a20
0x01e0:  300d 0a0d 0a

18:26:57.735240 IP (tos 0x0, ttl 64, id 11264, offset 0, flags [none], proto ICMP (1), length 56)
maclap.mydomain > mtvmastrx01.mydomain: ICMP maclap.mydomain udp port 10041 unreachable, length 36
IP (tos 0x60, ttl 127, id 21244, offset 0, flags [none], proto UDP (17), length 513)
mtvmastrx01.mydomain.sip > maclap.mydomain.10041: [no cksum] SIP, length: 485
[|sip]
18:26:57.735351 IP (tos 0x60, ttl 127, id 6957, offset 0, flags [none], proto UDP (17), length 610)
mtvmastrx01.mydomain.sip > maclap.mydomain.10041: [udp sum ok] SIP, length: 582
SIP/2.0 401 Unauthorized
Via: SIP/2.0/UDP 192.168.1.27:38641;branch=z9hG4bK-d8754z-8f5d761a1eb12631-1—d8754z-;received=192.168.54.1;rport=33991
From: "PBXUser 100"sip:100@mydomain;tag=cf63447e
To: "PBXUser 100"sip:100@mydomain;tag=as050b8e8d
Call-ID: MDg0Mjk3NTk2MGQ0NTY3MjFkNWEzYjMzYTNjMDZlM2M.
CSeq: 30 REGISTER
Server: FPBX-2.10.0(1.8.8.0)
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH
Supported: replaces, timer
WWW-Authenticate: Digest algorithm=MD5, realm=“asterisk”, nonce="6337d2fb"
Content-Length: 0

0x0000:  5349 502f 322e 3020 3430 3120 556e 6175
0x0010:  7468 6f72 697a 6564 0d0a 5669 613a 2053
0x0020:  4950 2f32 2e30 2f55 4450 2031 3332 2e38
0x0030:  352e 312e 3237 3a33 3836 3431 3b62 7261
0x0040:  6e63 683d 7a39 6847 3462 4b2d 6438 3735
0x0050:  347a 2d38 6635 6437 3631 6131 6562 3132
0x0060:  3633 312d 312d 2d2d 6438 3735 347a 2d3b
0x0070:  7265 6365 6976 6564 3d31 3332 2e38 352e
0x0080:  3534 2e31 3b72 706f 7274 3d33 3339 3931
0x0090:  0d0a 4672 6f6d 3a20 224e 6174 6861 6e69
0x00a0:  656c 2044 6176 6973 223c 7369 703a 3130
0x00b0:  3040 7369 702e 6d74 656b 6b61 2e63 6f6d
0x00c0:  3e3b 7461 673d 6366 3633 3434 3765 0d0a
0x00d0:  546f 3a20 224e 6174 6861 6e69 656c 2044
0x00e0:  6176 6973 223c 7369 703a 3130 3040 7369
0x00f0:  702e 6d74 656b 6b61 2e63 6f6d 3e3b 7461
0x0100:  673d 6173 3035 3062 3865 3864 0d0a 4361
0x0110:  6c6c 2d49 443a 204d 4467 304d 6a6b 334e
0x0120:  546b 324d 4751 304e 5459 334d 6a46 6b4e
0x0130:  5745 7a59 6a4d 7a59 544e 6a4d 445a 6c4d
0x0140:  324d 2e0d 0a43 5365 713a 2033 3020 5245
0x0150:  4749 5354 4552 0d0a 5365 7276 6572 3a20
0x0160:  4650 4258 2d32 2e31 302e 3028 312e 382e
0x0170:  382e 3029 0d0a 416c 6c6f 773a 2049 4e56
0x0180:  4954 452c 2041 434b 2c20 4341 4e43 454c
0x0190:  2c20 4f50 5449 4f4e 532c 2042 5945 2c20
0x01a0:  5245 4645 522c 2053 5542 5343 5249 4245
0x01b0:  2c20 4e4f 5449 4659 2c20 494e 464f 2c20
0x01c0:  5055 424c 4953 480d 0a53 7570 706f 7274
0x01d0:  6564 3a20 7265 706c 6163 6573 2c20 7469
0x01e0:  6d65 720d 0a57 5757 2d41 7574 6865 6e74
0x01f0:  6963 6174 653a 2044 6967 6573 7420 616c
0x0200:  676f 7269 7468 6d3d 4d44 352c 2072 6561
0x0210:  6c6d 3d22 6173 7465 7269 736b 222c 206e
0x0220:  6f6e 6365 3d22 3633 3337 6432 6662 220d
0x0230:  0a43 6f6e 7465 6e74 2d4c 656e 6774 683a
0x0240:  2030 0d0a 0d0a

