> Hey all > > I am trying to register a PJSIP server on our office to an Asterisk 11 > chan_sip server in a datacenter. > > I keep getting > WARNING[18084]: res_pjsip_outbound_authenticator_digest.c:178 > digest_create_request_with_auth_from_old: Host: 'XXX.XXX.XXX.XXX:5060': > Unable to create request with auth. No auth credentials for realm(s) > 'asterisk' in challenge. > > Any insights would be appreciated I have been banging my head forseveral> days now.I ran into a very similar problem when I tried to switch my PJSIP service with Vitelity from "fixed IP address" to "registration-based". I would try to place a call, and it would simply time out and then get a "busy here" error from Vitelity. Calls to a similar Vitelity sub-account from a Zoiper soft-phone worked just fine. I wiresharked the sessions and found that the critical difference seemed to be in the From: and Contact: headers. Zoiper set these to the Vitelity sub-account name (the registration name) while PJSIP just set them to "asterisk". I checked the PJSIP wizard file, and found that the outbound authentication object had the right username information in it, so that wasn't the problem. After stumbling around for hours, I found that it's necessary to set the "from_user" parameter in the endpoint object to match the username in the outbound authentication object. This causes PJSIP to send this value (rather than "asterisk") in the From and Contact fields of the INVITE, and this apparently gives the far end the information it needs to issue a proper credentials challenge. Once I added this one line to my definition and restarted, outbound calls worked like a charm. So, in pjsip_wizard, one would write something like [peername] type = wizard transport = transport-udp remote_hosts = outbound.peer.com sends_auth = yes endpoint/context = outbound endpoint/from_user = MYNAME outbound_auth/username = MYNAME outbound_auth/password = MYPASSWORD Modify and embellish as required. If you're writing your PJSIP objects individually rather than via the wizard, just set the fields in those objects appropriately.
Bryant Zimmerman
2017-Sep-26 20:46 UTC
[asterisk-users] Asterisk pjsip registration issues - Solved
Dave from_user fixed the issue. Thank You Thank You Thank You I was about ready to chuck pjsip. The lack of good / complete documentation is a real problem. Man you saved me another late night. Thanks Bryant ---------------------------------------- From: "Dave Platt" <dplatt at radagast.org> Sent: Tuesday, September 26, 2017 3:28 PM To: asterisk-users at lists.digium.com Subject: Re: [asterisk-users] Asterisk pjsip registration issues> Hey all > > I am trying to register a PJSIP server on our office to an Asterisk 11 > chan_sip server in a datacenter. > > I keep getting > WARNING[18084]: res_pjsip_outbound_authenticator_digest.c:178 > digest_create_request_with_auth_from_old: Host: 'XXX.XXX.XXX.XXX:5060': > Unable to create request with auth. No auth credentials for realm(s) > 'asterisk' in challenge. > > Any insights would be appreciated I have been banging my head forseveral> days now.I ran into a very similar problem when I tried to switch my PJSIP service with Vitelity from "fixed IP address" to "registration-based". I would try to place a call, and it would simply time out and then get a "busy here" error from Vitelity. Calls to a similar Vitelity sub-account from a Zoiper soft-phone worked just fine. I wiresharked the sessions and found that the critical difference seemed to be in the From: and Contact: headers. Zoiper set these to the Vitelity sub-account name (the registration name) while PJSIP just set them to "asterisk". I checked the PJSIP wizard file, and found that the outbound authentication object had the right username information in it, so that wasn't the problem. After stumbling around for hours, I found that it's necessary to set the "from_user" parameter in the endpoint object to match the username in the outbound authentication object. This causes PJSIP to send this value (rather than "asterisk") in the From and Contact fields of the INVITE, and this apparently gives the far end the information it needs to issue a proper credentials challenge. Once I added this one line to my definition and restarted, outbound calls worked like a charm. So, in pjsip_wizard, one would write something like [peername] type = wizard transport = transport-udp remote_hosts = outbound.peer.com sends_auth = yes endpoint/context = outbound endpoint/from_user = MYNAME outbound_auth/username = MYNAME outbound_auth/password = MYPASSWORD Modify and embellish as required. If you're writing your PJSIP objects individually rather than via the wizard, just set the fields in those objects appropriately. -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- Check out the new Asterisk community forum at: https://community.asterisk.org/ New to Asterisk? Start here: https://wiki.asterisk.org/wiki/display/AST/Getting+Started asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20170926/d0dd991f/attachment.html>