<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
For sake of clarification, the r-uri is not related to the username
for authentication nor to To header uri. They can be completely
different.<br>
<br>
However, trunk provider might have various requirements in
formatting the r-uri and To uri, they usually say that in the
interconnect docs.<br>
<br>
Cheers,<br>
Daniel<br>
<br>
<div class="moz-cite-prefix">On 12/05/15 03:11, Darren Campbell
(Primar) wrote:<br>
</div>
<blockquote
cite="mid:66CCCC287FD4D646A255F1495F204AB52864695D@MBX-02.mtrx.com.au"
type="cite">
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
<div style="direction: ltr;font-family: Tahoma;color:
#000000;font-size: 10pt;">Thanks for this, I suppose this means
the initial INVITE from Asterisk should be adjusted.<br>
<br>
Trying a custom trunk so the INVITE r-uri from Asterisk has the
provider username but the To header has the number to dial.<br>
<br>
SIP/PROVIDERPEER/providerusername!$OUTNUM$<br>
<br>
Until today I didn't understand how Asterisk was able to manage
r-uri and To header separately.<br>
<br>
But I stumbled upon zmonkey whilst searching for "asterisk
r-uri".<br>
<a class="moz-txt-link-freetext" href="https://www.zmonkey.org/blog/content/asterisk-sip-request-uri-vs-header">https://www.zmonkey.org/blog/content/asterisk-sip-request-uri-vs-header</a><br>
<br>
Regards,<br>
<br>
Darren<br>
<div style="font-family: Times New Roman; color: #000000;
font-size: 16px">
<hr tabindex="-1">
<div style="direction: ltr;" id="divRpF149834"><font
color="#000000" face="Tahoma" size="2"><b>From:</b>
Daniel-Constantin Mierla [<a class="moz-txt-link-abbreviated" href="mailto:miconda@gmail.com">miconda@gmail.com</a>]<br>
<b>Sent:</b> Monday, 11 May 2015 8:47 PM<br>
<b>To:</b> Darren Campbell (Primar); Kamailio (SER) -
Users Mailing List<br>
<b>Subject:</b> Re: [SR-Users] Handling 407 Proxy
Authentication, Elastix MT<br>
</font><br>
</div>
<div>What is happening then, is the provider sending back
another 407?<br>
<br>
Normally the Proxy-Authorization header should stay
unchanged, but if you change the request uri, it may result
in mismatch.<br>
<br>
Cheers,<br>
Daniel<br>
<br>
<div class="moz-cite-prefix">On 11/05/15 10:26, Darren
Campbell (Primar) wrote:<br>
</div>
<blockquote type="cite">
<div style="direction:ltr; font-family:Tahoma;
color:#000000; font-size:10pt">Thanks, much appreciated.<br>
<br>
I'm seeing the Proxy-Authorization from Asterisk in
tcpdump. It seems like I've been working against what's
already built into Kamailio.<br>
<br>
Probably need to tweak some uri's though.<br>
<br>
When dialing out, the r-uri is:<br>
<a moz-do-not-send="true" class="moz-txt-link-freetext"
href="sip:mobilenumberhere@exampleip" target="_blank">sip:mobilenumberhere@exampleip</a><br>
<br>
But the uri part of the Proxy-Authorization in the new
INVITE ends up with uri=<a moz-do-not-send="true"
class="moz-txt-link-rfc2396E"
href="sip:mobilenumberhere@exampleip" target="_blank">"sip:mobilenumberhere@exampleip"</a><br>
<br>
However, I think it should be showing uri=<a
moz-do-not-send="true" class="moz-txt-link-rfc2396E"
href="sip:providerusernamehere@exampleip"
target="_blank">"sip:providerusernamehere@exampleip"</a><br>
<br>
Regards,<br>
<br>
Darren<br>
<div style="font-family:Times New Roman; color:#000000;
font-size:16px">
<hr tabindex="-1">
<div id="divRpF31264" style="direction:ltr"><font
color="#000000" face="Tahoma" size="2"><b>From:</b>
sr-users [<a moz-do-not-send="true"
class="moz-txt-link-abbreviated"
href="mailto:sr-users-bounces@lists.sip-router.org"
target="_blank">sr-users-bounces@lists.sip-router.org</a>]
on behalf of Daniel-Constantin Mierla [<a
moz-do-not-send="true"
class="moz-txt-link-abbreviated"
href="mailto:miconda@gmail.com" target="_blank">miconda@gmail.com</a>]<br>
<b>Sent:</b> Monday, 11 May 2015 6:07 PM<br>
<b>To:</b> Kamailio (SER) - Users Mailing List<br>
<b>Subject:</b> Re: [SR-Users] Handling 407 Proxy