18:26:57.735399 IP (tos 0x0, ttl 64, id 34330, offset 0, flags [none], proto ICMP (1), length 56)
maclap.mydomain > mtvmastrx01.mydomain: ICMP maclap.mydomain udp port 10041 unreachable, length 36
IP (tos 0x60, ttl 127, id 6957, offset 0, flags [none], proto UDP (17), length 610)
mtvmastrx01.mydomain.sip > maclap.mydomain.10041: [no cksum] SIP, length: 582
[|sip]

actwon · March 14, 2012, 2:59pm

Here is the return trip info. 192.168.54.1 is the gateway (which is my firewall)

– begin –

20:36:18.747845 IP (tos 0x0, ttl 127, id 1736, offset 0, flags [none], proto: UDP (17), length: 596) 192.168.54.1.35818 > mtvmastrx01.mydomain.sip: SIP, length: 568
REGISTER sip:sip.mydomain SIP/2.0
Via: SIP/2.0/UDP \000\000\031\000\000\000p\327V\010\000\000\000\000\000\000\000\000giles ni\021\000\000\000\023\322\204\000\300\226>\000turn\021\000\000\000\300\333V\010\260\336V\010\230,[\010!\000\000\000/lib/libnss_files.so.2\000\000\000\000\000\000)\000\000\000/lib\000libnss_files.so.2\000\000\000\000\000\000\000\000\000\000(\000\000\000\031\000\000\000 \330V\010\360\327V\010passwd\000\000\000\000\000\0001\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\001\000\000\000\001\000\000\000\200\327V\010P,[\010files\000\000\000\000\000\000\000!\000\000\000\250\326V\010x\326V\010shadow\000\000\000\000\000\000\000\000\000\000 \000\000\000\021\000\000\000eth0\000\261\207\000\000\000\000\000\351\001\000\000\003\000\000\000\003\000\000\000\000\000\000\000\000\000\000\001\000\000\000\000\000\000\000\002\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\001\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000@\330V\010\000\000\000\000\350\003\000\000\000\000\000\000\000\000\000\000\002\000\000\000\001\000\000\000\000\000\000\000\013\000\000\000\000\000\000\360\326V\010\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000g\012\0100j\012\0100c\012\010@O\012\010\000\000\000\000\340u\012\010\020u\012\010\260Q\012\010\340R\012\010\001\000\000\0008([\010\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000 0x0000: 5245 4749 5354 4552 2073 6970 3a73 6970 0x0010: 2e6d 7465 6b6b 612e 636f 6d20 5349 502f 0x0020: 322e 300d 0a56 6961 3a20 5349 502f 322e 0x0030: 302f 5544 5020 20:36:18.748263 IP (tos 0x60, ttl 64, id 49004, offset 0, flags [none], proto: UDP (17), length: 512) mtvmastrx01.mydomain.sip > 192.168.54.1.35818: SIP, length: 484 SIP/2.0 100 Trying Via: SIP/2.0/UDP 192.168.1.27:41545\000\000\031\000\000\000p\327V\010\000\000\000\000\000\000\000\000giles ni\021\000\000\000\023\322\204\000\300\226>\000turn\021\000\000\000\300\333V\010\260\336V\010\230,[\010!\000\000\000/lib/libnss_files.so.2\000\000\000\000\000\000)\000\000\000/lib\000libnss_files.so.2\000\000\000\000\000\000\000\000\000\000(\000\000\000\031\000\000\000 \330V\010\360\327V\010passwd\000\000\000\000\000\0001\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\001\000\000\000\001\000\000\000\200\327V\010P,[\010files\000\000\000\000\000\000\000!