[OpenSIPS-Users] FW: Re: 401 Unauthorized after Authentication Digest

David Peláez dvlux4 at gmail.com
Fri Jun 2 05:56:12 EDT 2017

Thanks a lot for your replay. I already change the option "insecure=INVITE"
as you suggested but I am still having the same problem. Find attached the
peer configuration maybe I am missing something else.

About opensips authenticating calls from SIPphones how do I disabled that
behavior? because my opensips sends an 407 Proxy Authentication to the Sip
phone before sending the INVITE to asterisk server.

Best regards

On Wed, May 31, 2017, 10:50 John Quick <john.quick at smartvox.co.uk> wrote:

> From: John Quick [mailto:john.quick at smartvox.co.uk]
> Sent: 31 May 2017 09:49
> To: 'users at lists.opensips.org' <users at lists.opensips.org>
> Subject: Re: [OpenSIPS-Users] 401 Unauthorized after Authentication Digest
> Hi David,
> In the scenario you describe, I would expect to see one of the following
> solutions (but not both at the same time):
> 1. OpenSIPS acts as the registrar for the SIP phones. Calls (INVITE
> requests) from SIP phones are routed on via a SIP trunk 2. OpenSIPS acts as
> a transparent proxy in front of another SIP server such as Asterisk
> Scenario 1 is the most common. OpenSIPS authenticates calls based on a list
> of credentials that it holds, normally in the subscriber table. In this
> case, you really want to avoid the situation where each outbound call
> triggers an additional authentication request from the SIP trunk. Can you
> re-configure your Asterisk endpoint so it trusts INVITE requests coming
> from
> your OpenSIPS server? E.g. add the line insecure=INVITE to the sip peer
> definition.
> In scenario 2, which I would not consider to be the preferred solution,
> OpenSIPS just passes the SIP messages between the phone and the Asterisk
> server - in both directions. OpenSIPS does not authenticate calls because
> that job is done by the Asterisk server and all the credentials are held by
> Asterisk, not by OpenSIPS. In this case the 401 request would just be
> passed
> upstream to the phone.
> Try to avoid the situation where OpenSIPS is authenticating the INVITE from
> the SIP phones using its own list of credentials, but then it also has to
> authenticate each call sent over the SIP trunk. In theory you could use the
> UAC_AUTH module of OpenSIPS to do this, but in practice I have never been
> able to make this work because it breaks the CSeq numbering sequence of the
> SIP request messages.
> John Quick
> Smartvox Limited
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20170602/dd98cf7b/attachment-0001.html>

More information about the Users mailing list