Turn off Digest Authentication?

fgtrixbox · September 22, 2007, 9:35pm

Hi all…

Is there a way to turn off digest authentication on INBOUND calls to the PBX ?

I am failing inbounds only due to Response Code: : [407] – Client-Error - Proxy Authentication Required

I have set incoming setting in TRUNKS to register=no but that didnt help.

Any ideas ??

Thanks

plindheimer · September 22, 2007, 11:54pm

you could allow anonymous sip calls and then any call will be allowed in, not sure if that is what you are trying to do but if it is, it is set in the General Screen of the GUI interface.

Philippe Lindheimer - FreePBX Project Lead
http//freepbx.org - IRC #freepbx

fgtrixbox · September 23, 2007, 6:12pm

Thanks Philippe I have tried doing that but it still does not seem to work.

For some reason the key being sent for MD5 authentication by the PBX seems too short and the call is being rejected.

This is for individual call setup and not the initial SIP trunk registration. The SIP trunk is registered fine its just the re-authentication of the inbound call that fails. I allow 6 sessions on this SIP trunk.

Thanks
Frank

fgtrixbox · October 14, 2007, 3:32pm

Philippe,

Here is the response from Trixbox to an inbound SIP call:

SIP
Version: SIP/2.0
Response Code: : [407] – Client-Error - Proxy Authentication Required
Commentry: = Proxy Authentication Required
Parameters:
To [To] :
Address: <sip:CALL-ED [email protected]>
Tag Label: SDmklpc99-as01a48112
From [From] :
Address: <sip:CALLING PARTY [email protected]>
Tag Label: test_tag_0008404336
Call-ID [Call-ID] : 9010132911-5656354766482911-11-9468110122
Command-Sequence [CSeq] :
Sequence Number: 1235
Method: INVITE
Via [Via] :
Transport: SIP/2.0/UDP
Sent-By: 10.248.XX.XXX
Port-Number :5060
Via-Parameters branch=z9hG4bK_brancha_0023441516
User-Agent [User-Agent] :
Product: Asterisk
Product: PBX
Allow [Allow] :
Method(s): INVITE,
Method(s): ACK,
Method(s): CANCEL,
Method(s): OPTIONS,
Method(s): BYE,
Method(s): REFER,
Method(s): SUBSCRIBE,
Method(s): NOTIFY
Proxy-Authenticate [Proxy-Authenticate] :
Auth-Scheme: Digest
auth-param: algorithm=MD5,
Credentials: realm=“asterisk”,
auth-param: nonce="17784595"
Content-Length [Content-Length] :
Length: 0

I have allowed annonymous inbound calls from the general page.
I still have not found a way to stop the authorization requests.

I appreciate any and all ideas…

Thanks
Frank

plindheimer · October 14, 2007, 4:03pm

If Asterisk is requesting authentication then it may be that you have a sip configuration setup somewhere from the same host requiring authentication. The call will only end up flowing through the anonymous path if no other context can be found that would match with the originating caller’s IP. So check you other sip configurations.

Philippe Lindheimer - FreePBX Project Lead
http//freepbx.org - IRC #freepbx

jackmartin_sz · April 28, 2008, 11:36pm

it’s happening the same to me.
i allow anon calls, and still i get the same 407 error on a specified trunk.
one thing i see is that on the logs there is a line:
To: sip:[email protected]

where that is the contact they receive from me.
the strange thing is that “s”

any ideas why the auth is failing?

frido · March 6, 2009, 5:37pm

That’s it! Thanks (I was pulling my hear for two days)! But…

… if I remove username and secret from PEER Details section, then I can’t make a call out, but I can receive calls. Is there any way to define that I don’t want authentication requests only for incoming calls.

Thank you for help