\000\000\000\250\326V\010x\326V\010shadow\000\000\000\000\000\000\000\000\000\000 \000\000\000\021\000\000\000eth0\000\261\207\000\000\000\000\000\351\001\000\000\003\000\000\000\003\000\000\000\000\000\000\000\000\000\000\001\000\000\000\000\000\000\000\002\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\001\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000@\330V\010\000\000\000\000\350\003\000\000\000\000\000\000\000\000\000\000\002\000\000\000\001\000\000\000\000\000\000\000\014\000\000\000\000\000\000\360\326V\010\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000g\012\0100j\012\0100c\012\010@O\012\010\000\000\000\000
0x0000: 5349 502f 322e 3020 3130 3020 5472 7969
0x0010: 6e67 0d0a 5669 613a 2053 4950 2f32 2e30
0x0020: 2f55 4450 2031 3332 2e38 352e 312e 3237
0x0030: 3a34 3135 3435
20:36:18.748359 IP (tos 0x60, ttl 64, id 49005, offset 0, flags [none], proto: UDP (17), length: 609) mtvmastrx01.mydomain.sip > 192.168.54.1.35818: SIP, length: 581
SIP/2.0 401 Unauthorized
Via: SIP/2.0/UDP 192.168.1.27\000\000\031\000\000\000p\327V\010\000\000\000\000\000\000\000\000giles ni\021\000\000\000\023\322\204\000\300\226>\000turn\021\000\000\000\300\333V\010\260\336V\010\230,[\010!\000\000\000/lib/libnss_files.so.2\000\000\000\000\000\000)\000\000\000/lib\000libnss_files.so.2\000\000\000\000\000\000\000\000\000\000(\000\000\000\031\000\000\000 \330V\010\360\327V\010passwd\000\000\000\000\000\0001\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\001\000\000\000\001\000\000\000\200\327V\010P,[\010files\000\000\000\000\000\000\000!\000\000\000\250\326V\010x\326V\010shadow\000\000\000\000\000\000\000\000\000\000 \000\000\000\021\000\000\000eth0\000\261\207\000\000\000\000\000\351\001\000\000\003\000\000\000\003\000\000\000\000\000\000\000\000\000\000\001\000\000\000\000\000\000\000\002\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\001\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000@\330V\010\000\000\000\000\350\003\000\000\000\000\000\000\000\000\000\000\002\000\000\000\001\000\000\000\000\000\000\000\015\000\000\000\000\000\000\360\326V\010\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000g\012\0100j\012\0100c\012\010@O\012\010\000\000\000\000\340u\012\010\020u\012\010\260Q\012\010\340R\012\010\001\000\000\0008([\010\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000 0x0000: 5349 502f 322e 3020 3430 3120 556e 6175 0x0010: 7468 6f72 697a 6564 0d0a 5669 613a 2053 0x0020: 4950 2f32 2e30 2f55 4450 2031 3332 2e38 0x0030: 352e 312e 3237 20:36:18.749802 IP (tos 0x0, ttl 127, id 47035, offset 0, flags [none], proto: ICMP (1), length: 56) 192.168.54.1 > mtvmastrx01.mydomain: ICMP 192.168.54.1 udp port 35818 unreachable, length 36 IP (tos 0x60, ttl 127, id 470, offset 0, flags [none], proto: UDP (17), length: 512) mtvmastrx01.mydomain.sip > 192.168.54.1.35818: [no cksum] SIP, length: 484 a: SIP/2.0/UDP 192.168.1.27\000\000\031\000\000\000p\327V\010\000\000\000\000\000\000\000\000giles ni\021\000\000\000\023\322\204\000\300\226>\000turn\021\000\000\000\300\333V\010\260\336V\010\230,[\010!