Have an account?

  •   Personalized content
  •   Your products and support

Need an account?

Create an account

MCU Converts : to %3A in SIP URIs in Version 4.5 and Later

Available Languages

Updated:March 9, 2015
Document ID:118818

Introduction

This document describes a problem encountered where in Multipoint Control Unit (MCU) Version 4.5 and later, MCU converts : in a Session Initiation Protocol (SIP) URI to %3A because it treats : as a special character used to specify passwords. This causes calls to fail when the MCU is registered to a third-party gatekeeper.

Problem

MCU converts : in a SIP URI to %3A. The Video Communication Server (VCS) can properly decode the %3A back to : which is why calls from the MCU with : through the VCS work.

However, if the MCU is registered to a third-party gatekeeper, it cannot convert %3A into a :.

MCU Logs for MCU Version 4.4 (3.67) (where MCU does not code : into %3A):

TX:INVITE
-SIP
-Line Value="INVITE sip:record:97055@domain.com SIP/2.0
 "
-Line Value="Via: SIP/2.0/UDP 10.1.1.1:5060;branch=z9hG4bKff9702c4
 "
-Line Value="Max-Forwards: 70
 "
-Line Value="From: "Codian MCU 4220" <sip:10.1.1.1>;tag=C7E8FE01CC370000
 "
-Line Value="To: <sip:record:97055@domain.com>
 "
-Line Value="Call-ID: DAEA9E22@10.1.1.1
 "
-Line Value="CSeq: 1 INVITE
 "
-Line Value="User-Agent: Codian MCU 4220 v4.4 (3.67)
 "

MCU Logs for MCU Version 4.5 (1.45):

TX:INVITE
-SIP
-Line Value="INVITE sip:record%3A97055@domain.com SIP/2.0
 "
-Line Value="Via: SIP/2.0/UDP 10.1.1.1:5060;branch=z9hG4bKF876f970
 "
-Line Value="Max-Forwards: 70
 "
-Line Value="From: "Codian MCU 4220" <sip:10.1.1.1>;tag=C7E8FE01BC0079
 "
-Line Value="To: <sip:record%3A97055@domain.com>
 "
-Line Value="Call-ID: DAEBCE37@10.1.1.1
 "
-Line Value="CSeq: 1 INVITE
 "
-Line Value="User-Agent: Codian MCU 4220 v4.5 (1.45)

After the upgrade of MCU to Version 4.5, the SIP address is changed from the URI address: record:97055@domain.com to record%3A97055@domain.com.


Instead of a : MCU sends %3A, which the third-party gatekeeper does not recognize and this causes the call to fail.

Solution

The solution is to either create a transform on the third-party gatekeeper to convert %3A to : or to not use : in SIP URIs.

There was a bug to track this issue CSCur46154 on the MCU side; however, this bug is now closed because MCU follows this RFC:

The RFC explains:

password: A password associated with the user. While the SIP and SIPS URI syntax allows this field to be present, its use is NOT RECOMMENDED, because the passing of authentication information in clear text (such as URIs) has proven to be a security risk in almost every case where it has been used. For instance, transporting a PIN number in this field exposes the PIN.

Note that the password field is just an extension of the user portion. Implementations not wishing to give special significance to the password portion of the field MAY simply treat "user:password" as a single string.

Hence, it is up to the decoder to decode it as a single string user or a password (: is a special character), and MCU treats the : as a special character.

TAC Authored

Contributed by Cisco Engineers

  • Ishan Sambhi
    Cisco TAC Engineer.

Was this Document Helpful?

FeedbackFeedback

Contact Cisco

Related Cisco Community Discussions

This Document Applies to These Products

About Us
Contact Us
Work with Us