0

I have a typical requirement, where I have a forwarding SBC between an endpoint and kamailio as shown below.

Endpoint ----> SBC ------> Kamailio

From endpoint I am sending REGISTER request. It reaches SBC. SBC sends the REGISTER request to Kamailio, Kamailio challenges it (401), and challenge response is received at endpoint through SBC.

Next endpoint adds authorization header and sends REGISTER to SBC, SBC forwards it to Kamailio.

Now Kamailio again responds with 401.

When we analysed Kamailio logs, we can see Kamailio log authorization response token and response token that was sent by Endpoint are same.

So my question is, why Kamailio sends 401 repeatedly even if it received proper Authorization header.

Is it because Kamailio received REGISTER from IP address different from endpoint.

Please guide, how can I avoid this issue.

Austin
  • 1,709
  • 20
  • 40

1 Answers1

1

It is hard to guess what happens without knowing what function and parameters you are using for authentication.

If the authentication is done like in the default kamailio.cfg, then be aware that there are some extra checks done after authentication response was matched:

  • From header username is same as authentication username
  • To header username is the same as authentication username

If you run kamailio with debug=3 in config, then you should see in syslog some log messages giving hints on what was not matching there, resulting in failing the authentication of the request.

miconda
  • 1,754
  • 11
  • 14
  • Yeah, I have figured it out. In my case from and to had different user name. The auth user name was not matching with from user name. So in auth_check function (in kamailio.cfg), I have modified the last argument from "1" to "0". Surprisingly Kamailio does not log why it sends 401 for such case. – Austin Sep 15 '15 at 01:37