John Lange
2005-May-31 10:30 UTC
[Asterisk-Users] SIP Authentication problem between Cisco router and Asterisk when calls are forwarded
We are using a Cisco router with a T1 card plugged into a PRI provided by a local telco (Allstream). This Cisco accepts calls and sends them to a couple of servers running Asterisk depending on which number was dialled. But there is a problem. When a call comes in to the Cisco from the PSTN it sends it to the Asterisk server something like this: FROM: 204XXXXXXX@<CISCO IP> TO: 204NNNNNNN@<Asterisk IP> Normally, this is no problem. The user 204XXXXXXX does not exist on the Asterisk server because it is the callerid of someone on the PSTN. However, if a number on the PSTN is forwarded to a number on the Asterisk server, and then someone else on the Asterisk server calls the PSTN number, the call appears at the Asterisk server as being from a local caller and it is rejected because it has no username/password. I know, its confusing. So let me try and simplify. Lets say 204 791 2345 is my cell phone. And 204 885 0872 is my office phone. When I get into the office, I forward my cell to my office phone to save airtime. So 204 791 2345 is forwarded to 204 885 0872. A random outside caller (204 123 4567) phones my cell (204 791 2345), which is forwarded to 204 885 0872. No problem, the calls appears at the Asterisk server as "FROM: 2041234567@<CISCO IP>". Since 2041234567 is not a user on the Asterisk system it falls through to the default context and no username/password is required. However, if someone on a VoIP phone (lets say 204 444 5555) connected to the Asterisk server calls my cell, the Asterisk server rightly believes the call is destined for the PSTN and routes it to the Cisco which sends it out to the PSTN where it promptly comes back in the PRI (because of the forwarding) and is returned back to the Asterisk box. The problem is, the from is now "FROM: 2044445555@<CISCO IP>", and 2044445555 *IS* a valid user on the Asterisk box so Asterisk tries to authenticate the user. The Cisco of course knows nothing about the username/password for that user and the call gets rejected. I am not a Cisco person; so the question is, is it possible to have one of the following: 1) Have asterisk lock onto the IP address of the FROM instead of the userid portion? 2) Have the Cisco authenticate (register) as a SIP client to the Asterisk server. This allows me to place the Cisco in its own context. 3) Have the Cisco override the "FROM" portion inserting its own information but still passing the correct callerID information? 4) another suggestion? Thanks, -- John Lange President OpenIT ltd. www.Open-IT.ca (204) 885 0872 VoIP, Web services, Linux Consulting, Server Co-Location
Olle E. Johansson
2005-May-31 13:00 UTC
[Asterisk-Users] SIP Authentication problem between Cisco router and Asterisk when calls are forwarded
I think good practise is * Not confuse [peer] names in sip.conf with extension numbers (as you have learned). Extensions will match several peers some times, and when using trunks, it will cause problems. It is also much easier if the peer is a name and an extension is a number. (But I might be a confused person... :-) * Do not use "-" hyphens in peer names (will confuse some hint/device management for manager and sip subscriptions You might also want to add a peer as the *last* entry in SIP conf with a host= entry that matches the IP of the peers SIP proxy. THat way, we'll match that one on IP number. But of course, if you have users with the same user name part before the @, we will match (as you've noticed). Any others that have recommendations on naming peers and users? Good luck! /Olle ---- Astricon - the Asterisk User's conference - Madrid June 15-17 http://www.astricon.net/europe/ - Register today!
Reasonably Related Threads
- Re: [cisco-voip] SIP Authentication problem between Cisco router and Asterisk when calls are forwarded
- Phantom (ghost) Calls with Wildcard TDM400P
- Interrupting voicemail with "*", dropping to "a" extension. Does it work?
- Canadian Association of VoIP Providers
- Javascript source client