VoIP Mailing List Archives

jonas.kellens at telen... · Guest

Hello,

I am trying to setup a Grandstream GXP2160 IP-phone with secure calling (SRTP).

Secure signaling SSIP for registration is working great !

I follow this guide : https://wiki.asterisk.org/wiki/display/AST/Secure+Calling+Tutorial

But when I try to make a call with SRTP, I get stuck. There is an initial INVITE which is anwered with a 401. There should follow a new INVITE with a nonce, but this does not happen. Any idea why ? Is it the Grandstream IP-phone ??

<--- SIP read from TLS:my.pub.lic.ip:53416 --->
INVITE sip:0123123123@ast.ser.ver.ip:5061 ([email]sip:0123123123@ast.ser.ver.ip:5061[/email]) SIP/2.0
Via: SIP/2.0/TLS 192.168.1.104:5068;branch=z9hG4bK60724585;rport;alias
From: <sip:testacc77005@ast.ser.ver.ip:5061> ([email]sip:testacc77005@ast.ser.ver.ip:5061[/email]);tag=263162018
To: <sip:0123123123@ast.ser.ver.ip:5061> ([email]sip:0123123123@ast.ser.ver.ip:5061[/email])
Call-ID: 1695864968-5068-8@BJC.BGI.B.BAE (1695864968-5068-8@BJC.BGI.B.BAE)
CSeq: 50 INVITE
Contact: <sips:testacc77005@192.168.1.104:5068;transport=tls> ([email]sips:testacc77005@192.168.1.104:5068;transport=tls[/email])
X-Grandstream-PBX: true
Max-Forwards: 70
User-Agent: Grandstream GXP2160 1.0.2.9
Privacy: none
P-Preferred-Identity: <sip:testacc77005@ast.ser.ver.ip:5061> ([email]sip:testacc77005@ast.ser.ver.ip:5061[/email])
Supported: replaces, path, timer
Allow: INVITE, ACK, OPTIONS, CANCEL, BYE, SUBSCRIBE, NOTIFY, INFO, REFER, UPDATE, MESSAGE
Content-Type: application/sdp
Accept: application/sdp, application/dtmf-relay
Content-Length: 522

v=0
o=testacc77005 8004 8000 IN IP4 192.168.1.104
s=SIP Call
c=IN IP4 192.168.1.104
t=0 0
m=audio 5020 RTP/SAVP 0 8 18 9 2 101
a=sendrecv
a=rtpmap:0 PCMU/8000
a=ptime:20
a=rtpmap:8 PCMA/8000
a=rtpmap:18 G729/8000
a=fmtp:18 annexb=no
a=rtpmap:9 G722/8000
a=rtpmap:2 G726-32/8000
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-15
a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:8m7ZfG+0t3KBFGK40IfDO11SZ6D54glKKIwdgo00|2^32
a=crypto:2 AES_CM_128_HMAC_SHA1_32 inline:nn+id/sSK7OErMfnZZduKNPLejpscxx1vUQB2seO|2^32

<--- Reliably Transmitting (NAT) to my.pub.lic.ip:53416 --->
SIP/2.0 401 Unauthorized
Via: SIP/2.0/TLS 192.168.1.104:5068;branch=z9hG4bK60724585;alias;received=my.pub.lic.ip;rport=53416
From: <sip:testacc77005@ast.ser.ver.ip:5061> ([email]sip:testacc77005@ast.ser.ver.ip:5061[/email]);tag=263162018
To: <sip:0123123123@ast.ser.ver.ip:5061> ([email]sip:0123123123@ast.ser.ver.ip:5061[/email]);tag=as1e527556
Call-ID: 1695864968-5068-8@BJC.BGI.B.BAE (1695864968-5068-8@BJC.BGI.B.BAE)
CSeq: 50 INVITE
Server: mydomain
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH
Supported: replaces, timer
WWW-Authenticate: Digest algorithm=MD5, realm="mydomain.be", nonce="13b47342"
Content-Length: 0

<--- SIP read from TLS:my.pub.lic.ip:53416 --->
ACK sip:0123123123@ast.ser.ver.ip:5061 ([email]sip:0123123123@ast.ser.ver.ip:5061[/email]) SIP/2.0
Via: SIP/2.0/TLS 192.168.1.104:5068;branch=z9hG4bK60724585;rport;alias
From: <sip:testacc77005@ast.ser.ver.ip:5061> ([email]sip:testacc77005@ast.ser.ver.ip:5061[/email]);tag=263162018
To: <sip:0123123123@ast.ser.ver.ip:5061> ([email]sip:0123123123@ast.ser.ver.ip:5061[/email]);tag=as1e527556
Call-ID: 1695864968-5068-8@BJC.BGI.B.BAE (1695864968-5068-8@BJC.BGI.B.BAE)
CSeq: 50 ACK
Content-Length: 0

jonas.kellens at telen... · Guest

On 07-10-14 12:32, Jonas Kellens wrote: