Weird issue, only with registers. Sometimes when I start ser (and openser, same issue with both) my test phone (behind nat) will not register allways getting 401 unauthorized back. But wait a minute and it will register (without resetting ser or the phone).
Is this a built in feature or a bug (it only happens when I reset ser/openser after 60 seconds the server and phone behave normally).
Got me stumped as the configs on the phone and ser don't change.
REGISTER sip:XX.XX.XX.XX SIP/2.0. Via: SIP/2.0/UDP 192.168.10.25:5060. From: sip:2959770500@XX.XX.XX.XX;user=phone;tag=1886287424. To: sip:2959770500@XX.XX.XX.XX;user=phone. Call-ID: 147690828@192.168.10.25. CSeq: 1 REGISTER. Contact: Nathan Gross sip:2959770500@192.168.10.25:5060;user=phone;transport=udp;expires=60. User-Agent: Cisco-CP7905/1.02-040406A. Allow: ACK, BYE, CANCEL, INVITE, NOTIFY, OPTIONS, REFER, REGISTER. Content-Length: 0.
SIP/2.0 401 Unauthorized. Via: SIP/2.0/UDP 192.168.10.25:5060;rport=62686;received=YY.YY.YY.YY. From: sip:2959770500@XX.XX.XX.XX;user=phone;tag=1886287424. To: sip:2959770500@XX.XX.XX.XX;user=phone;tag=264d52ef5b2f408fc315ea210b15c82e .5681. Call-ID: 147690828@192.168.10.25. CSeq: 1 REGISTER. WWW-Authenticate: Digest realm="XX.XX.XX.XX", nonce="42b9e43447292eaaa08c9b86dcc1e23344ac3c6a", qop="auth". Content-Length: 0.
Thank You
Anthony Dean Network Design & Support Tristar Communications
This correspondence is considered confidential and any reproduction for the purpose of public disclosure is forbidden without written permission by the author signed above. If you are not the intended recipient, please immediately notify the sender and delete any copies.
If you are responding to this e-mail, please append or attach all previous correspondence as a point of reference.
On 22-06-2005 18:17, Anthony Dean wrote:
Weird issue, only with registers. Sometimes when I start ser (and openser, same issue with both) my test phone (behind nat) will not register allways getting 401 unauthorized back. But wait a minute and it will register (without resetting ser or the phone).
Is this a built in feature or a bug (it only happens when I reset ser/openser after 60 seconds the server and phone behave normally).
SER generates a random string to "seed" nonce value in digest challenge. The random string is generated each time you restart SER. That means if a user agent sends credentials generated by SER before restart they will be not valid for restarted SER because the random string will be different.
You can use secret parameter of auth module to change this behavior. If you specify the random string manually then random generator will not be used and digest credentials will be valid after restarts.
The messages below are not related to the problem, because REGISTER message does not contain digest credentials.
Jan.
Got me stumped as the configs on the phone and ser don't change.
REGISTER sip:XX.XX.XX.XX SIP/2.0. Via: SIP/2.0/UDP 192.168.10.25:5060. From: sip:2959770500@XX.XX.XX.XX;user=phone;tag=1886287424. To: sip:2959770500@XX.XX.XX.XX;user=phone. Call-ID: 147690828@192.168.10.25. CSeq: 1 REGISTER. Contact: Nathan Gross sip:2959770500@192.168.10.25:5060;user=phone;transport=udp;expires=60. User-Agent: Cisco-CP7905/1.02-040406A. Allow: ACK, BYE, CANCEL, INVITE, NOTIFY, OPTIONS, REFER, REGISTER. Content-Length: 0.
SIP/2.0 401 Unauthorized. Via: SIP/2.0/UDP 192.168.10.25:5060;rport=62686;received=YY.YY.YY.YY. From: sip:2959770500@XX.XX.XX.XX;user=phone;tag=1886287424. To: sip:2959770500@XX.XX.XX.XX;user=phone;tag=264d52ef5b2f408fc315ea210b15c82e .5681. Call-ID: 147690828@192.168.10.25. CSeq: 1 REGISTER. WWW-Authenticate: Digest realm="XX.XX.XX.XX", nonce="42b9e43447292eaaa08c9b86dcc1e23344ac3c6a", qop="auth". Content-Length: 0.
Thank You
Anthony Dean Network Design & Support Tristar Communications
This correspondence is considered confidential and any reproduction for the purpose of public disclosure is forbidden without written permission by the author signed above. If you are not the intended recipient, please immediately notify the sender and delete any copies.
If you are responding to this e-mail, please append or attach all previous correspondence as a point of reference.
Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
-
Anthony Dean -
Jan Janak