\000\000\000/lib/libnss_files.so.2\000\000\000\000\000\000)\000\000\000/lib\000libnss_files.so.2\000\000\000\000\000\000\000\000\000\000(\000\000\000\031\000\000\000 \330V\010\360\327V\010passwd\000\000\000\000\000\0001\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\001\000\000\000\001\000\000\000\200\327V\010P,[\010files\000\000\000\000\000\000\000!\000\000\000\250\326V\010x\326V\010shadow\000\000\000\000\000\000\000\000\000\000 \000\000\000\021\000\000\000eth0\000\261\207\000\000\000\000\000\351\001\000\000\003\000\000\000\003\000\000\000\000\000\000\000\000\000\000\001\000\000\000\000\000\000\000\002\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\001\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000@\330V\010\000\000\000\000\350\003\000\000\000\000\000\000\000\000\000\000\002\000\000\000\001\000\000\000\000\000\000\000\016\000\000\000\000\000\000\360\326V\010\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000g\012\0100j\012\0100c\012\010@O\012\010\000\000\000\000\340u\012\010\020u\012\010\260Q\012\010\340R\012\010\001\000\000\0008([\010\000\000\000\000
20:36:18.749803 IP (tos 0x0, ttl 127, id 20095, offset 0, flags [none], proto: ICMP (1), length: 56) 192.168.54.1 > mtvmastrx01.mydomain: ICMP 192.168.54.1 udp port 35818 unreachable, length 36
IP (tos 0x60, ttl 127, id 24622, offset 0, flags [none], proto: UDP (17), length: 609) mtvmastrx01.mydomain.sip > 192.168.54.1.35818: [no cksum] SIP, length: 581
a: SIP/2.0/UDP 192.168.1.27\000\000\031\000\000\000p\327V\010\000\000\000\000\000\000\000\000giles ni\021\000\000\000\023\322\204\000\300\226>\000turn\021\000\000\000\300\333V\010\260\336V\010\230,[\010!\000\000\000/lib/libnss_files.so.2\000\000\000\000\000\000)\000\000\000/lib\000libnss_files.so.2\000\000\000\000\000\000\000\000\000\000(\000\000\000\031\000\000\000 \330V\010\360\327V\010passwd\000\000\000\000\000\0001\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\001\000\000\000\001\000\000\000\200\327V\010P,[\010files\000\000\000\000\000\000\000!\000\000\000\250\326V\010x\326V\010shadow\000\000\000\000\000\000\000\000\000\000 \000\000\000\021\000\000\000eth0\000\261\207\000\000\000\000\000\351\001\000\000\003\000\000\000\003\000\000\000\000\000\000\000\000\000\000\001\000\000\000\000\000\000\000\002\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\001\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000@\330V\010\000\000\000\000\350\003\000\000\000\000\000\000\000\000\000\000\002\000\000\000\001\000\000\000\000\000\000\000\017\000\000\000\000\000\000\360\326V\010\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000`g\012\0100j\012\0100c\012\010@O\012\010\000\000\000\000\340u\012\010\020u\012\010\260Q\012\010\340R\012\010\001\000\000\0008([\010\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000

