• V20: 3CX Re-engineered. Get V20 for increased security, better call management, a new admin console and Windows softphone. Learn More.

3 way authentication**NTF

Status
Not open for further replies.

voipshop1

Joined
Jun 19, 2009
Messages
21
Reaction score
0
Hi,

telecom provider in my country for SIP trunking uses a 3 way authentication.

Is that possibility included in ver 10 ?

Best regards

Nedja
 
Re: 3 way authentication

03.19.2011-11.57.00.png
 
Re: 3 way authentication

Thanks for this feature!

I've tried it with Swisscom Business Connect and was able to register. I was not able to receive calls. I also was not able to make outbound calls. I always got an Error 403: Forbidden.

I've tried it only for a short time, I will try it later on and more specific.

Best regards
Marco
 
Re: 3 way authentication

YOu might need to adjust outbound parameters for this to work.

If the registration succeeds, then all you need to do is analyze a wireshark capture and ask swiss com whats wrong and what they are expecting to see in the call flow.

Well this is one advantage why 3CX tells its users to use supported VoIP Providers. Because the templates are adjusted as to what the VoIP Provider expects.

If 3CX Registered correctly with the provider then all is looking good. Take a capture of an outgoing call and send it to your provider.
 
Re: 3 way authentication

Hi Nicky
thanks for your repelay.

I will try this. It's not for a productiv enviroment, only for my personal test.

Normally they use snoms and siemens for their hosted solution and do not support other phones... That's our swisscom :)

I will wireshark the outgoing call of a snom and wireshark on the pbx to. So I (hopfully) can find you the difference...
 
Re: 3 way authentication

Tnx Nicky,

here is a a samlpe log for Telecom Serbia.

could we analyze that and help me to make a setting. that is very important for me.

It it works we can make a biz deal with serbian telecom.


best regards

Nedja

REGISTER sip:ims.telekomsrbija.com SIP/2.0
Via: SIP/2.0/UDP 10.1.1.54:2069;branch=z9hG4bK-DF3A77D0;rport
From: <sip:[email protected]>;tag=1747279765
To: <sip:[email protected]>
Call-ID: [email protected]
CSeq: 2820 REGISTER
Contact: <sip:[email protected]:2069>;expires=3600
Content-Length: 0
Expires: 3600
Max-Forwards: 70


SIP/2.0 401 Unauthorized
Via: SIP/2.0/UDP 10.1.1.54:2069;received=10.1.1.54;branch=z9hG4bKDF3A77D0;
rport=2069
From: <sip:[email protected]>;tag=1747279765
To:
<sip:[email protected]>;tag=c355ceea05faa3d0929e1
1ce3dfe99
Call-ID: [email protected]
CSeq: 2820 REGISTER
Content-Length: 0
WWW-Authenticate: Digest
realm="ims.telekomsrbija.com",domain="sip:[email protected]
bija.com",nonce="412b94d5b16262fb829b79466a0e479a",stale=true,qop=
"auth",algorithm=MD5
P-Charging-Vector: icid-value=c355ceea05faa3d0929e11ce32a13b


REGISTER sip:ims.telekomsrbija.com SIP/2.0
Authorization: Digest
username="[email protected]",realm="ims.telekomsr
bija.com",nonce="412b94d5b16262fb829b79466a0e479a",response="d87cc
fe2b97b7c94bc3e832367c5a0f7",uri="sip:ims.telekomsrbija.com",qop=a
uth,cnonce="c79e52e0e909d311",nc=00000001,algorithm=MD5
Via: SIP/2.0/UDP 10.1.1.54:2069;branch=z9hG4bK-DF3A77D1;rport
From: <sip:[email protected]>;tag=1747279766
To: <sip:[email protected]>
Call-ID: [email protected]
CSeq: 2821 REGISTER
Contact: <sip:[email protected]:2069>;expires=3600
Content-Length: 0
Expires: 3600
Max-Forwards: 70
User-Agent: (innovaphone IP305/6.00 sr2-hotfix5 [08-
60900.68/422/302])
Allow-Events: reg,dialog,message-summary


SIP/2.0 200 OK
Via: SIP/2.0/UDP 10.1.1.54:2069;received=10.1.1.54;branch=z9hG4bKDF3A77D1;
rport=2069
From: <sip:[email protected]>;tag=1747279766
To:
<sip:[email protected]>;tag=c355ceea05faa430929e1
1ce82e615
Call-ID: [email protected]
CSeq: 2821 REGISTER
Content-Length: 0
Contact: <sip:[email protected]:2069>;expires=1000
P-Associated-URI: <sip:[email protected]>
Authentication-Info:
nextnonce="412b94d5b16262fb829b79466a0e479a",qop=auth,rspauth="c02
5ae4d9e709c2452cd1b2db1db5302",cnonce="c79e52e0e909d311",nc=000000
01
P-Charging-Vector: icid-value=c355ceea05faa430929e11ce71d6dc
P-Charging-Function-Addresses:
ccf="aaa://bgemm01.ims.telekomsrbija.com:3868;transport=tcp"
 
Re: 3 way authentication

Hey Nedja,

Code:
ims.telekomsrbija.com

Do they use broadsoft? Swisscom Business Connect is using a broadsoft pbx.

Marco
 
Re: 3 way authentication

Hi Marco,

they use ERICSSON SOFTSWITCH

Regards

nedja
 
Re: 3 way authentication

I found a way for incoming calls, they were in the log as:
17:34:12.160 [CM500002]: Unidentified incoming call. Review INVITE and adjust source identification:

I've created a source ID based on the display name.

Only outgoing calls are not possible (yet). I found the following error message:
Call to 123456767@(Ln.10000@BCON) has failed. [ V4 195.186.128.16:5060 UDP target domain=unspecified mFlowKey=812 ] replied: 403 Forbidden; from IP:195.186.128.16:5060


I will look for this maybe tomorrow
 
Re: 3 way authentication

Guys -

You will all face the same general problems we face when we are inter-operating with VoIP Providers for the first time.

My tips are the following:

1)First step is the registration process. Also did you try without 3 way authentication? Are these all 3 way authentication VoIP Providers or not? VoIP Providers might not tell you this straight ahead so you are left in the dark to troubleshoot.
2)Go on the server and start wireshark. Make an attempt to make a call and see what the provider tells you in return.
3)When you dial a number, always first try to dial a number that is one of their numbers. Example their support number. If they give you forbidden, there is a problem at sip level. You need to modify the sip message in the outbound parameters. This is simple but it can e frustrating because You do not know what the provider is expecting.
4) Generally speaking solving incoming calls is the easiest. You can look at the server activity log and see whether traffic is coming to the server.

Re telecom serbia and swiss. I would like to help you but I think that the first step is get one of their supported devices and see if that works. Make a capture with this and then make a capture with 3CX and see what the difference is. Contacting a telco this size might be futile unless you have a good contact.

Let me know on progress you guys make.
 
Status
Not open for further replies.

Getting Started - Admin

Latest Posts

Forum statistics

Threads
141,635
Messages
748,993
Members
144,754
Latest member
deanhbs
Get 3CX - Absolutely Free!

Link up your team and customers Phone System Live Chat Video Conferencing

Hosted or Self-managed. Up to 10 users free forever. No credit card. Try risk free.

3CX
A 3CX Account with that email already exists. You will be redirected to the Customer Portal to sign in or reset your password if you've forgotten it.