Re: [SR-Users] Issue with Authenticating outbound Call

Hello, I doubt that is the issue, but you should give the lastest stable version of the 5.5.x branch a try as well. Any patterns that you can observe, when it fails? Like only in certain conditions or certain times, when other services are running in docker host etc..? Cheers, Henning -- Henning Westerholt – https://skalatan.de/blog/ Kamailio services – https://gilawa.com *From:* sr-users &lt;sr-users-bounces(a)lists.kamailio.org&gt; *On Behalf Of *Victor ku *Sent:* Monday, February 21, 2022 8:38 PM *To:* sr-users(a)lists.kamailio.org *Subject:* [SR-Users] Issue with Authenticating outbound Call Hi, I'm new to sip and kamailio, I have recently setup a docker container based on kamailio/kamailio:5.5.0-stretch to check things out. While I was trying to authenticate an outbound call to a 3rd party sip provider from my kamailio container, I noticed there are times that the 2nd invite with the authorization header that's supposed to be sent from the failure route doesn't get sent out. There's no error recorded in the log nor does wireshark picking up any reply to sip phone or message to 3rd party sip provider. Anyone know what might have caused this? Some other things to note: Kamailio does sent out the INVITE with authorization header and authenticated successfully when my sip phone sent the sip request with FROM ip set to the 3rd party sip server's ip. When I change the sip phone to send INVITE with FROM Domain using kamailio container's ip, I'm able to see header is being built from the trace but no INVITE with authorization header is being sent. Changing the FROM uri using $fu or uac_replace_from() does help either. ---------------------------------------------------------------------------------------------------------------- kamailio-kamailio-1 | 14(22) DEBUG: {1 11126 INVITE 6cda7ecf9aed4154bfb409224b84a876} uac [auth_hdr.c:408]: build_authorization_hdr(): hdr is <Authorization: Digest username="xxxxxxxx", realm="xxx.xxx.xxx.xxx", nonce="07f4a5779568", uri=" sip:+0123456789@xxx.xxx.xxx.xxx", qop=auth, nc=00000001, cnonce="3782993246", response="d5ebd0ef00d44db2292c7b8508fa23bc", algorithm=MD5 ... ... kamailio-kamailio-1 | 14(22) exec: {1 11126 INVITE 6cda7ecf9aed4154bfb409224b84a876} *** cfgtrace:dbg_cfg_trace(): failure_route=[MANAGE_FAILURE] c=[/etc/kamailio/kamailio.cfg] l=1026 a=16 n=if kamailio-kamailio-1 | 14(22) exec: {1 11126 INVITE 6cda7ecf9aed4154bfb409224b84a876} *** cfgtrace:dbg_cfg_trace(): failure_route=[MANAGE_FAILURE] c=[/etc/kamailio/kamailio.cfg] l=1021 a=24 n=t_relay kamailio-kamailio-1 | 14(22) DEBUG: {1 11126 INVITE 6cda7ecf9aed4154bfb409224b84a876} <core> [core/msg_translator.c:1797]: check_boundaries(): no multi-part body ... ... kamailio-kamailio-1 | 14(22) exec: {1 11126 INVITE 6cda7ecf9aed4154bfb409224b84a876} *** cfgtrace:dbg_cfg_trace(): failure_route=[MANAGE_FAILURE] c=[/etc/kamailio/kamailio.cfg] l=1030 a=2 n=exit kamailio-kamailio-1 | 14(22) DEBUG: {1 11126 INVITE 6cda7ecf9aed4154bfb409224b84a876} dialog [dlg_var.c:97]: cb_dlg_locals_reset(): resetting the local dialog shortcuts on script callback: 2147483650 kamailio-kamailio-1 | 14(22) DEBUG: tm [t_reply.c:1564]: t_should_relay_response(): rps discarded - uas status: 100 kamailio-kamailio-1 | 14(22) DEBUG: tm [t_reply.c:1924]: relay_reply(): reply status=2 branch=0, save=0, relay=-1 icode=0 msg status=401 kamailio-kamailio-1 | 14(22) DEBUG: <core> [core/receive.c:596]: receive_msg(): reply-route executed in: 1753 usec kamailio-kamailio-1 | 14(22) DEBUG: dialog [dlg_var.c:97]: cb_dlg_locals_reset(): resetting the local dialog shortcuts on script callback: 2147483652 kamailio-kamailio-1 | 14(22) DEBUG: <core> [core/usr_avp.c:637]: destroy_avp_list(): destroying list (nil) kamailio-kamailio-1 | 14(22) DEBUG: <core> [core/usr_avp.c:637]: destroy_avp_list(): destroying list (nil) kamailio-kamailio-1 | 14(22) DEBUG: <core> [core/usr_avp.c:637]: destroy_avp_list(): destroying list (nil) kamailio-kamailio-1 | 14(22) DEBUG: <core> [core/usr_avp.c:637]: destroy_avp_list(): destroying list (nil) kamailio-kamailio-1 | 14(22) DEBUG: <core> [core/usr_avp.c:637]: destroy_avp_list(): destroying list (nil) kamailio-kamailio-1 | 14(22) DEBUG: <core> [core/usr_avp.c:637]: destroy_avp_list(): destroying list (nil) kamailio-kamailio-1 | 14(22) DEBUG: <core> [core/xavp.c:541]: xavp_destroy_list(): destroying xavp list (nil) kamailio-kamailio-1 | 14(22) DEBUG: <core> [core/xavp.c:541]: xavp_destroy_list(): destroying xavp list (nil) kamailio-kamailio-1 | 14(22) DEBUG: <core> [core/xavp.c:541]: xavp_destroy_list(): destroying xavp list (nil) kamailio-kamailio-1 | 14(22) DEBUG: <core> [core/receive.c:606]: receive_msg(): cleaning up ---------------------------------------------- package capture ---------------------------- 192.168.0.165 xxx.xxx.xxx.xxx SIP/SDP 1383 Request: INVITE sip:+0123456789@ xxx.xxx.xxx.xxx | xxx.xxx.xxx.xxx 192.168.0.165 SIP 585 Status: 100 Trying | xxx.xxx.xxx.xxx 192.168.0.165 SIP 820 Status: 401 Unauthorized | 192.168.0.165 xxx.xxx.xxx.xxx SIP 396 Request: ACK sip:+0123456789 @ xxx.xxx.xxx.xxx | ------------------------------------------nothing more till sip phone cancel ----------------- # ----------------- below is failure route config --------------------- failure_route[MANAGE_FAILURE] { xlog("~~~~~ MANAGE_FAILURE ($rm) ($rs-$rr) (from $fu) (to $tu) (req :$ru) (dest $du)\r\n"); if (t_is_canceled()) { exit; } xlog("Checking status code\r\n"); #!ifdef WITH_UAC if(t_check_status("401|407")) { if (isflagset(7)) { t_reply("503","Authentication failed"); exit; } $avp(auser) = "xxxxxxxxxx"; $avp(apass) = "xxxxxxxxxx; if(uac_auth()) { setflag(7); xlog("after uac_auth $rm (from $fu)(to $tu)(req $ru)(dest $du)\r\n"); if(!t_relay()) { xlog("Failed to relay ($rm) ($rs-$rr) (from $fu)(to $tu)(req $ru)\r\n"); t_reply("500","Error"); } } else { xlog("uac_auth() not available\r\n"); t_reply("503","Authentication invalid"); } exit; } #!endif } # ----------- end failure route config --------------------