12-30-2013 10:02 AM - edited 03-16-2019 09:02 PM
Hello,
I have implemented a VoIP gateway with a 2901 cisco and a VWIC3 module. In the IP network I have an Asterisk PBX. In the PSTN I have a E1 primary trunk.
I'd like that all the calls from Asterisk to PSTN were authenticated (with SIP digest)
I have tried using the "authentication" in "dial-peer", but the calls are processed without authentication.
Any idea?
dial-peer voice 2 voip
description outbound calls from Asterisk (inbound leg)
session protocol sipv2
incoming called-number .
voice-class codec 1
dtmf-relay rtp-nte
authentication username dpinedo password 7 1248574446 realm asterisk --> doesn't work
no vad
dial-peer voice 4 pots
description outbound calls from Asterisk (outbound leg)
destination-pattern .
port 0/0/0:15
01-02-2014 08:58 AM
I think the problem I'm having is because I have also defined the reverse route (calls from PSTN to Asterisk), informing the Asterisk IP address in the "session target". So the IP is added to the "trusted list" and no authentication is required.
Does any one know how to force the digest authentication (as Asterisk does for SIP trunks type peer)?
01-02-2014 09:28 AM
Hi David.
Remove authentication under dial-peer and use authentication under sip-ua
sip-ua
authentication username dpinedo password 7 1248574446 realm asterisk <<---- For outbound
credentials username dpinedo password 7 1248574446 realm asterisk
Than send the output of a show sip-ua register status and a debug ccsip messeges during an oubound call
HTH
Regards
Carlo
Please rate all helpful posts
"The more you help the more you learn"
01-08-2014 04:55 AM
Hello Carlo,
I have tried with authentication in sip-ua also, with the same result.
The "show sip-ua register status" returns "Registrar is not configured", which is correct, because I don't want the Cisco to be registered on any Registrar.
What I'd like is that the calls originated from my Asterisk PBX were authenticated before to go out to PSTN
Asterisk ----SIP INVITE----> Cisco
Asterisk <--- Challenge ----- Cisco
Asterisk ---Authentication-->Cisco ---- SETUP---->PSTN
But the problem is that the Cisco never Challenges the Asterisk (After receive the SIP Invite, the Cisco sends the 100 trying, then the 183 session progress, and then the call is established).
Maybe I'm missunderstunding somethinb because the only way I have found to get the calls from Asterisk to PSTN to work (without authentication) was informing the session target with the Asterisk IP in the dial-peer corresponding to the inbound leg, as follows:
dial-peer voice 2 voip
description calls from Asterisk (inbound leg)
session protocol sipv2
session target ipv4:89.1.23.205
incoming called-number .
voice-class codec 1
dtmf-relay rtp-nte
no vad
!
dial-peer voice 4 pots
description calls from Asterisk (outbound leg)
destination-pattern .
no digit-strip
port 0/0/0:15
!
sip-ua
authentication username dpinedo password 7 1248574446 realm asterisk
01-08-2014 06:14 AM
Hi David.
What you can also do, is restrict the list of ip addresses that can do SIP sessions with the gateway using ip address trusted list command under voice service voip configuration section.
Eg-
voice service voip
ip address trusted list
ipv4 89.1.23.205 255.255.255.255
In this case, only you asterisk is allowed to initiate a SIP/H323 session with your VG.
HTH
Regards
Carlo
01-08-2014 07:03 AM
Thankyou Carlo
If I add the IP of the Asterisk to the trusted list I don't need to inform it in the session target of the dial-peer. But I have the same problem: The call is processed without digest authentication.
Regards
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide