cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
592
Views
0
Helpful
2
Replies

ATA - unauthorized with SIP Proxy Server

lkc
Level 1
Level 1

I have got a major problem with my ATA and SIP Proxy Server setup. Whenever i try to enable authentication on the proxy server my ATA registrations drop immediately.

My protocol analyzer shows me that the registration is getting a 401 unauthorized (although the user is registered within the CSPS). Should i not get a 407 BTW from a proxy server when i'm being denied authentication ??

My ATA setup is pretty simple (using UID0 and PWD0), UseLoginID set to 0.

The error.log on the CSPS tells me that:

[Sat Mar 20 15:26:39 2004] mod_sip_authen.c(837) Digest

aff57e1b652bd5a5af59cf52d0a87fbc, Response f1857a54cbcef3d7127521a0d6ed220a

[Sat Mar 20 15:27:10 2004] mod_sip_authen.c(254) Auth: can't get domain for

user 88273888 in the AUTHORIZATION header. Try to get it from the FROM header

instead.

[Sat Mar 20 15:27:10 2004] mod_sip_authen.c(278) Auth: got domain for user

88273888 in the FROM header: flubber.no

[Sat Mar 20 15:27:10 2004] mod_sip_authen.c(811) HA1 is

e174c9bcc2586ea49b7b685c37951472

[Sat Mar 20 15:27:10 2004] mod_sip_authen.c(822) qop is auth-int, HEntity is

d41d8cd98f00b204e9800998ecf8427e

[Sat Mar 20 15:27:10 2004] mod_sip_authen.c(837) Digest

f83d3d907c8c8191e1652c283a44b96e, Response 681429e1babeae7ef78ee6a372e7df8f

[Sat Mar 20 15:27:10 2004] mod_sip_authen.c(811) HA1 is

e174c9bcc2586ea49b7b685c37951472

[Sat Mar 20 15:27:10 2004] mod_sip_authen.c(822) qop is auth-int, HEntity is

d41d8cd98f00b204e9800998ecf8427e

[Sat Mar 20 15:27:10 2004] mod_sip_authen.c(837) Digest

e328ee4113dd376943864df5e6b09db9, Response f27ab799ff0785477df85311328069b1

X-lite registers just fine !

I have never seen that before !

Any hints or pointers here ? Since i cannot seem to find the solution anywhere (apart from disabling authentication which i do not want to do:-))

Regards

Lasse

2 Replies 2

adesalu
Cisco Employee
Cisco Employee

Not quite sure yet why CSPS is rejcting the registration. It is correct though for the CSPS to send a 401 response. 407 messages are sent when authenticating an INVITE message and not a REGISTER message.

At first glance it looks like the ATA is doing the right thing and sending the requested credentials back in the register message sent after receiving the 401.

Any chance we can get the sniffer trace for a good registration with Authentication?

Also, as a sanity check, please verify that the password that you defined in CSPS matches the password on the ATA

Ademola

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: