DominikBM
asked on
SIP Proxy INVITE causes error 403 FORBIDDEN
Hi All,
Just wondering if anyone has any experience in regards to the SIP protocol and SIP proxies working with a SIP server? I've got a problem where my phone works directly with a SIP server/pbx, but when I route it through my home-made SIP proxy (written in c#), based on RFC3261, after an INVITE I get a "403 Forbidden" returned from the pbx.
Registration works fine, the following process is where it breaks
-> REGISTER
<- 407 Proxy Authentication Required
-> REGISTER (now with Auth info)
<- 200 OK
-> INVITE
<- 407 Proxy Authentication Required
-> ACK
-> INVITE (now with Auth info)
<- 403 Forbidden
Not sure why it is forbidden, when the phone talks direct it's OK and works perfectly.
The final invite (the one that results in the 403 error) is:
INVITE sip:31@10.1.1.3 SIP/2.0
Via: SIP/2.0/UDP 10.1.1.46:5060;branch=z9hG 4bK36B1D64 BA09A41087 FCC96BEF8F AF613
Via: SIP/2.0/UDP 10.1.1.88:5061;branch=z9hG 4bK3c49b77 2
From: "Test One" <sip:21@10.1.1.46>;tag=000 7505a39390 1096ad799a 8-4e59d2cc
To: <sip:31@10.1.1.46>
Call-ID: 0007505a-39390008-66fe78ec -7fd183be@ 10.1.1.88
Max-Forwards: 69
Date: Fri, 18 Feb 2011 03:11:23 GMT
CSeq: 102 INVITE
User-Agent: Cisco-CP7940G/8.0
Contact: <sip:21@10.1.1.88:5061;tra nsport=udp >
Proxy-Authorization: Digest username="21",realm="3CXPh oneSystem" ,uri="sip: 31@10.1.1. 46",respon se="121e25 ec861128d9 bba5c2ffdd 1a7ef2",no nce="414d5 35c036e745 b96:3af159 1dca90c314 854206ba7e 1895c8",al gorithm=MD 5
Expires: 180
Accept: application/sdp
Allow: ACK,BYE,CANCEL,INVITE,NOTI FY,OPTIONS ,REFER,REG ISTER,UPDA TE
Remote-Party-ID: "Test One" <sip:21@10.1.1.46>;party=c alling;id- type=subsc riber;priv acy=off;sc reen=yes
Supported: replaces,join,norefersub
Content-Length: 224
Content-Type: application/sdp
Content-Disposition: session;handling=optional
The phone is on 10.1.1.88, the pbx on 10.1.1.3 and my proxy is on 10.1.1.46. The phone is extension 21, trying to call extension 31. Extension 31 is registered directly to the pbx, it is not going via the SIP proxy.
While at the moment the phone 10.1.1.88 is on the same network as the pbx the sip proxy is being developed due to upcoming network changes in the environment.
Just wondering if anyone has any experience in regards to the SIP protocol and SIP proxies working with a SIP server? I've got a problem where my phone works directly with a SIP server/pbx, but when I route it through my home-made SIP proxy (written in c#), based on RFC3261, after an INVITE I get a "403 Forbidden" returned from the pbx.
Registration works fine, the following process is where it breaks
-> REGISTER
<- 407 Proxy Authentication Required
-> REGISTER (now with Auth info)
<- 200 OK
-> INVITE
<- 407 Proxy Authentication Required
-> ACK
-> INVITE (now with Auth info)
<- 403 Forbidden
Not sure why it is forbidden, when the phone talks direct it's OK and works perfectly.
The final invite (the one that results in the 403 error) is:
INVITE sip:31@10.1.1.3 SIP/2.0
Via: SIP/2.0/UDP 10.1.1.46:5060;branch=z9hG
Via: SIP/2.0/UDP 10.1.1.88:5061;branch=z9hG
From: "Test One" <sip:21@10.1.1.46>;tag=000
To: <sip:31@10.1.1.46>
Call-ID: 0007505a-39390008-66fe78ec
Max-Forwards: 69
Date: Fri, 18 Feb 2011 03:11:23 GMT
CSeq: 102 INVITE
User-Agent: Cisco-CP7940G/8.0
Contact: <sip:21@10.1.1.88:5061;tra
Proxy-Authorization: Digest username="21",realm="3CXPh
Expires: 180
Accept: application/sdp
Allow: ACK,BYE,CANCEL,INVITE,NOTI
Remote-Party-ID: "Test One" <sip:21@10.1.1.46>;party=c
Supported: replaces,join,norefersub
Content-Length: 224
Content-Type: application/sdp
Content-Disposition: session;handling=optional
The phone is on 10.1.1.88, the pbx on 10.1.1.3 and my proxy is on 10.1.1.46. The phone is extension 21, trying to call extension 31. Extension 31 is registered directly to the pbx, it is not going via the SIP proxy.
While at the moment the phone 10.1.1.88 is on the same network as the pbx the sip proxy is being developed due to upcoming network changes in the environment.
ASKER
Thanks _alias99, greatly appreciate your help :-)
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi feptias,
Thanks for your help. You were absolutely right, the problem was that the phone had the SIP proxy server address set for all fields, while it should only have had it set for the "outbound proxy" field. Changing this fixed the issue, so many thanks!
In regards to open source SIP proxy servers, yes I looked at quite a number of them but none were suitable in terms of licensing (mine is built into a product that is not open source, and under GPL we'd have to make the whole thing open source) as well as platform considerations (Windows, non-Java). When the handful of options that were left proved to be incomplete or undocumented I coded my own.
Thanks again!
Thanks for your help. You were absolutely right, the problem was that the phone had the SIP proxy server address set for all fields, while it should only have had it set for the "outbound proxy" field. Changing this fixed the issue, so many thanks!
In regards to open source SIP proxy servers, yes I looked at quite a number of them but none were suitable in terms of licensing (mine is built into a product that is not open source, and under GPL we'd have to make the whole thing open source) as well as platform considerations (Windows, non-Java). When the handful of options that were left proved to be incomplete or undocumented I coded my own.
Thanks again!
Good luck with the project. Thanks for the points.
ASKER
Thanks!