[Freeswitch-users] NAT'ed Aastra phones?
Michael Avers
michael at mailworks.org
Wed Apr 3 22:56:44 UTC 2019
Switch to TCP on the Aastra.
Mike
On Wed, Apr 3, 2019, at 5:41 PM, Sean Devoy wrote:
> Hi,
> A customer has Aastra phones and I can’t get them to work behind NAT. They are 6865i and 6867i ohones.
>
> The output from global siptrace on, is identical to problems I have seen in the past with phones behind NAT routers. The server is no behind NAT.
>
> The phone send Register, the server responds Unauth w/ nonce, the phone resends (but the CSeq: has not changed). That indicates that the UnAuth packet did not make it back to the phone. I have spend a LOT of hours working this issue out on CISCO and FANVIL phones, but not AASTRA. This site has a SONIC Firewall and has always been extremely difficult to work with.
>
> Any ideas on what to change would be welcome. I do have NDLB turned on. Below are the SIP packets.
>
> I have replaced my servers name with “MY-FQDN” to try and slow down the constant hacking attempts.
>
> Thanks in advance,
> Sean
>
> ------------------------------------------------------------------------
> recv 769 bytes from udp/[73.191.9.70]:14883 at 21:07:47.028636:
> ------------------------------------------------------------------------
> REGISTER sip:MY-FQDN:5060 SIP/2.0
> Via: SIP/2.0/UDP 192.168.2.143:5060;branch=z9hG4bK812a131af68095df4
> Route: <sip:MY-FQDN:5060;lr>
> Max-Forwards: 70
> From: "Jay" <sip:120 at MY-FQDN:5060>;tag=847eb00afa
> To: "Jay" <sip:120 at MY-FQDN:5060>
> Call-ID: 3bba3912bea9e310
> CSeq: 2114352391 REGISTER
> Accept-Language: en
> Allow: INVITE, ACK, CANCEL, BYE, NOTIFY, REFER, OPTIONS, UPDATE, PRACK, SUBSCRIBE, INFO, PUBLISH
> Allow-Events: aastra-xml, vdp-session, talk, hold, conference, LocalModeStatus
> Contact: "Jay" <sip:120 at 192.168.2.143:5060;transport=udp>;+sip.instance="<urn:uuid:00000000-0000-1000-8000-00085D6D9FE5>";expires=50
> Supported: path, gruu
> User-Agent: Aastra 6867i/5.0.0.2036
> Content-Length: 0
>
> ------------------------------------------------------------------------
> send 673 bytes to udp/[73.191.9.70]:5060 at 21:07:47.029963:
> ------------------------------------------------------------------------
> SIP/2.0 401 Unauthorized
> Via: SIP/2.0/UDP 192.168.2.143:5060;branch=z9hG4bK812a131af68095df4;received=73.191.9.70
> From: "Jay" <sip:120 at MY-FQDN:5060>;tag=847eb00afa
> To: "Jay" <sip:120 at MY-FQDN:5060>;tag=1HFr2FS9gN2HQ
> Call-ID: 3bba3912bea9e310
> CSeq: 2114352391 REGISTER
> User-Agent: FreeSWITCH-mod_sofia/1.2.22+git~20140309T212137Z~65fed130e5~64bit
> Allow: INVITE, ACK, BYE, CANCEL, OPTIONS, MESSAGE, INFO, UPDATE, REGISTER, REFER, NOTIFY, PUBLISH, SUBSCRIBE
> Supported: path, replaces
> WWW-Authenticate: Digest realm="MY-FQDN", nonce="4f575c9d-4a48-4c9f-88ef-558fc0ecb901", algorithm=MD5, qop="auth"
> Content-Length: 0
>
> ------------------------------------------------------------------------
> recv 769 bytes from udp/[73.191.9.70]:14883 at 21:07:47.516673:
> ------------------------------------------------------------------------
> REGISTER sip:MY-FQDN:5060 SIP/2.0
> Via: SIP/2.0/UDP 192.168.2.143:5060;branch=z9hG4bK812a131af68095df4
> Route: <sip:MY-FQDN:5060;lr>
> Max-Forwards: 70
