On Sat, Jul 24, 2010 at 9:25 PM, Ryan Wagoner <rswago...@gmail.com> wrote: > On Sat, Jul 24, 2010 at 12:30 PM, Ryan Wagoner <rswago...@gmail.com> wrote: >> On Sat, Jul 24, 2010 at 12:07 PM, Ryan Wagoner <rswago...@gmail.com> wrote: >>> I haven't been successful in getting this to work. The issue looks to >>> be that Asterisk is wanting peer authentication for the invite request >>> as it sends back 401 Unauthorized. I am using FreePBX 2.7 and have >>> tested both Asterisk 1.6.1.18 and 1.6.2.9. My trunk settings are >>> >>> type=peer >>> transport=tcp >>> qualify=yes >>> insecure=port,invite >>> host=10.10.1.31 >>> context=from-internal >>> >>> Here is snippets of the SIP debug output. I added in the debug "Peer >>> has insecure flags" to see what was happening. >>> >>> INVITE sip:2...@voip.mydomain.net;user=phone SIP/2.0 >>> FROM: >>> ""<sip:2...@exch.testdev.local;user=phone>;epid=079E8F8013;tag=849256682 >>> TO: <sip:2...@voip.mydomain.net;user=phone> >>> ... >>> Sending to 10.10.1.31 : 19219 (no NAT) >>> Using INVITE request as basis request - 5c97e0f0-5456-4b82-a7f4-e7f2adeba338 >>> Found peer '2001' for '2001' from 10.10.1.31:19219 >>> Peer has insecure flags no >>> >>> SIP/2.0 401 Unauthorized >>> >>> Due to Exchange making the call from / to the same valid extension >>> Asterisk is wanting authentication for the 2001. I thought by using >>> host and insecure in the trunk settings if the from address matched >>> the host it would use that as the peer. Alternatively I couldn't find >>> the option to tell Exchange to make the call from a different >>> extension. In looking at an anonymous call Asterisk doesn't have a >>> peer for the from number so it looks in from-sip-external. >>> >>> INVITE sip:1112223...@voip.mydomain.net SIP/2.0 >>> From: "1112223333" <sip:1112223...@voip.remotedomain.com>;tag=as1c8404f3 >>> To: <sip:2223334...@voip.mydomain.net> >>> ... >>> Sending to xxx.xxx.xxx.xxx : 5060 (no NAT) >>> Using INVITE request as basis request - >>> 29989544375bf8a162da163d1d9df...@voip.remotedomain.com >>> No matching peer for '1112223333' from 'xxx.xxx.xxx.xxx:5060' >>> Looking for 2223334444 in from-sip-external (domain voip.mydomain.net) >>> >>> Thanks, >>> Ryan >>> >> >> Looks like I just answered my own question. You can't have a device >> that matches the user extension. With it configured like this the >> invite from won't match a SIP peer and it will default to IP lookup. >> >> Using INVITE request as basis request - 413feda8-186c-4fe1-a82d-eb074be527e1 >> Found peer 'exchange-vm' for '2001' from 10.10.1.31:63436 >> Peer has insecure flags port,invite >> Looking for 2001 in from-internal (domain voip.mydomain.net) >> >> Ryan >> > > There has got to be a better solution to this involving the invite > from field peer domain. It looks like find_peer just matches on the > name and ignores the domain. If domain support is enabled shouldn't we > only find SIP peers if the from domain on the invite matches one in > the list? The sip invites I have looked at from Polycom and Linksys > devices put use...@registrationserver for the from. Or am I missing > something that this would break? > > Ryan >
I have developed a patch that checks the invite from field domain against the domain list when domain support is enabled. https://issues.asterisk.org/view.php?id=17700 Ryan -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users