Outbound Proxy

[Manolo]

We are trying to register a SIP Trunk, which uses an Outbound proxy.

 

When we use a simple softphone directly configured with the provider (Zoiper), the trunk registers succesfully. (see attachment for settings). But when we try to register through the Snom PBX (version 2011-4.3.0.5021 (Win32)), we get the following errors: Registration fail , or, FORBIDDEN.

 

If we compare, the zoiper settings, with the sip trunk fields of the Snom One, we have the following questions:

 

Is the account in Snom, the same as the username in Zoiper?

 

Is the Domain field in Zoiper, the same as the Domain in Snom One?

 

Is the auth. Username in zoiper, the same as the username in Snom?

 

Is the proxy address in Snom, the same thing as the OUTBOUND PROXY in Zoiper?

 

Other SIP trunks in the Snom One do register and work fine (with other SIP providers), so the problem is not a firewall or some other internet related issue. The only problem is with this specific provider, but the strange thing is that Zoiper registers, but the Snom One doesnt.

 

Thanks,

[Vodia PBX]

I would take a look at the SIP packets and compare From-headers and Authentication headers. Maybe there is a mistake in the authentication, e.g. user@domain instead of just user. Sometimes providers have a problem with UUID, so please turn it off.

[Vodia support]

Does your configuration looks like this in the Vodia PBX?

 

 

Registrations

Display Name: "Name it "

Account: "Should be phone number"

Domain: "Should be the domain name"

Username: Should be phone number"

Password: "Password"

••••••••••

Password (repeat): "Password"

••••••••••

Proxy Address: "Should be the domain name"

Explicitly list addresses for inbound traffic: "Should be the domain name" or the IPV4

Preferred SIP port for trunk:

[Manolo]

HI,

 

As in the picture attached in the previous post, the configuration on the PBX is:

 

Account: +XXXX

Domain: domain_Name

Username: +XXXX@domain_Name

Password: ******

Proxy addres: "some IP"

 

The above are settings provided by our SIP provider and already configured in our PBX.

 

As you can see, the domain is not the same as the proxy, and the account is not the same as the Username. This is the first time that a SIP provider gives us diferent account and username, as different domain and proxy. All other trunks that we have functioning well, the proxy and domain are the same, and account and username are the same also....

 

We already tried to disable the uuid setting, but still doesnt register to the provider...What else could be the problem?

[Vodia support]

Can you send me a private message with the account information so we can try it on my local PBX.

 

Thanks

[Manolo]

Hello,

 

We finally have the logs compared between Zoiper (which does register to the SIP provider), and our Snom Server. The ONLY difference between the two logs is, that in the REGISTER (in the authorization part of the log), Zoiper sends this setting : qop=auth, but our pbx sends it this way: qop="auth".

 

So Zoiper sends the qop without the "", and our pbx send the REGISTER with ""... Does this make sense? Is there a way to configure our PBX so that it DOESN't send the ""?

 

Thanks!

[Vodia PBX]

Yes, unfortunately that makes a difference. In the early days of SIP, there were implementations that were simply buggy, and this has lasted for years. RFC 3261 makes it clear that the quotes are necessary:

 

qop-options = "qop" EQUAL LDQUOT qop-value *("," qop-value) RDQUOT

The problem is if we take the quotes out, we break other SIP trunks and we are not RFC compliant any more. Most implementation over the past years accept both quoted and unquoted. Your service provider needs to update the software...

[Manolo]

Thank you very much. We will talk with the provider.

 

Regards,

[madis]

Hi,

I am currently facing the same issue when registering against Broadsoft switch. Vodia PBX sends qop="auth" in Authorization field.

I remember having this issue few years ago as well.

If I look RFC3261 again then I understand that the right way is to send qop=auth without quotations in Authorization filed.

Quote

   An example of the Authorization header field is:

      Authorization: Digest username="bob",
              realm="biloxi.com",
              nonce="dcd98b7102dd2f0e8b11d0f600bfb0c093",
              uri="sip:bob@biloxi.com",
              qop=auth,
              nc=00000001,
              cnonce="0a4f113b",
              response="6629fae49393a05397450978507c4ef1",
              opaque="5ccc069c403ebaf9f0171e9517f40e41"

Quote

Authorization     =  "Authorization" HCOLON credentials
credentials       =  ("Digest" LWS digest-response)
                     / other-response
digest-response   =  dig-resp *(COMMA dig-resp)
dig-resp          =  username / realm / nonce / digest-uri
                      / dresponse / algorithm / cnonce
                      / opaque / message-qop
                      / nonce-count / auth-param
username          =  "username" EQUAL username-value
username-value    =  quoted-string
digest-uri        =  "uri" EQUAL LDQUOT digest-uri-value RDQUOT
digest-uri-value  =  rquest-uri ; Equal to request-uri as specified
                     by HTTP/1.1
message-qop       =  "qop" EQUAL qop-value

In other  fields (WWW-Authenticate and Proxy-Authenticate) it should be with quotation marks.

So I think Vodia should change this behavior or add possibility to change it in case some developers have misunderstood the RFC.

 

Best regards
Madis Malv

[Vodia PBX]

In the later versions (I would assume at least 61.0 has it) the qop gets quoted only if it contains a comma. So it would send qop=auth and qop="auth,auth-int". This should work with anything out there without the need to introduce a setting for this.