> From: "Jay" <sip:120 at MY-FQDN:5060>;tag=847eb00afa
> To: "Jay" <sip:120 at MY-FQDN:5060>
> Call-ID: 3bba3912bea9e310
> CSeq: 2114352391 REGISTER
> Accept-Language: en
> Allow: INVITE, ACK, CANCEL, BYE, NOTIFY, REFER, OPTIONS, UPDATE, PRACK, SUBSCRIBE, INFO, PUBLISH
> Allow-Events: aastra-xml, vdp-session, talk, hold, conference, LocalModeStatus
> Contact: "Jay" <sip:120 at 192.168.2.143:5060;transport=udp>;+sip.instance="<urn:uuid:00000000-0000-1000-8000-00085D6D9FE5>";expires=50
> Supported: path, gruu
> User-Agent: Aastra 6867i/5.0.0.2036
> Content-Length: 0
>
> ------------------------------------------------------------------------
> send 673 bytes to udp/[73.191.9.70]:5060 at 21:07:47.516883:
> ------------------------------------------------------------------------
> SIP/2.0 401 Unauthorized
> Via: SIP/2.0/UDP 192.168.2.143:5060;branch=z9hG4bK812a131af68095df4;received=73.191.9.70
> From: "Jay" <sip:120 at MY-FQDN:5060>;tag=847eb00afa
> To: "Jay" <sip:120 at MY-FQDN:5060>;tag=1HFr2FS9gN2HQ
> Call-ID: 3bba3912bea9e310
> CSeq: 2114352391 REGISTER
> User-Agent: FreeSWITCH-mod_sofia/1.2.22+git~20140309T212137Z~65fed130e5~64bit
> Allow: INVITE, ACK, BYE, CANCEL, OPTIONS, MESSAGE, INFO, UPDATE, REGISTER, REFER, NOTIFY, PUBLISH, SUBSCRIBE
> Supported: path, replaces
> WWW-Authenticate: Digest realm="MY-FQDN", nonce="4f575c9d-4a48-4c9f-88ef-558fc0ecb901", algorithm=MD5, qop="auth"
> Content-Length: 0
>
>
> ------------------------------------------------------------------------
> recv 769 bytes from udp/[73.191.9.70]:14883 at 21:07:48.529297:
> ------------------------------------------------------------------------
> REGISTER sip:MY-FQDN:5060 SIP/2.0
> Via: SIP/2.0/UDP 192.168.2.143:5060;branch=z9hG4bK812a131af68095df4
> Route: <sip:MY-FQDN:5060;lr>
> Max-Forwards: 70
> From: "Jay" <sip:120 at MY-FQDN:5060>;tag=847eb00afa
> To: "Jay" <sip:120 at MY-FQDN:5060>
> Call-ID: 3bba3912bea9e310
> CSeq: 2114352391 REGISTER
> Accept-Language: en
> Allow: INVITE, ACK, CANCEL, BYE, NOTIFY, REFER, OPTIONS, UPDATE, PRACK, SUBSCRIBE, INFO, PUBLISH
> Allow-Events: aastra-xml, vdp-session, talk, hold, conference, LocalModeStatus
> Contact: "Jay" <sip:120 at 192.168.2.143:5060;transport=udp>;+sip.instance="<urn:uuid:00000000-0000-1000-8000-00085D6D9FE5>";expires=50
> Supported: path, gruu
> User-Agent: Aastra 6867i/5.0.0.2036
> Content-Length: 0
>
> ------------------------------------------------------------------------
> send 673 bytes to udp/[73.191.9.70]:5060 at 21:07:48.529522:
> ------------------------------------------------------------------------
> SIP/2.0 401 Unauthorized
> Via: SIP/2.0/UDP 192.168.2.143:5060;branch=z9hG4bK812a131af68095df4;received=73.191.9.70
> From: "Jay" <sip:120 at MY-FQDN:5060>;tag=847eb00afa
> To: "Jay" <sip:120 at MY-FQDN:5060>;tag=1HFr2FS9gN2HQ
> Call-ID: 3bba3912bea9e310
> CSeq: 2114352391 REGISTER
> User-Agent: FreeSWITCH-mod_sofia/1.2.22+git~20140309T212137Z~65fed130e5~64bit
> Allow: INVITE, ACK, BYE, CANCEL, OPTIONS, MESSAGE, INFO, UPDATE, REGISTER, REFER, NOTIFY, PUBLISH, SUBSCRIBE
> Supported: path, replaces
> WWW-Authenticate: Digest realm="MY-FQDN", nonce="4f575c9d-4a48-4c9f-88ef-558fc0ecb901", algorithm=MD5, qop="auth"
> Content-Length: 0
>
>
> ...
>
> ------------------------------------------------------------------------
> recv 769 bytes from udp/[73.191.9.70]:14883 at 21:07:50.519037:
> ------------------------------------------------------------------------
> REGISTER sip:MY-FQDN:5060 SIP/2.0
> Via: SIP/2.0/UDP 192.168.2.143:5060;branch=z9hG4bK812a131af68095df4
> Route: <sip:MY-FQDN:5060;lr>
> Max-Forwards: 70
> From: "Jay" <sip:120 at MY-FQDN:5060>;tag=847eb00afa
> To: "Jay" <sip:120 at MY-FQDN:5060>
> Call-ID: 3bba3912bea9e310
> CSeq: 2114352391 REGISTER
> Accept-Language: en
> Allow: INVITE, ACK, CANCEL, BYE, NOTIFY, REFER, OPTIONS, UPDATE, PRACK, SUBSCRIBE, INFO, PUBLISH
> Allow-Events: aastra-xml, vdp-session, talk, hold, conference, LocalModeStatus
> Contact: "Jay" <sip:120 at 192.168.2.143:5060;transport=udp>;+sip.instance="<urn:uuid:00000000-0000-1000-8000-00085D6D9FE5>";expires=50
> Supported: path, gruu
> User-Agent: Aastra 6867i/5.0.0.2036
> Content-Length: 0
>
> ------------------------------------------------------------------------
> send 673 bytes to udp/[73.191.9.70]:5060 at 21:07:50.519205:
> ------------------------------------------------------------------------
> SIP/2.0 401 Unauthorized
> Via: SIP/2.0/UDP 192.168.2.143:5060;branch=z9hG4bK812a131af68095df4;received=73.191.9.70
> From: "Jay" <sip:120 at MY-FQDN:5060>;tag=847eb00afa
> To: "Jay" <sip:120 at MY-FQDN:5060>;tag=1HFr2FS9gN2HQ
> Call-ID: 3bba3912bea9e310
> CSeq: 2114352391 REGISTER
> User-Agent: FreeSWITCH-mod_sofia/1.2.22+git~20140309T212137Z~65fed130e5~64bit
> Allow: INVITE, ACK, BYE, CANCEL, OPTIONS, MESSAGE, INFO, UPDATE, REGISTER, REFER, NOTIFY, PUBLISH, SUBSCRIBE
> Supported: path, replaces
> WWW-Authenticate: Digest realm="MY-FQDN", nonce="4f575c9d-4a48-4c9f-88ef-558fc0ecb901", algorithm=MD5, qop="auth"
> Content-Length: 0
>
>
> ...
