SIP im Detail - Alter Client wird abgewiesen
Hinweis. Ich habe die Domain msxfaq.de durch msxfaq.local ersetzt, um die verwendeten Mailadressen zu verbergen. Im Netmon Capture sind die Daten der TestUmgebung enthalten.
Der veraltete OCS-Client versucht eine Verbindung ohne besondere Authentifizierung.
REGISTER sip:msxfaq.local SIP/2.0 Via: SIP/2.0/TCP 192.168.55.101:1065 Max-Forwards: 70 From: <sip:frank.carius@msxfaq.local>;tag=34431e2043;epid=fe4674ab36 To: <sip:frank.carius@msxfaq.local> Call-ID: c1e20c54ee41a56b2bd9eb86b5962c9e CSeq: 1 REGISTER Contact: <sip:192.168.55.101:1065;transport=tcp;ms-opaque=97572d5a34>;methods="INVITE, MESSAGE, INFO, OPTIONS, BYE, CANCEL, NOTIFY, ACK, REFER, BENOTIFY";proxy=replace;+sip.instance="<urn:uuid:BC4CA1BF-7B79-57E1-8A55-5FEDEDAFC3C6>" User-Agent: CPE/2.0.467.0 COMO/2.0.467.0 (Communicator Mobile 2.0) Supported: gruu-10, adhoclist, msrtc-event-categories Supported: ms-forking ms-keep-alive: uAC;hop-hop=yes Event: registration Content-Length: 0
Das lehnt der Server natürlich ab, aber sagt dem Client, welche Anmeldeverfahren er unterstützt
SIP/2.0 401 unauthorized Date: Thu, 11 Dec 2008 15:47:35 GMT WWW-Authenticate: NTLM realm="SIP Communications Service", targetname="srv01.msxfaq.local", version=3 WWW-Authenticate: Kerberos realm="SIP Communications Service", targetname="sip/srv01.msxfaq.local", version=3 From: <sip:frank.carius@msxfaq.local>;tag=34431e2043;epid=fe4674ab36 To: <sip:frank.carius@msxfaq.local>;tag=ABB5DEAD587948995CD3ED135AD5F587 Call-ID: c1e20c54ee41a56b2bd9eb86b5962c9e CSeq: 1 REGISTER Via: SIP/2.0/TCP 192.168.55.101:1065;received=10.1.1.254;ms-received-port=58775;ms-received-cid=2700 Content-Length: 0
Beim zweiten Versuch sendet der User eine Anmeldung aber hatte vorab ja noch keine Daten zur Verschlüsselung erhalten
REGISTER sip:msxfaq.local SIP/2.0 Via: SIP/2.0/TCP 192.168.55.101:1065 Max-Forwards: 70 From: <sip:frank.carius@msxfaq.local>;tag=34431e2043;epid=fe4674ab36 To: <sip:frank.carius@msxfaq.local> Call-ID: c1e20c54ee41a56b2bd9eb86b5962c9e CSeq: 2 REGISTER Contact: <sip:192.168.55.101:1065;transport=tcp;ms-opaque=97572d5a34>;methods="INVITE, MESSAGE, INFO, OPTIONS, BYE, CANCEL, NOTIFY, ACK, REFER, BENOTIFY";proxy=replace;+sip.instance="<urn:uuid:BC4CA1BF-7B79-57E1-8A55-5FEDEDAFC3C6>" User-Agent: CPE/2.0.467.0 COMO/2.0.467.0 (Communicator Mobile 2.0) Authorization: NTLM qop="auth", realm="SIP Communications Service", targetname="srv01.msxfaq.local", gssapi-data="", version=3 Supported: gruu-10, adhoclist, msrtc-event-categories Supported: ms-forking ms-keep-alive: uAC;hop-hop=yes Event: registration Content-Length: 0
Also lehnt der Server nochmal ab, aber sendet dem Client die erforderlichen Daten ("gssapi-data")
SIP/2.0 401 unauthorized Date: Thu, 11 Dec 2008 15:47:35 GMT WWW-Authenticate: NTLM opaque="8C935D90", gssapi-data="TlRMTVNTUAACAAAAAAAAADgAAADzgpjiiBZxaTtqHgIAAAAAAAAAAIIAggA4AAAABQLODgAAAA8CAAwATQBTAFgARgBBAFEAAQAKAFMAUgBWADAAMQAEABgAbQBzAHgAZgBhAHEALgBsAG8AYwBhAGwAAwAkAHMAcgB2ADAAMQAUAG0AcwB4AGYAYQBxAC4AbABvAGMAYQBsAAUAGABtAHMAeABmAGEAcQAUAGwAbwBjAGEAbAAAAAAA", targetname="srv01.msxfaq.local", realm="SIP Communications Service", version=3 From: <sip:frank.carius@msxfaq.local>;tag=34431e2043;epid=fe4674ab36 To: <sip:frank.carius@msxfaq.local>;tag=ABB5DEAD587948995CD3ED135AD5F587 Call-ID: c1e20c54ee41a56b2bd9eb86b5962c9e CSeq: 2 REGISTER Via: SIP/2.0/TCP 192.168.55.101:1065;received=10.1.1.254;ms-received-port=58775;ms-received-cid=2700 Content-Length: 0
Jetzt erst kann sich der Client komplett anmelden
REGISTER sip:msxfaq.local SIP/2.0 Via: SIP/2.0/TCP 192.168.55.101:1065 Max-Forwards: 70 From: <sip:frank.carius@msxfaq.local>;tag=34431e2043;epid=fe4674ab36 To: <sip:frank.carius@msxfaq.local> Call-ID: c1e20c54ee41a56b2bd9eb86b5962c9e CSeq: 3 REGISTER Contact: <sip:192.168.55.101:1065;transport=tcp;ms-opaque=97572d5a34>;methods="INVITE, MESSAGE, INFO, OPTIONS, BYE, CANCEL, NOTIFY, ACK, REFER, BENOTIFY";proxy=replace;+sip.instance="<urn:uuid:BC4CA1BF-7B79-57E1-8A55-5FEDEDAFC3C6>" User-Agent: CPE/2.0.467.0 COMO/2.0.467.0 (Communicator Mobile 2.0) Supported: gruu-10, adhoclist, msrtc-event-categories Supported: ms-forking ms-keep-alive: uAC;hop-hop=yes Event: registration Proxy-Authorization: NTLM qop="auth", realm="SIP Communications Service", opaque="8C935D90", targetname="srv01.msxfaq.local", version=3, gssapi-data="TlRMTVNTUAADAAAAGAAYAE0AAAAAAAAAZQAAAAYABgBAAAAABwAHAEYAAAAAAAAATQAAABAAEABlAAAAUoKIYG1zeGZhcWZjYXJpdXMxCFrBhnA50kqOr3vD/+axsAWCitP+c9O28yabPfSDMg5s89262+3n" Content-Length: 0
Aber der Server hat natürlich aufgepasst und am User-Agent erkannt, dass der Client nicht den Firmenvorgaben entspricht und verweigert den Zugriff:
SIP/2.0 403 Forbidden Authentication-Info: NTLM rspauth="0100000068CF2032B6333B3664000000", srand="017259E2", snum="1", opaque="8C935D90", qop="auth", targetname="srv01.msxfaq.local", realm="SIP Communications Service" Content-Length: 0 Via: SIP/2.0/TCP 192.168.55.101:1065;received=10.1.1.254;ms-received-port=58775;ms-received-cid=2700 From: <sip:frank.carius@msxfaq.local>;tag=34431e2043;epid=fe4674ab36 To: <sip:frank.carius@msxfaq.local>;tag=ABB5DEAD587948995CD3ED135AD5F587 Call-ID: c1e20c54ee41a56b2bd9eb86b5962c9e CSeq: 3 REGISTER Warning: 310 lcs.microsoft.com "You are currently not using the recommended version of the client" ms-diagnostics: 17002;reason="Invalid Request";source="srv01.msxfaq.local";appName="ClientVersionFilter" Server: ClientVersionFilter/3.0.0.0
Der Anwender sieht auf seinem PC nun einfach die Fehlermeldung, dass sein Client zu alt ist und er sich bitte an seinen Administrator wenden soll.
Weitere Links
- SIP-Trace
- SIP im Detail
-
VoIP
Telefonieren über IP - Exchange 2007 UM nutzt auch VoIP -
VoIP Sniffer
VoIP Sprachdaten mit WireShark analysieren. - MRAS Edge
- ICE und Kandidaten