TimNur · March 14, 2012, 4:26pm

Take a look at the first REGISTER SIP message. From some reason the data for the Contact header field is missing (although the header exists). I think this might confuse the FreePBX server. Please check the definitions in your client.

actwon · March 14, 2012, 7:25pm

…post a tcpdump of what a correct Contact header would look like? I see the field you are talking about. Thanks in advance.

TimNur · March 15, 2012, 6:38am

a Contact header should contain address (including IP) to which future messages should be sent. Since it empty in your case, that might be a problem.

actwon · March 16, 2012, 2:32pm

Thanks for the contact header catch. I need to check my firewall to see why/if it is rewriting the packets improperly. I am using checkpoint firewall. Any experience/ideas in that area?

actwon · May 2, 2012, 3:00am

It’s been a while, but thank you for your help. I upgraded my firewall, but I still have the same problem. Inspecting packets, they contain contact info in the header, but the packets are not getting back to the requesting client. Here is an updated log entry from asterisk -> sip set debug on ; core show verbose 255.

Please help. My Rports are 10000-20000

— Begin Log —

<------------>
[2012-05-01 22:50:31] VERBOSE[3404] chan_sip.c: Scheduling destruction of SIP dialog ‘E50UCoTyMfi4ne4gPhMm3DNuCwPR6aSB’ in 32000 ms (Method: REGISTER)
[2012-05-01 22:50:31] VERBOSE[3404] chan_sip.c: Retransmitting #1 (NAT) to 166.147.xxx.xxx:48908:
OPTIONS sip:[email protected]:34336;ob SIP/2.0
Via: SIP/2.0/UDP 132.xxx.xxx.xxx:5060;branch=z9hG4bK45358ed3;rport
Max-Forwards: 70
From: “Unknown” sip:[email protected];tag=as0b646dc0
To: sip:[email protected]:34336;ob
Contact: sip:[email protected]:5060
Call-ID: [email protected]:5060
CSeq: 102 OPTIONS
User-Agent: FPBX-2.10.0(1.8.8.0)
Date: Wed, 02 May 2012 02:50:30 GMT
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH
Supported: replaces, timer
Content-Length: 0

[2012-05-01 22:50:32] VERBOSE[3404] chan_sip.c: Retransmitting #2 (NAT) to 166.147.xxx.xxx:48908:
OPTIONS sip:[email protected]:34336;ob SIP/2.0
Via: SIP/2.0/UDP 132.xxx.xxx.xxx:5060;branch=z9hG4bK45358ed3;rport
Max-Forwards: 70
From: “Unknown” sip:[email protected];tag=as0b646dc0
To: sip:[email protected]:34336;ob
Contact: sip:[email protected]:5060
Call-ID: [email protected]:5060
CSeq: 102 OPTIONS
User-Agent: FPBX-2.10.0(1.8.8.0)
Date: Wed, 02 May 2012 02:50:30 GMT
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH
Supported: replaces, timer
Content-Length: 0

[2012-05-01 22:50:33] VERBOSE[3404] chan_sip.c: Retransmitting #3 (NAT) to 166.147.xxx.xxx:48908:
OPTIONS sip:[email protected]:34336;ob SIP/2.0
Via: SIP/2.0/UDP 132.xxx.xxx.xxx:5060;branch=z9hG4bK45358ed3;rport
Max-Forwards: 70
From: “Unknown” sip:[email protected];tag=as0b646dc0
To: sip:[email protected]:34336;ob
Contact: sip:[email protected]:5060
Call-ID: [email protected]:5060
CSeq: 102 OPTIONS
User-Agent: FPBX-2.10.0(1.8.8.0)
Date: Wed, 02 May 2012 02:50:30 GMT
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH
Supported: replaces, timer
Content-Length: 0

[2012-05-01 22:50:34] VERBOSE[3404] chan_sip.c: Retransmitting #4 (NAT) to 166.147.xxx.xxx:48908:
OPTIONS sip:[email protected]:34336;ob SIP/2.0
Via: SIP/2.0/UDP 132.xxx.xxx.xxx:5060;branch=z9hG4bK45358ed3;rport
Max-Forwards: 70
From: “Unknown” sip:[email protected];tag=as0b646dc0
To: sip:[email protected]:34336;ob
Contact: sip:[email protected]:5060
Call-ID: [email protected]:5060
CSeq: 102 OPTIONS
User-Agent: FPBX-2.10.0(1.8.8.0)
Date: Wed, 02 May 2012 02:50:30 GMT
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH
Supported: replaces, timer
Content-Length: 0

[2012-05-01 22:50:34] VERBOSE[3404] chan_sip.c: Really destroying SIP dialog ‘[email protected]:5060’ Method: OPTIONS
[2012-05-01 22:50:38] VERBOSE[3404] chan_sip.c: Really destroying SIP dialog ‘XCoUQfNpoNZKdTN8JeEenFYAv.buQP6U’ Method: REGISTER
[2012-05-01 22:50:39] VERBOSE[3404] chan_sip.c: Really destroying SIP dialog ‘YW8L3TdOus6m77gL.xAAW0f7xPqSiJj3’ Method: REGISTER
[2012-05-01 22:50:41] VERBOSE[3404] chan_sip.c:
<— SIP read from UDP:166.147.xxx.xxx:48908 —>
REGISTER sip:sip.mydomain.com SIP/2.0
Via: SIP/2.0/UDP 166.147.xxx.xxx:34336;rport;branch=z9hG4bKPjOKZ93uode9xKg1db-j7h6Wb.FrikHT-F
Max-Forwards: 70
From: “Artic Blue” sip:[email protected];tag=uzuN7-hPNzvGqgPd35KX3m6h7zDr-y6t
To: “Artic Blue” sip:[email protected]
Call-ID: VUcZMNfSSPjB5ZLmNxWsx6QVSV6HeLso
CSeq: 2264 REGISTER
User-Agent: Bria iOS 2.0.5
Contact: “Artic Blue” sip:[email protected]:34336;ob
Expires: 900
Allow: PRACK, INVITE, ACK, BYE, CANCEL, UPDATE, SUBSCRIBE, NOTIFY, REFER, MESSAGE, OPTIONS
Content-Length: 0

<------------->
[2012-05-01 22:50:41] VERBOSE[3404] chan_sip.c: — (12 headers 0 lines) —
[2012-05-01 22:50:41] VERBOSE[3404] chan_sip.c: Sending to 166.147.xxx.xxx:48908 (NAT)
[2012-05-01 22:50:41] VERBOSE[3404] chan_sip.c:
<— Transmitting (NAT) to 166.147.xxx.xxx:48908 —>
SIP/2.0 100 Trying
Via: SIP/2.0/UDP 166.147.xxx.xxx:34336;branch=z9hG4bKPjOKZ93uode9xKg1db-j7h6Wb.FrikHT-F;received=166.147.xxx.xxx;rport=48908
From: “Artic Blue” sip:[email protected];tag=uzuN7-hPNzvGqgPd35KX3m6h7zDr-y6t
To: “Artic Blue” sip:[email protected]
Call-ID: VUcZMNfSSPjB5ZLmNxWsx6QVSV6HeLso
CSeq: 2264 REGISTER
Server: FPBX-2.10.0(1.8.8.0)
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH
Supported: replaces, timer
Content-Length: 0

<------------>
[2012-05-01 22:50:41] VERBOSE[3404] chan_sip.c:
<— Transmitting (NAT) to 166.147.xxx.xxx:48908 —>
SIP/2.0 401 Unauthorized
Via: SIP/2.0/UDP 166.147.xxx.xxx:34336;branch=z9hG4bKPjOKZ93uode9xKg1db-j7h6Wb.FrikHT-F;received=166.147.xxx.xxx;rport=48908
From: “Artic Blue” sip:[email protected];tag=uzuN7-hPNzvGqgPd35KX3m6h7zDr-y6t
To: “Artic Blue” sip:[email protected];tag=as0a184fb2
Call-ID: VUcZMNfSSPjB5ZLmNxWsx6QVSV6HeLso
CSeq: 2264 REGISTER
Server: FPBX-2.10.0(1.8.8.0)
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH
Supported: replaces, timer
WWW-Authenticate: Digest algorithm=MD5, realm=“asterisk”, nonce="42db49fb"
Content-Length: 0

actwon · May 2, 2012, 3:26am

In addition, I see this in the full log:

2012-05-01 22:04:35] NOTICE[4224] chan_sip.c: Correct auth, but based on stale nonce received from '"Artic Blue"sip:[email protected];tag=cd5da901’
WWW-Authenticate: Digest algorithm=MD5, realm=“asterisk”, nonce=“77ef97a6”, stale=true