>
>
> ------------------------------------------------------------------------
> recv 769 bytes from udp/[73.191.9.70]:14883 at 21:08:21.110333:
> ------------------------------------------------------------------------
> REGISTER sip:MY-FQDN:5060 SIP/2.0
> Via: SIP/2.0/UDP 192.168.2.143:5060;branch=z9hG4bKbd8b1eda1ecbbd9cd
> Route: <sip:MY-FQDN:5060;lr>
> Max-Forwards: 70
> From: "Jay" <sip:120 at MY-FQDN:5060>;tag=847eb00afa
> To: "Jay" <sip:120 at MY-FQDN:5060>
> Call-ID: 3bba3912bea9e310
> CSeq: 2114352392 REGISTER
> Accept-Language: en
> Allow: INVITE, ACK, CANCEL, BYE, NOTIFY, REFER, OPTIONS, UPDATE, PRACK, SUBSCRIBE, INFO, PUBLISH
> Allow-Events: aastra-xml, vdp-session, talk, hold, conference, LocalModeStatus
> Contact: "Jay" <sip:120 at 192.168.2.143:5060;transport=udp>;+sip.instance="<urn:uuid:00000000-0000-1000-8000-00085D6D9FE5>";expires=50
> Supported: path, gruu
> User-Agent: Aastra 6867i/5.0.0.2036
> Content-Length: 0
>
> ------------------------------------------------------------------------
> 2019-04-03 17:08:27.597995 [WARNING] sofia_reg.c:1532 SIP auth challenge (REGISTER) on sofia profile 'external' for [120 at MY-FQDN] from ip 73.191.9.70
> send 673 bytes to udp/[73.191.9.70]:5060 at 21:08:21.111772:
> ------------------------------------------------------------------------
> SIP/2.0 401 Unauthorized
> Via: SIP/2.0/UDP 192.168.2.143:5060;branch=z9hG4bKbd8b1eda1ecbbd9cd;received=73.191.9.70
> From: "Jay" <sip:120 at MY-FQDN:5060>;tag=847eb00afa
> To: "Jay" <sip:120 at MY-FQDN:5060>;tag=2ycp7HpgvjvXD
> Call-ID: 3bba3912bea9e310
> CSeq: 2114352392 REGISTER
> User-Agent: FreeSWITCH-mod_sofia/1.2.22+git~20140309T212137Z~65fed130e5~64bit
> Allow: INVITE, ACK, BYE, CANCEL, OPTIONS, MESSAGE, INFO, UPDATE, REGISTER, REFER, NOTIFY, PUBLISH, SUBSCRIBE
> Supported: path, replaces
> WWW-Authenticate: Digest realm="MY-FQDN", nonce="c49443eb-f0e9-461c-8072-d3d4551f6c8e", algorithm=MD5, qop="auth"
> Content-Length: 0
>
> ------------------------------------------------------------------------
> recv 769 bytes from udp/[73.191.9.70]:14883 at 21:08:21.598328:
> ------------------------------------------------------------------------
> REGISTER sip:MY-FQDN:5060 SIP/2.0
> Via: SIP/2.0/UDP 192.168.2.143:5060;branch=z9hG4bKbd8b1eda1ecbbd9cd
> Route: <sip:MY-FQDN:5060;lr>
> Max-Forwards: 70
> From: "Jay" <sip:120 at MY-FQDN:5060>;tag=847eb00afa
> To: "Jay" <sip:120 at MY-FQDN:5060>
> Call-ID: 3bba3912bea9e310
> CSeq: 2114352392 REGISTER
> Accept-Language: en
> Allow: INVITE, ACK, CANCEL, BYE, NOTIFY, REFER, OPTIONS, UPDATE, PRACK, SUBSCRIBE, INFO, PUBLISH
> Allow-Events: aastra-xml, vdp-session, talk, hold, conference, LocalModeStatus
> Contact: "Jay" <sip:120 at 192.168.2.143:5060;transport=udp>;+sip.instance="<urn:uuid:00000000-0000-1000-8000-00085D6D9FE5>";expires=50
> Supported: path, gruu
> User-Agent: Aastra 6867i/5.0.0.2036
> Content-Length: 0
>
> ------------------------------------------------------------------------
> send 673 bytes to udp/[73.191.9.70]:5060 at 21:08:21.598579:
