Hello everybody

I have such problem with kamailio and client which behind NAT

This is REGISTER message which came from client. This message came from public IP (for example, 1.1.1.1) and source port 44197. (This information I got from sip_trace)

From: <sip:xxxxxxx@sip.ptl.ru:5060>;tag=a82eda3-13c4-47798948-1a1296-5259a46

To: <sip:xxxxxxx@sip.ptl.ru:5060>

Call-ID: a82eda3-13c4-47798948-1a1296-9641c88@sip.ptl.ru

CSeq: 446229198 REGISTER

Via: SIP/2.0/UDP 10.130.237.163:5060;branch=z9hG4bK-47799e27-6b9841-84448db

Max-Forwards: 70

Supported: timer

Contact: <sip:xxxxxxx@10.130.237.163:5060;transport=UDP>

Expires: 60

Content-Length: 0

This is Unauthorized message was sent by kamailio to 1.1.1.1 and… destination port not 44197 (as I expected) but 5060!!!

SIP/2.0 401 Unauthorized

From: <sip:xxxxxxx@sip.ptl.ru:5060>;tag=a82eda3-13c4-47798948-1a1296-5259a46

To: <sip:xxxxxxx@sip.ptl.ru:5060>;tag=fdc454a3cdd8f9e5718382b74f33aeed.3b81

Call-ID: a82eda3-13c4-47798948-1a1296-9641c88@sip.ptl.ru

CSeq: 446229198 REGISTER

Via: SIP/2.0/UDP 10.130.237.163:5060;branch=z9hG4bK-47799e27-6b9841-84448db;received=1.1.1.1

WWW-Authenticate: Digest realm="domain name", nonce="4af0129b000000047c1020258f9f0efc4de1b76663dd2ab4"

Server: Kamailio (1.5.0-notls (i386/linux))

Content-Length: 0

And as you understand 401 reply, which was sent to 1.1.1.1:5060 can’t reach client’s equipment.

A piece of kamailio.cfg relating to REGISTER processing:

route(0) {

….

if (!is_method("INVITE")) route(8);

….

if (is_method("REGISTER")) {

route(11);

exit;

}

…..

}

route(8) {

if (nat_uac_test("5")) {

if (method=="REGISTER") {

fix_nated_register();

} else {

fix_nated_contact();

}

setflag(5);

}

return;

}

route(11) {

if (!www_authorize("", "subscriber")) {

www_challenge("", "0");

exit;

}

if ($au!=$tU) {

sl_send_reply("403","Forbidden auth ID");

exit;

}

if (isflagset(5)) setbflag(6);

if (!save("location")) {

sl_reply_error();

exit;

}

Hearty thanks for any help.