On Wed, Feb 2, 2011 at 5:14 PM, Jan Teichmann <jan.teichm...@googlemail.com> wrote: > I have a problem using Ekiga. I set-up an ekiga.net account and calling > the echo service works fine. > > When I try to call a SIP uri I get the message "security check failed" > > From the log I get: > > SIP/2.0 403 No relaying > CSeq: 1 INVITE > Via: SIP/2.0/UDP > 10.62.***.***:5060;branch=z9hG4bKe284eb70-4b2d-e011-9824-***;rport=5060 > Server: Sip EXpress router (0.9.7 (i386/linux)) > From: "Jan Teichmann" > <sip:jan@10.62.***.***:5060>;tag=0e40d770-4b2d-e011-9824-*** > Call-ID: 4c48d770-4b2d-e011-9824-001cbf3d1cf3@fedora14 > To: <sip:***@bluesip.de>;tag=0354a2e1b960c9cc2279eca4e5f84e20.7c75 > Warning: 392 217.74.***.***:5060 "Noisy feedback tells: pid=28716 > req_src_ip=80.71.***.*** req_src_port=5060 in_uri=sip:***@bluesip.de > out_uri=sip:***@bluesip.de via_cnt==1" > Content-Length: 0 > > > what does that mean and how can I fix that?
It depends on who are you calling and what is your setup. Do you have a bluesip.de account configured? Are you using an outbound proxy (doesn't seem so - no Route headers)? Is the number you are trying to call a PSTN number or a SIP address? Did the server asked to authenticate before giving that 403 (given the CSeq value of 1 I guess no)? 403 Forbidden is usually returned when the call fails to meet security restrictions on the other end (hence "security check failed" in the GUI), eg, you are trying to call a PSTN number but your account doesn't allow PC to phone calls. Also, many test numbers (echo test etc) are usually restricted to the customers of the SIP provider in question, regardless of whether it's free VoIP only, or offers PC to phone calls. "No relaying" instead of the usual "Forbidden" in the response kind-of implies that the server giving you the 403 thinks that you are trying to use it as a relay, that is, the callee is outside of it's administrative domain. This is forbidden by some SIP providers. One thing of notice in the above log snippet is that there is an IP address in the From: address. Some SIP providers use the From: address in addition to authentication for access checks. Which is a bit silly as From is not required to contain a SIP address at all and is trivial to fake. In your case, it could be that the proxy expects from to contain something like sip:j...@bluesip.de as the From address, that is, for you to have a bluesip.de account. So, in short, there are many options of what's the problem. If you're just trying to call someone who has a bluesip.de account, I suggest you to ask that person to complain to bluesip.de that he/she is not reachable for users using other SIP providers. Heck, it should work with no provider at all. Cheers, --- Ian _______________________________________________ ekiga-list mailing list ekiga-list@gnome.org http://mail.gnome.org/mailman/listinfo/ekiga-list