> ------------------------------------------------------------------------
> SIP/2.0 401 Unauthorized
> Via: SIP/2.0/UDP 192.168.2.143:5060;branch=z9hG4bKbd8b1eda1ecbbd9cd;received=73.191.9.70
> From: "Jay" <sip:120 at MY-FQDN:5060>;tag=847eb00afa
> To: "Jay" <sip:120 at MY-FQDN:5060>;tag=2ycp7HpgvjvXD
> Call-ID: 3bba3912bea9e310
> CSeq: 2114352392 REGISTER
> User-Agent: FreeSWITCH-mod_sofia/1.2.22+git~20140309T212137Z~65fed130e5~64bit
> Allow: INVITE, ACK, BYE, CANCEL, OPTIONS, MESSAGE, INFO, UPDATE, REGISTER, REFER, NOTIFY, PUBLISH, SUBSCRIBE
> Supported: path, replaces
> WWW-Authenticate: Digest realm="MY-FQDN", nonce="c49443eb-f0e9-461c-8072-d3d4551f6c8e", algorithm=MD5, qop="auth"
> Content-Length: 0
>
> ------------------------------------------------------------------------
> recv 769 bytes from udp/[73.191.9.70]:14883 at 21:08:22.603481:
> ------------------------------------------------------------------------
> REGISTER sip:MY-FQDN:5060 SIP/2.0
> Via: SIP/2.0/UDP 192.168.2.143:5060;branch=z9hG4bKbd8b1eda1ecbbd9cd
> Route: <sip:MY-FQDN:5060;lr>
> Max-Forwards: 70
> From: "Jay" <sip:120 at MY-FQDN:5060>;tag=847eb00afa
> To: "Jay" <sip:120 at MY-FQDN:5060>
> Call-ID: 3bba3912bea9e310
> CSeq: 2114352392 REGISTER
> Accept-Language: en
> Allow: INVITE, ACK, CANCEL, BYE, NOTIFY, REFER, OPTIONS, UPDATE, PRACK, SUBSCRIBE, INFO, PUBLISH
> Allow-Events: aastra-xml, vdp-session, talk, hold, conference, LocalModeStatus
> Contact: "Jay" <sip:120 at 192.168.2.143:5060;transport=udp>;+sip.instance="<urn:uuid:00000000-0000-1000-8000-00085D6D9FE5>";expires=50
> Supported: path, gruu
> User-Agent: Aastra 6867i/5.0.0.2036
> Content-Length: 0
>
> ------------------------------------------------------------------------
> send 673 bytes to udp/[73.191.9.70]:5060 at 21:08:22.603692:
> ------------------------------------------------------------------------
> SIP/2.0 401 Unauthorized
> Via: SIP/2.0/UDP 192.168.2.143:5060;branch=z9hG4bKbd8b1eda1ecbbd9cd;received=73.191.9.70
> From: "Jay" <sip:120 at MY-FQDN:5060>;tag=847eb00afa
> To: "Jay" <sip:120 at MY-FQDN:5060>;tag=2ycp7HpgvjvXD
> Call-ID: 3bba3912bea9e310
> CSeq: 2114352392 REGISTER
> User-Agent: FreeSWITCH-mod_sofia/1.2.22+git~20140309T212137Z~65fed130e5~64bit
> Allow: INVITE, ACK, BYE, CANCEL, OPTIONS, MESSAGE, INFO, UPDATE, REGISTER, REFER, NOTIFY, PUBLISH, SUBSCRIBE
> Supported: path, replaces
> WWW-Authenticate: Digest realm="MY-FQDN", nonce="c49443eb-f0e9-461c-8072-d3d4551f6c8e", algorithm=MD5, qop="auth"
> Content-Length: 0
>
> _________________________________________________________________________
> Professional FreeSWITCH Services
> sales at freeswitch.com
> https://freeswitch.com
>
> Official FreeSWITCH Sites
> https://freeswitch.com/oss
> https://freeswitch.org/confluence
> https://cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> https://freeswitch.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20190403/d2777818/attachment-0001.html>
More information about the FreeSWITCH-users
mailing list