Solved
Cisco SPA-112 keine Registrierung: cause=401;text="CC_SIP_UNAUTHORIZED_401
3 years ago
Hallo allerseits,
in meinem Beitrag aus Oktober 2021 konnte sich mein SPA-112 nicht registrieren.
@wari1957 hatte das Problem gelöst: Umstellung des Protokolls auf TLS. Seit Oktober 2021 funktionierte nun die
Telefonverbindung mit dem SPA-112 einwandfrei. Ich habe seither keine Änderungen an der Hardware oder an der Konfiguration durchgeführt. Aber seit heute kann sich das Gerät nicht mehr registrieren. Ich sehe folgenden Eintrag im Log:
Apr 13 09:43:47 REGISTER sip: TEL.t-online.de SIP/2.0#015#012Via: SIP/2.0/TLS 192.168.1.44:5060;branch=xxxx-92595db5#015#012From: "XYZ" <sip:XYZ@TEL.t-online.de>;tag=xxxx515669d2825o0#015#012To: "XYZ" <sip:XYZ@TEL.t-online.de>#015#012Call-ID: xxxxxe05a-9fca4c07@192.168.1.44#015#012CSeq: 35960 REGISTER#015#012Max-Forwards: 70#015#012Contact: "XYZ" <sip:XYZ@192.168.1.44:5060;transport=tls>;expires=600#015#012User-Agent: Cisco/SPA112-1.4.1SR1(002)#015#012P-Station-Name: ;mac=701f530a0b56; display=""; sn=xxxx148063J#015#012Content-Length: 0#015#012Allow: ACK, BYE, CANCEL, INFO, INVITE, NOTIFY, OPTIONS, REFER#015#012Supported: replaces#015#012#015
Apr 13 09:43:47 sp112.lan
Apr 13 09:43:47 sp112.lan
Apr 13 09:43:47 sp112.lan [0]<<217.0.28.35:5061(782)
Apr 13 09:43:47 sp112.lan [0]<<217.0.28.35:5061(782)
Apr 13 09:43:47 sp112.lan SIP/2.0 401 Unauthorized#015#012Via: SIP/2.0/TLS 192.168.1.44:5060;received=79.204.85.148;branch=xxxx4bK-92595db5;dt-isreg#015#012To: "XYZ" <sip:+49XYZ@TEL.t-online.de>;tag=h7g4Esbg_mavodi-0-4b-46-2-ffffffc7-ce2-ffffffffffffffff-xxxx000-62269ad6-_027197AEE96C-12ad-62908700-8e0bb6-62567f33-86577#015#012From: "XYZ" <sip:+49XYZ@TEL.t-online.de>;tag=xxxx9515669d2825o0#015#012Call-ID: xxxxe05a-9fca4c07@192.168.1.44#015#012CSeq: 35960 REGISTER#015#012Reason: SIP;cause=401;text="CC_SIP_UNAUTHORIZED_401"#015#012Service-Route: <sip:217.0.28.35:5061;transport=tls;lr>#015#012WWW-Authenticate: Digest realm="tel.t-online.de",nonce="xxxx414e424104afe67297d8bf7ee5ca8b6aa5ba7641",algorithm=MD5,qop="auth"#015#012Content-Length: 0#015#012Session-ID: 00000000000000000000000000000000; remote=xxxx9131faa11f48abb8663dc47d2f56#015#012#015
Apr 13 09:43:47 sp112.lan
Hat jemand eine Idee, woran das liegen könnte? Wenn Informationen fehlen, liefere ich die gerne nach...
Besten Dank
762
10
This could help you too
922
0
4
226
0
1
5 years ago
3551
0
3
Accepted Solution
accepted by
3 years ago
ich glaube ich habe das Problem jetzt gefunden. Abgelaufenes Zertifikat. Kein workaround möglich. Ausweichen auf andere Hardware erforderlich.
The QuoVadis Root CA 2 Public Key Infrastructure (PKI) used by SPA112/122 ATAs to issue SSL certificates is subject to an industry-wide issue that affects revocation abilities. Due to this issue, no new QuoVadis Root CA 2 certificates will be issued or renewed by Cisco after March 31, 2021. This affects certificate renewals on devices, Cisco cloud servers, and third-party services.
Certificates issued before the QuoVadis Root CA 2 was decommissioned will continue to be valid. However, the certificates will not renew when they expire on either the device or the Cisco cloud server. This will cause functions such as SIP and HTTPS connections to fail to establish.
Problem Symptom
Expiration of the QuoVadis Root CA 2 certificates affects SIP or HTTPS communications and will cause handshakes to fail. Phones may not be provisioned and/or negotiate SIP security, and other security related features (not SIP related) may not work.
Workaround/Solution
Unfortunately, there is no workaround and no new software that can be generated as the products listed in this field notice are past the end of software support date (see EOL Notice 13282). Please select a supported device or consult with your Cisco sales team or reseller.
0