On Wednesday 15 July 2015 16:42:31 Ben Fitzgerald wrote:
Hi, I've been following this integration tutorial http://kb.asipto.com/asterisk:realtime:kamailio-4.0.x-asterisk-11.3.0-astdb and have a successful registration and I can even make calls through my asterisk box.
However what is unusual to me is that every time a phone registers with Kamailio, that is forwarded to Asterisk (as expected), yet Asterisk replies with 401 Unauthorized. Oddly enough the phone registers and can still make calls. What worries me is that as we scale to 100's of cps, this seemingly erroneous message may slow down Asterisk because it's trying to handle authentication for users which have already been authenticated by Kamailio. If this behavior is expected, then that would be good to know as well.
[...]
=========================
sip.conf for kamailio trunk:
[kamailio-inbound] type=friend dtmfmode=auto host=kamailioIP allow=all context=sipout insecure=port,invite canreinvite=no
Asterisk is a bit strange in figuring out which peer to use, this peer definition is not used in the way you think, see default sip.conf:
;------- Naming devices ------------------------------------------------------ ; ; When naming devices, make sure you understand how Asterisk matches calls ; that come in. ; 1. Asterisk checks the SIP From: address username and matches against ; names of devices with type=user ; The name is the text between square brackets [name] ; 2. Asterisk checks the From: addres and matches the list of devices ; with a type=peer ; 3. Asterisk checks the IP address (and port number) that the INVITE ; was sent from and matches against any devices with type=peer ; ; Don't mix extensions with the names of the devices. Devices need a unique ; name. The device name is *not* used as phone numbers. Phone numbers are ; anything you declare as an extension in the dialplan (extensions.conf). ; ; When setting up trunks, make sure there's no risk that any From: username ; (caller ID) will match any of your device names, because then Asterisk ; might match the wrong device. ;
You need to make sure the secret for users is empty in the view asterisk has on the usertable shared with kamailio.
It is explained with a bright yellow explamation mark on the kb url:
sipusers is the standard table required by Asterisk to store SIP user profile, with one extra column sippasswd where will be stored the password for SIP authentication. By default, Asterisk uses the column secret for SIP user password, but if that is filled in, Asterisk will ask for authentication again, resulting in double-authentication which we want to avoid.
sipregs is used to store SIP registrations. Registrations can be stored in sipusers tables as well, in case you do not want a separate table. Just omit the appropriate entry in /etc/asterisk/extconfig.conf.