You are using an unsupported browser. Please update your browser to the latest version on or before July 31, 2020.
close
Home > ThinkTel Support > SIP Trunking > SIP Authentication
SIP Authentication
print icon
David Vansickle
Mar 08, 2020
views icon 1608

SIP Authentication

We can't disable authentication unless we get a Sales Engineer's approval that it is not compatible with your PBX. 

Very few PBX systems can't authenticate nowadays and as security is always an issue, we will only turn authentication off if there are no other options. We can turn it off briefly for testing purposes but not for long. Prefer not to leave it off past the end of regular business hours.

The below PBX's have been confirmed by our engineers as non compatible and are approved to have SIP authentication disabled.

Microsoft Lync - Right Fax - FaxBack - FaxCore(Version EV5) - Nextone SBC - AVAYA IP OFFICE 9.0 - Metaswitch

PBX's that were previously not able to use SIP Authentication but are now proven compatible by our sales engineers. Please follow the below links to find out how to get your PBX to authenticate with Thinktel

Zultys - Sutus(But you may need to upgrade your version{firmware}to the latest version) For a list of other available interop Doc's please review our Successful SIP PBX Interops article.

The below SBC's(Session Border Controller) have been confirmed by our engineers as non compatible and are approved to have SIP authentication disabled.

Sonus 5200NBS

You may also leave SIP Authentication disabled if your PBX is located in one of our colo's(co-locations)

SIP Authentication: Used for all VoIP lines

We authenticate against your username(Directory Number), Realm(Proxy) and SIP password for all SIP requests that require authorization (INVITE, UPDATE, BYE, etc).

  • When we receive an invite(call) we expect to see an authentication digest, with your username, proxy(realm) and password.

    Authorization: Digest username="7805551234",realm="edm.trk.tprm.ca",nonce="d899a43f8399",uri="sip:[email protected]"
  • If a digest is not sent or has the wrong information, we will return a SIP 401 unauthorized. We then expect a new invite with the correct authentication digest.
  • If we don't get a reINVITE with valid SIP authentication the call will not terminate.

For further information on authentication please refer to these RFC articles.

Each SIP password:

Must be at least 10 characters long.

Must contain at least 1 upper case characters

Must contain at least 1 lower case characters

Must contain at least 1 digits [0-9]

IP Authentication: Used for SIP Trunking.

We authenticate against your configured IP binding for your Pilot. We confirm against our ACL (Access Control List).

Your VIA and Contact header must contain your contact IP address and port.

  • When we receive an invite(call) we expect the call to come from your configured SIP binding(The IP).
  • So if a call comes in from another IP, we will return a SIP 403 forbidden and the call will not terminate.
Feedback
0 out of 0 found this helpful

Tags

close button
scroll to top icon