On 18-02 09:51, Alan Litster wrote:
Marian,
When you say to use authentication between server are you suggesting that the proxy that the users are hanging off authenticates all INVITE requests before forwarding them onto the proxy that controls access to the gateway? Or are you referring to some form of proxy to proxy authentication mechanism? If so what is it, as I've never come across one before and would be very interested in knowing more about it. I think using IPSEC/TLS is a little heavy duty for our needs. We require some means of verifying the identity of the remote SIP proxy that does not go by source IP address.
The problem here is that SER cannot respond to digest challenge. Therefore you cannot use digest authentication between the proxies.
If your PSTN gateway supports digest authentication, then you could possibly configure it with the credentials of the remote SIP proxy and the proxy which is "close" to the gateway would just forward the digest challenge to the pstn (401/407).
Jan.