Can TCL IVR for SIP generate digest authentication responses?
I am trying to use TCL IVR running on our Cisco IAD2431 to send a SIP SUBSCRIBE message to an IMS SIP Proxy to subscribe to SIP registration events. Our Nokia-Siemens IMS Proxy responds to each SUBSCRIBE with a SIP 407 Proxy Authentication Required message containing a Proxy-Authenticate header field containing a long 'nonce' (the challenge), to which the 2431 needs to respond by resending the SUBSCRIBE with Proxy-Authorization header containing a different nonce (the response) which is calculated using the shared secret SIP user password according the standard SIP digest crytographic method, using md5 I believe. Is it possible for the Cisco TCL script to calculate the response using existing TCL crypto packages? I am hoping Joe Clarke can reply, but if anybody else knows the answer to this question, please reply to this post.
The reason we need to do this is that when an IMS subscriber's account is changed in any way, the IMS declares the account de-registered, and will not send new inbound calls to the SIP-UA until it re-registers. The IMS expects all subscriber SIP-UAs to subscribe to registration events, and will then send a NOTIFY whenever the UA is de-registered. Currently, our subscriber provisioning systems may change a subscriber account for a variety of reasons, such as adding a new block of phone numbers to the PBX behind the 2431, and the people who do so do not have the ability to log into the 2431 and manually force a re-registration. To avoid outages in such instances requires time-consuming coordination and manual action from our Operations people to force re-registration. So we are trying to build a TCL IVR/EEM script to send the SUBSCRIBE, including the digest auth response, and then wait for NOTIFY messages, and then using the CLI to re-initialize the 2431's sip-ua registrar configuration, causing a new registration. But without the crypto piece, we may have trouble getting this to work without security issues. Please let me know if you know whether this capability exists within existing Cisco TCL or C packages.
[toc:faq]The ProblemOn traditional switches whenever we have a trunk
interface we use the VLAN tag to demultiplex the VLANs. The switch needs
to determine which MAC Address table to look in for a forwarding
decision. To do this we require the switch to do...
[toc:faq]Introduction:Netdr is a tool available on a RSP720, Sup720 or
Sup32 that allows one to capture packets on the RP or SP inband. The
netdr command can be used to capture both Tx and Rx packets in the
software switching path. This is not a substitut...
IntroductionOSPF, being a link-state protocol, allows for every router
in the network to know of every link and OSPF speaker in the entire
network. From this picture each router independently runs the Shortest
Path First (SPF) algorithm to determine the b...