I’ve been given a SIP hard phone pre-configured to work with another party’s BroadWorks system. I want to use my Asterisk system to connect to this SIP service rather than the handset I’ve been given. I have extracted the authentication details from the phone and have successfully registered Asterisk with the gateway (incoming calls work fine) using a line like this in sip.conf:
register => firstname.lastname@example.org:password:email@example.com/441000123123
Outgoing calls are proving to be more challenging. I have this so far:
callerid=”My Name” <441000123123>
type=peer host=nnn.nnn.nnn.nnn auth=authuser realm=auth.realm fromuser= 441000123123
secret=password insecure=invite context=from-sip nat=yes qualify=no canreinvite=no allow=all
The main part I’m confused about is that in most examples I’ve seen, the username and authname are the same value, whereas in this case we seem to have:
A username (the phone number)
An auth name (a different value)
An auth realm A SIP realm (different value to auth realm)
A password A gateway host
When I place a call with Dial(SIP/441000123123/somenumber), I get a 403 response from the gateway. Looking at a packet dump, I can see that Asterisk is not attempting to authenticate. On the other hand, REGISTER requests do authenticate successfully – I can see the digest authentication taking place in tcpdump.
I have observed successful outgoing calls from the hard phone using tcpdump and I can see the phone using digest like so:
Authorization: DIGEST username=”authuser”, realm=”BroadWorks”, nonce=”BroadWorksASHORTHASH”, qop=auth, cnonce=”ASHORTHASH”, nc 000001, uri=”sip:firstname.lastname@example.org:5060;user=phone”, response=”ALONGERHASH”, algorithm=MD5
What is the correct configuration to use – how do I get Asterisk to successfully authenticate outgoing calls?
Many thanks, James.