Authentication, Elastix MT<br>
</font><br>
</div>
<div>Hello,<br>
<br>
<div class="moz-cite-prefix">On 11/05/15 08:41,
Darren Campbell (Primar) wrote:<br>
</div>
<blockquote type="cite">
<style id="owaParaStyle" type="text/css">
<!--
p
{margin-top:0;
margin-bottom:0}
body
{direction:ltr;
font-family:Tahoma;
color:#000000;
font-size:10pt}
p
{margin-top:0;
margin-bottom:0}
body
{scrollbar-base-color:undefined;
scrollbar-highlight-color:undefined;
scrollbar-darkshadow-color:undefined;
scrollbar-arrow-color:undefined}
-->
BODY {direction: ltr;font-family: Tahoma;color: #000000;font-size: 10pt;}P {margin-top:0;margin-bottom:0;}</style>
<div style="direction:ltr; font-family:Tahoma;
color:#000000; font-size:10pt">Hi all<br>
<br>
Have Asterisk listening on 127.0.0.1 and aiming
to route all inbound/outbound SIP via Kamailio
listening on 127.0.0.1 and external interface.<br>
<br>
Inbound calls from the SIP PROVIDER work just
fine. Have NAT, rtpproxy configured for
successful registration and subsequent INVITEs
etc.<br>
<br>
Experiencing some challenges with the outgoing
INVITES, primarily authenticating the outbound
INVITEs.<br>
<br>
The current situation is this:<br>
Asterisk > INVITE > Kamailio > INVITE
> SIP PROVIDER<br>
SIP PROVIDER > 407 Proxy Authenticate >
Kamailio > Transaction Cancelled.<br>
Asterisk then plays number unavailable message.<br>
<br>
<br>
The desired situation is more like this:<br>
Asterisk > INVITE > Kamailio > INVITE
> SIP PROVIDER<br>
SIP PROVIDER > 407 Proxy Authenticate >
Kamailio > Asterisk<br>
Asterisk > INVITE (with auth digest etc) >
Kamailio > INVITE > SIP PROVIDER<br>
<br>
<br>
An attempted solution was made by having
Kamailio authenticate using the uac module.
However, ideally Kamailio should be mostly
transparent and Asterisk should be handling and
responding to the 407 Proxy Authentication.<br>
<br>
If there is someone in the Kamailio community
that has addressed this situation before,
guidance would be much appreciated.<br>
</div>
</blockquote>
do you have a failure_route block in kamailio.cfg?
Be sure that if 401/407 is received, you just exit
the routing block:<br>
<br>
failure_route[abc] {<br>
...<br>
if(t_check_status("401|407")) exit;<br>
...<br>
}<br>
<br>
Then the 401/407 replies will be sent upstream to
asterisk.<br>
<br>
Cheers,<br>
Daniel<br>
<br>
<pre class="moz-signature" cols="72">--
Daniel-Constantin Mierla
<a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://twitter.com/#%21/miconda" target="_blank">http://twitter.com/#!/miconda</a> - <a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://www.linkedin.com/in/miconda" target="_blank">http://www.linkedin.com/in/miconda</a>
Kamailio World Conference, May 27-29, 2015
Berlin, Germany - <a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://www.kamailioworld.com" target="_blank">http://www.kamailioworld.com</a></pre>
</div>
</div>
</div>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
Daniel-Constantin Mierla
<a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://twitter.com/#%21/miconda" target="_blank">http://twitter.com/#!/miconda</a> - <a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://www.linkedin.com/in/miconda" target="_blank">http://www.linkedin.com/in/miconda</a>
Kamailio World Conference, May 27-29, 2015
Berlin, Germany - <a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://www.kamailioworld.com" target="_blank">http://www.kamailioworld.com</a></pre>
</div>
</div>
</div>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
Daniel-Constantin Mierla
<a class="moz-txt-link-freetext" href="http://twitter.com/#!/miconda">http://twitter.com/#!/miconda</a> - <a class="moz-txt-link-freetext" href="http://www.linkedin.com/in/miconda">http://www.linkedin.com/in/miconda</a>
Kamailio World Conference, May 27-29, 2015
Berlin, Germany - <a class="moz-txt-link-freetext" href="http://www.kamailioworld.com">http://www.kamailioworld.com</a></pre>
</body>
</html>