Overview
Call Ctrl supports SIP Authentication and is configured during the Call Ctrl Settings Wizard.
When the SPA phone is connected to the SPA9000 the SIP Authentication is retrieved from the following settings:
- Username: SPA IP Phone/User ID
- Password: SPA9000/Phone Ext Password
Call Ctrl retrieves this value and is used when Call Ctrl makes the initial connection to the phone.
When the SPA phone is used under other SIP-compliant PBX these settings are manually set according to the SIP Authenication setting dictated by the PBX.
Background
The following is the general Request/Response pattern when Call Ctrl authenticates to the SPA phone. This follows the SIP Authentication for WWW-Authenticate and Authorization.
- Call Ctrl sends the SPA9000 a REGISTER
REGISTER sip:SPA9000-IP-ADDRESS:6060 SIP/2.0
Via: SIP/2.0/UDP COMPUTER-IP-ADDRESS:5060;branch=k1hk2bD-12345678
Max-Forwards: 70
From: sip:COMPUTER-NAME@COMPUTER-IP-ADDRESS;tag=1511064382
To: sip:COMPUTER-NAME@SPA9000-IP-ADDRESS
Call-ID: 344455738-1740902088-7072075
CSeq: 1 REGISTER
Contact: sip:COMPUTER-NAME@COMPUTER-IP-ADDRESS:5060
Content-Length: 0
Expires: 3600
User-Agent: Call Ctrl 1.1 USER-NAME
- The SPA9000 will challenge the REGISTER
SIP/2.0 401 Unauthorized
To: sip:COMPUTER-NAME@SPA9000-IP-ADDRESS;tag=60b7acd9-0
From: sip:COMPUTER-NAME@COMPUTER-IP-ADDRESS tag=1511064382
Call-ID: 344455738-1740902088-7072075
CSeq: 1 REGISTER
Via: SIP/2.0/UDP COMPUTER-IP-ADDRESS:5060;branch=k1hk2bD-12345678
Server: Linksys/SPA9000-6.1.5
WWW-Authenticate: Digest realm="SPA9000-IP-ADDRESS", nonce="70f778f0", algorithm=md5
Allow-Events: talk, hold, conference, x-spa-cti
Content-Length: 0
- Call Ctrl will re-REGISTER with the nonce from the 401 Unauthorized
REGISTER sip:SPA9000-IP-ADDRESS:6060 SIP/2.0
Via: SIP/2.0/UDP COMPUTER-IP-ADDRESS:5060;branch=z9hG4bK365126659
Max-Forwards: 70
From: sip:COMPUTER-NAME@COMPUTER-IP-ADDRESS;tag=1511064382
To: sip:COMPUTER-NAME@SPA9000-IP-ADDRESS
Call-ID: 344455738-1740902088-7072075
CSeq: 2 REGISTER
Contact: sip:COMPUTER-NAME@COMPUTER-IP-ADDRESS:5060
Content-Length: 0
Expires: 3600
Authorization: Digest username="200",
uri="sip:SPA9000-IP-ADDRESS6060",
algorithm=MD5,
realm="SPA9000-IP-ADDRESS",
nonce="70f779f0",
response="518c57e10b00c7d7cc5e662cc9874278"
User-Agent: Call Ctrl 1.1 USER-NAME
-
Call Ctrl should receive one of the following:
-
200 OK – Register and Authentication Successful
SIP/2.0 200 OK
To: sip:COMPUTER-NAME@SPA9000-IP-ADDRESS;tag=60b7acd9-0
From: sip:COMPUTER-NAME@COMPUTER-IP-ADDRESS;tag=1105468791
Call-ID: 1067102475-1788586211-1070643713
CSeq: 2 REGISTER
Via: SIP/2.0/UDP COMPUTER-IP-ADDRESS:5060;branch=z9hG4bK1099038656
Contact: sip:COMPUTER-NAME@COMPUTER-IP-ADDRESS:5060;expires=60
Server: Linksys/SPA9000-6.1.5
Allow-Events: talk, hold, conference, x-spa-cti
Content-Length: 0
Date: Tue, 6 Jul 2010 15:48:49 PST
-
401 Unauthorized – Authentication failed from bad credentials or mis-configured phone. Repeat from step 3 until REGISTER is successful or interrupted by another process.
SIP/2.0 401 Unauthorized
To: sip:COMPUTER-NAME@SPA9000-IP-ADDRESS;tag=60b7acd9-0
From: sip:COMPUTER-NAME@COMPUTER-IP-ADDRESS;tag=2140065145
Call-ID: 1067102475-1788586211-1070643713
CSeq: 4 REGISTER
Via: SIP/2.0/UDP COMPUTER-IP-ADDRESS:5060;branch=k1hk2bD-12345678
Server: Linksys/SPA9000-6.1.5
WWW-Authenticate: Digest realm="SPA9000-IP-ADDRESS", nonce="915af6f3", algorithm=md5
Allow-Events: talk, hold, conference, x-spa-cti
Content-Length: 0
-
Regardless of the previous result Call Ctrl will always attempt a SUBSCRIBE immediately after the REGISTER request. The result of the SUBSCRIBE is dependent on the REGISTER result and will return one of the following:
-
200 OK – Subscription Successful
SIP/2.0 200 OK
To: sip:PHONE-NAME@SPA9000-IP-ADDRESS;tag=3e71480c6eab9f9b
From: sip:COMPUTER-NAME@SPA9000-IP-ADDRESS;tag=6236126
Call-ID: 448036229-1843726709-2127160951
CSeq: 3 SUBSCRIBE
Via: SIP/2.0/UDP COMPUTER-IP-ADDRESS:5060;branch=k1hk2bD-12345678
Server: Linksys/SPA9000-6.1.5
Expires: 3600
Allow-Events: talk, hold, conference, x-spa-cti
Content-Length: 0
-
403 Unauthorized – Will always return if REGISTER responded with 401 Unauthorized.
SIP/2.0 403 Forbidden
To: sip:PHONE-NAME@SPA9000-IP-ADDRESS;tag=60b7acd9-0
From: sip:COMPUTER-NAME@COMPUTER-IP-ADDRESS;tag=235976043
Call-ID: 897294665-2025450385-1187892155
CSeq: 1 NOTIFY
Via: SIP/2.0/UDP COMPUTER-IP-ADDRESS:5061;branch=k1hk2bD-12345678
Server: Linksys/SPA9000-6.1.5
Allow-Events: talk, hold, conference, x-spa-cti
Content-Length: 0
The following error will be returned and Call Ctrl will automatically shutdown:
The error '403 Forbidden' was received from SPA-STATUS and will prevent Call Ctrl from functioning properly. Please enable Debugging and restart Call Ctrl to diagnose the problem.
Resolution
The Related Links contains an article link to troubleshoot the 403 Forbidden error message.