SIP trunk incoming callto CUCM 7.1.5 - authorization problem.

Unanswered Question
Aug 12th, 2011

Hi everybody.

Just run into the strange problem - if SIP trunk uses digest authentification then CUCM 7.1.5 behavesin a strange way.

Incoming call goes like that:

1st invite goes without digest credentials.

After "401 Unauthorized" goes ACK and INVITE with all needed credentials.

But after that again goes "401 Unauthorized" !

INVITE sip:200@10.1.1.221 SIP/2.0

               SIP/2.0 100 Trying

               SIP/2.0 401 Unauthorized  WWW-Authenticate: Digest realm="BOINC" ...

ACK sip:200@10.1.1.221 SIP/2.0

INVITE sip:200@10.1.1.221 SIP/2.0

Authorization:  Digest username="cucm71",realm="BOINC",nonce=......

               SIP/2.0 100 Trying

               SIP/2.0 401 Unauthorized

ACK sip:200@10.1.1.221 SIP/2.0

I checked in the CUCM trace and found that digest user is not found

08/12/2011 13:02:05.005 CCM|ProcessSIPSecurity - can't find user cucm71 in the user table . Authorization fail.


But "cucm71" user is there.

appl_user.JPG

If no digest authentification is used then, of course, incoming calls are OK.

With CUCM 6.1 I never have such problem.

Any clue?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 0 (0 ratings)
mitchell.drage Sat, 04/21/2012 - 05:39

Any chance you got this to work?

I am having a similar problem where I have the application user configured and it denies me:

SIP/2.0 404 Not Found

Via: SIP/2.0/UDP 10.1.100.1:5060;branch=z9hG4bKF41929

From: ;tag=74004330-1049

To: ;tag=1504004667

Date: Sat, 21 Apr 2012 12:34:05 GMT

Call-ID: B2EB9BA8-8AE411E1-887EF97A-F80FE12A

CSeq: 5 REGISTER

Warning: 399 CUCMPUB "Unable to find device/user in database"

Content-Length: 0

sip-ua

credentials username SIPTEST password 7 ********* realm test

retry invite 2

retry register 10

timers connect 100

registrar ipv4:10.1.10.100 expires 3600

sip-server ipv4:10.1.10.100

host-registrar

Regards,

Mitch

murzilla1 Tue, 04/24/2012 - 02:35

I did manage it.

It was my negligence - you should manage "Digest Credentials" for this Application User not onle name and password! And your SIP trunk should use name and digest credentials configured.

mitchell.drage Tue, 04/24/2012 - 04:54

Yeah I noticed that yesterday from your image.

I think my problem is caused by something else despite following the cisco guide to the tee.

I'll start a new thread rather than continue from yours.

Good to hear you found a solution for your problem.

Actions

Login or Register to take actions

This Discussion

Posted August 12, 2011 at 4:39 AM
Stats:
Replies:3 Avg. Rating:
Views:2040 Votes:0
Shares:0

Related Content

Discussions Leaderboard

Rank Username Points
1 21,026
2 15,047
3 10,314
4 7,999
5 4,856
Rank Username Points
135
90
72
66
55