Sip Authentication Example - AudioCodes Mediant 2000 User Manual

Sip voip gateway

Hide thumbs Also See for Mediant 2000:

User manual (702 pages)

Installation manual (44 pages)

Hardware installation manual (30 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

page of 116

/ 116
Contents
Table of Contents
Bookmarks

Table of Contents

Mediant 2000/SIP User's Manual

4.5

SIP Authentication Example

Mediant 2000/SIP Gateway supports basic and digest authentication types, according to the SIP

standard. A proxy Server might require authentication before forwarding an INVITE message. A

registrar Server may also require authentication for client registration. A proxy replies to an

unauthenticated INVITE with a 407 Proxy Authorization Required response, containing a Proxy-

Authenticate header with the form of the challenge. After sending an ACK for the 407, the User

Agent can then resend the INVITE with a Proxy-Authorization header containing the credentials.

User Agent, Redirect or Registrar servers typically use 401 Unauthorized responses to challenge

authentication containing a WWW-Authenticate header, and expect the re-INVITE to contain an

Authorization header.

The following example describes the Digest Authentication procedure including computation of

User Agent credentials.

The REGISTER request is sent to Registrar Server for registration, as follows:

Via: SIP/2.0/UDP 10.1.1.200

From: <sip: 122@10.1.1.200>;tag=1c17940

To: <sip: 122@10.1.1.200>

Call-ID: 634293194@10.1.1.200

CSeq: 1 REGISTER

Contact: sip:122@10.1.1.200:

Expires:3600

On receiving this request the registrar returns 401 Unauthorized response.

SIP/2.0 401 Unauthorized

Via: SIP/2.0/UDP 10.2.1.200

From: <sip:122@10.2.2.222 >;tag=1c17940

To: <sip:122@10.2.2.222 >

Call-ID: 634293194@10.1.1.200

Cseq: 1 REGISTER

Date: Mon, 30 Jul 2001 15:33:54 GMT

Server: Columbia-SIP-Server/1.17

Content-Length: 0

WWW-Authenticate: Digest realm="audiocodes.com",

nonce="11432d6bce58ddf02e3b5e1c77c010d2",

stale=FALSE,

algorithm=MD5

According to the sub-header present in the WWW-Authenticate header the correct REGISTER

request is formed.

Since the algorithm used is MD5, take:

The Username from the ini file: MP108-AudioCodes

The realm return by the proxy: audiocodes.com

The password from the ini file: AudioCodes.

The equation to be evaluated: (according to RFC this part is called A1).

"MP108-AudioCodes:audiocodes.com:AudioCodes".

The MD5 algorithm is run on this equation and stored for future usage.

The result is: "a8f17d4b41ab8dab6c95d3c14e34a9e1"

Next we need to evaluate the par called A2. We take:

The method type "REGISTER"

Using SIP protocol "sip"

Version 4.2 Beta

4. SIP Operation & Configuration

June 2003

Table of Contents

Sip Authentication Example - AudioCodes Mediant 2000 User Manual

SIP Authentication Example

Related Manuals for AudioCodes Mediant 2000

Related Content for AudioCodes Mediant 2000

Table of Contents