Authenticated p2p (NOREG) sip interconnection

[sandrinho]

Hello guys.
This is my first question on this forum, I hope it's not too basic

I'd love to setup an interconnection between my fusionpbx (let's call it FP) and another generic SIP device (let's call it A).
The interconnection has to be with no registration but INVITEs have to be password authenticated.

So I am thinking to create on FP a NOREG gateway on the external profile, with proxy pointing to A ip address... and have a similar configuration on the A device.

Username and Password on the FP gateway will be used to authenticate calls FP->A, so i will configure them also on A device for challenging the INVITEs coming from FP.

I cannot understand how to configure the authentication for A->FP calls. Where should I configure (on FP) the credentials that will be used to challenge the INVITEs coming from A?

Thanks a lot.
S

 

[voipBull]

@sandrinho By default, calls on the 'external' profile are authenticated IP based ('provider' ACL under 'Access Controls'), so you'll either need to change the settings on the 'external' profile OR make a copy of the profile and start using/tweaking the copied version for this 'A' device. You'll probably need to work with the 'apply-inbound-acl' and 'auth-call' settings in the profile. Sorry I've never done this before so I don't have a straight forward answer to give you. Maybe others will jump in with some more suggestions.

 

[sandrinho]

Hello @voipBull , thanks for replying.
Actually I am already there.
It was enough to remove A ip address from the ACL in apply-inbound-acl.
I think that somehow it fallbacks to "password" authentication.

So FP is responding to A's INVITE with a 407 containing:

Proxy-Authenticate: Digest realm="X.X.X.X", nonce="720b3ec6-ac82-46f6-97bb-99aac8caadee", algorithm=MD5, qop="auth"

(being X.X.X.X FP ip address)

FP asking A to authenticate against which credentials?

Dunno.