Failed To Authenticate Device Message

Home » Asterisk Users » Failed To Authenticate Device Message
Asterisk Users 5 Comments

I am getting this message:
Failed to authenticate device ;tag9853321 for INVITE, code = -1

but it does not report the “connecting” address. Who is failing connecting ?
I either need to block someone or fix something – I’m thinking block – but I dont know who. How do I found out the connecting IP?

Jerry

5 thoughts on - Failed To Authenticate Device Message

  • Hi Jerry

    Le 22/07/2020 à 14:54, Jerry Geis a écrit :

    You should get it with recvip

    exten = i,1,Verbose(Incoming ANONYMOUS SIP call from ${CALLERID(name)}
    ${CALLERID(num)} SRC IP ${CHANNEL(recvip)})


    Daniel

  • Thanks – its not an incoming call – its just a log on the CLI
    There is nothing before it and nothing after – no incoming call.

    Jerry

  • Did you check your security log?

    There is usually a wealth of info there about who, what, where when and why.

    Andrew

  • I also checked /var/log/asterisk/messages and it just has the same line. Nothing additional.

    Jerry

  • You didn’t post the Asterisk version, but if this is an OLD asterisk version then the source IP may be missing from messages/logs.

    If you have low traffic in general then using something like Wireshark may help you examine any suspicious SIP packet on the PBX. For higher volumes it’s like drinking from a fire hydrant, so not suitable.

    If this is a small PBX, have a look at the SecAst product (https://teium.io/secast). It’s free for small installations. It’s an Asterisk security product that monitors network traffic at a the adapter level so it can sniff the source. It also talks to Asterisk through the AMI so it can get more details of the connection/session that way. If this is for a larger PBX then you would have to move the discussion to the biz list for more info on SecAst. (Or email me off list)

    From: asterisk-users [mailto:asterisk-users-bounces@lists.digium.com] On Behalf Of Jerry Geis Sent: Wednesday, July 22, 2020 11:37 AM
    To: Asterisk Users Mailing List – Non-Commercial Discussion
    Subject: Re: [asterisk-users] Failed to authenticate device message

    I also checked /var/log/asterisk/messages and it just has the same line. Nothing additional.

    Jerry