SIP Authentication
We can't disable authentication unless we get a Sales Engineer's approval that it is not compatible with your PBX.
Very few PBX systems can't authenticate nowadays and as security is always an issue, we will only turn authentication off if there are no other options. We can turn it off briefly for testing purposes but not for long. Prefer not to leave it off past the end of regular business hours.
The below PBX's have been confirmed by our engineers as non compatible and are approved to have SIP authentication disabled.
Microsoft Lync - Right Fax - FaxBack - FaxCore(Version EV5) - Nextone SBC - AVAYA IP OFFICE 9.0 - Metaswitch
PBX's that were previously not able to use SIP Authentication but are now proven compatible by our sales engineers. Please follow the below links to find out how to get your PBX to authenticate with Thinktel
Zultys - Sutus(But you may need to upgrade your version{firmware}to the latest version) For a list of other available interop Doc's please review our Successful SIP PBX Interops article.
The below SBC's(Session Border Controller) have been confirmed by our engineers as non compatible and are approved to have SIP authentication disabled.
Sonus 5200NBS
You may also leave SIP Authentication disabled if your PBX is located in one of our colo's(co-locations)
SIP Authentication: Used for all VoIP lines
We authenticate against your username(Directory Number), Realm(Proxy) and SIP password for all SIP requests that require authorization (INVITE, UPDATE, BYE, etc).
- When we receive an invite(call) we expect to see an authentication digest, with your username, proxy(realm) and password.
Authorization: Digest username="7805551234",realm="edm.trk.tprm.ca",nonce="d899a43f8399",uri="sip:[email protected]" - If a digest is not sent or has the wrong information, we will return a SIP 401 unauthorized. We then expect a new invite with the correct authentication digest.
- If we don't get a reINVITE with valid SIP authentication the call will not terminate.
For further information on authentication please refer to these RFC articles.
- RFC 3261 - SIP – Section 22 http://www.ietf.org/rfc/rfc3261.txt
- RFC 2617 - HTTP Authentication http://www.ietf.org/rfc/rfc2617.txt
Each SIP password:
Must be at least 10 characters long.
Must contain at least 1 upper case characters
Must contain at least 1 lower case characters
Must contain at least 1 digits [0-9]
IP Authentication: Used for SIP Trunking.
We authenticate against your configured IP binding for your Pilot. We confirm against our ACL (Access Control List).
Your VIA and Contact header must contain your contact IP address and port.
- When we receive an invite(call) we expect the call to come from your configured SIP binding(The IP).
- So if a call comes in from another IP, we will return a SIP 403 forbidden and the call will not terminate.