I forget to mention, the nat device is in front of the Kamailio servers, not the endpoints.


On Fri, Feb 28, 2014 at 6:22 PM, Marc Soda <msoda@coredial.com> wrote:
I have a Kamailio server setup which is registers to a back end server on behalf of endpoints.  The endpoints can register to Kamailio but Kamailio is failing to register to the server when I put a NAT device in front of it.  Without the NAT device it works fine.

The problem is the 401 that comes back seems to be ignored by Kamailio.  I have a failure route setup to auth, but it is never hit.  I see the 401 in onrely_route, but not the failure_route.  I'm assuming it's a NAT issue because removing the device fixes the issue.

Anyone have any ideas?

The 401 being ignored:

SIP/2.0 401 Unauthorized
Via: SIP/2.0/UDP 10.0.10.11;branch=z9hG4bKe5d6.178378f7.0;received=198.XXX.XXX.XXX
Via: SIP/2.0/UDP 127.0.0.1:12354;rport=6545;received=198.XXX.YYY.YYY;branch=z9hG4bK-1879-1-3
From: <sip:sip7878_spqa@64.YYY.YYY.YYY>;tag=1
To: <sip:sip7878_spqa@64.YYY.YYY.YYY>;tag=as00e32130
CSeq: 2 REGISTER
User-Agent: CoreDialPBX
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO
Supported: replaces
WWW-Authenticate: Digest algorithm=MD5, realm="fe-c7c5-9o.domain.com", nonce="151e4f60"
Content-Length: 0

Thanks,
Marc



--

Marc Soda, Sr. Systems Engineer
CoreDial, LLC | www.coredial.com

1787 Sentry Parkway West, Building 16, Suite 100, Blue Bell, PA 19422
Office: (215) 297-4400 x203 | Fax: (215) 297-4401 | Email: msoda@coredial.com

- - - - -

The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission,  dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer.