Too many unencrypted requests from the apparatus
The pbx receives a request in clear text N times (INVITE \ REGISTER) despite having sent the challenge to authenticate with the 401 N times to the sender As seen previously in case 3), when there are terminals and / or telephone gateways that register on UCloud, the system operates as a SIP server.
The device sends a first request in clear text, i.e. without authentication credentials.
REGISTER sip:acme.ucloud:5142 SIP/2.0
This request is “challenged” with a 401 Unauthorized and the WWW-Authenticate header with the “voispeed” realm:
SIP/2.0 401 Unauthorized
WWW-Authenticate: Digest realm=”voispeed”, nonce=”1730071197″
If the 401 response does not reach the device, the latter will send replies of the initial request in clear text, without authentication credentials.
The continuous reception of INVITE or REGISTER requests in clear text indicates a communication in one direction only, from the device to the UCloud server and not in the opposite direction.
- We are in the presence of a firewall configured incorrectly, such as to allow only outgoing UDP traffic, towards the UCloud server. Conversely, any reply or request in the opposite direction, from UCloud to the device, is discarded.
Check the firewall configuration and make sure that traffic is allowed both ways with the UCloud server.