Monday, June 18, 2012 Bad user = SIP/2.0 401 - svwar will probably not work!

Running from SIPVicious was throwing below error

#/home/praveen/sipvicious-0.2.7#./ --force -e100-110
WARNING:TakeASip:Bad user = SIP/2.0 401  - svwar will probably not work!
WARNING:TakeASip:We got an unknown response
ERROR:TakeASip:Response: 'SIP/2.0 401 Unauthorized\r\nVia: SIP/2.0/UDP;branch=z9hG4bK-2777087671;received=;rport=5060\r\nFrom: "100";tag=3130300131353239383436353338\r\nTo: "100";tag=as4442a546\r\nCall-ID: 3403670806\r\nCSeq: 1 REGISTER\r\nServer: Asterisk PBX\r\nAllow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH\r\nSupported: replaces, timer\r\nWWW-Authenticate: Digest algorithm=MD5, realm="asterisk", nonce="5858df28"\r\nContent-Length: 0\r\n\r\n'
WARNING:root:found nothing

IP Address is the Asterisk PBX Server.

Googled for the error but couldn'd find solution so thought of going through the SIP Configuration file /etc/asterisk/sip.conf where we can find below description.
When an incoming INVITE or REGISTER is to be rejected, for any reason, always reject with     '401 Unauthorized 'instead of letting the requester know whether there was a matching user or peer for their request .i.e. PBX server will always respond with "401 Unauthorized" error to not disclose user details.

Add below line to sip.conf, by default the value is yes.
alwaysauthreject = no

Restart Asterisk PBX for above changes to reflect.

$sudo /etc/init.d/asterisk /stop/start

execute below commands
#asterisk -vvr
asterisk*CLI>sip reload

Now we can successfully run which gives below output
#/home/praveen/sipvicious-0.2.7#./  -e100-1010
| Extension | Authentication |
| 1004      | reqauth        |
| 102       | reqauth        |
| 101       | reqauth        |
| 1003      | reqauth        |
| 1002      | reqauth        |
| 1001      | reqauth        |

Articles which might be of interest 
Packet level view of REGISTER, SUBSCRIBE and NOTIFY methods

Configuration and Registration of Softphone and Analog Phone( with ATA) and Asterisk PBX

Thank You !!!

No comments:

Post a Comment