Hi!
I'm trying to replace a provider delivered AVM Fritzbox on an Annex-J port with a FreePBX machine. For various reasons. 
I've managed to get incoming calls working, but when trying do call outgoing I always receive a 403 Forbidden Response. As debugging the SIP session does not lead me any further, I've started to sniff the SIP packets with tcpdump.
The scheme is always the same: FreePBX sends a INVITE packet, the proxy replies with a TRYING and the next packet seen is a 403 FORBIDDEN.
Examing the captured invite-packets, I've found some differences between Fritzbox and FreePBX. Some I've managed to resolve. But some not. And I'm not sure whether it's re the reason why I do receive the 403 errors or not.
So here we go. Phone numbers, usernames and addresses anomynized by myself.
This is the original Fritzbox Invite:
Internet Protocol Version 4, Src: 10.10.x.x (10.10.x.x), Dst: 172.x.y.z (172.x.y.z)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00: Not-ECT (Not ECN-Capable Transport))
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable Transport) (0x00)
Total Length: 1154
Identification: 0x788a (30858)
Flags: 0x00
0... .... = Reserved bit: Not set
.0.. .... = Don't fragment: Not set
..0. .... = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: UDP (17)
Header checksum: 0x78b4 [validation disabled]
[Good: False]
[Bad: False]
Source: 10.10.x.x (10.10.x.x)
Destination: 172.x.y.z (172.x.y.z)
[Source GeoIP: Unknown]
[Destination GeoIP: Unknown]
User Datagram Protocol, Src Port: sip (5060), Dst Port: sip (5060)
Source port: sip (5060)
Destination port: sip (5060)
Length: 1134
Checksum: 0x963d [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Session Initiation Protocol (INVITE)
Request-Line: INVITE sip:016xxxxxxxx@172.x.y.z SIP/2.0
Method: INVITE
Request-URI: sip:016xxxxxxxx@172.x.y.z
Request-URI User Part: 016xxxxxxxx
Request-URI Host Part: 172.x.y.z
[Resent Packet: False]
Message Header
Via: SIP/2.0/UDP 10.10.x.x:5060;rport;branch=z9hG4bK876C3F368B0D4065
Transport: UDP
Sent-by Address: 10.10.x.x
Sent-by port: 5060
RPort: rport
Branch: z9hG4bK876C3F368B0D4065
Route: <sip:172.x.y.z;lr>
Route URI: sip:172.x.y.z;lr
Route Host Part: 172.x.y.z
Route URI parameter: lr
From: <sip:2xxx3xxxxxx@172.x.y.z>;tag=A451F7F057995ECF
SIP from address: sip:2xxx3xxxxxx@172.x.y.z
SIP from address User Part: 2xxx3xxxxxx
SIP from address Host Part: 172.x.y.z
SIP from tag: A451F7F057995ECF
To: <sip:016xxxxxxxx@172.x.y.z>
SIP to address: sip:016xxxxxxxx@172.x.y.z
SIP to address User Part: 016xxxxxxxx
SIP to address Host Part: 172.x.y.z
Call-ID: 0D9402B2837B7D27@10.10.x.x
CSeq: 9 INVITE
Sequence Number: 9
Method: INVITE
Contact: <sip:2xxx3xxxxxx@10.10.x.x;uniq=42127CCE7A7A466621DAE696E2365>
Contact URI: sip:2xxx3xxxxxx@10.10.x.x;uniq=42127CCE7A7A466621DAE696E2365
Contact URI User Part: 2xxx3xxxxxx
Contact URI Host Part: 10.10.x.x
Contact URI parameter: uniq=42127CCE7A7A466621DAE696E2365
Max-Forwards: 70
Expires: 120
User-Agent: AVM FRITZ!Box Fon WLAN 7360 124.06.20 TAL (Oct 14 2014)
Supported: 100rel,replaces
Allow-Events: telephone-event,refer
Allow: INVITE,ACK,OPTIONS,CANCEL,BYE,UPDATE,PRACK,INFO,SUBSCRIBE,NOTIFY,REFER,MESSAGE,PUBLISH
Content-Type: application/sdp
Accept: application/sdp, multipart/mixed
Accept-Encoding: identity
Content-Length: 369
Message Body
Session Description Protocol
Session Description Protocol Version (v): 0
Owner/Creator, Session Id (o): user 1232535 1232535 IN IP4 10.10.x.x
Owner Username: user
Session ID: 1232535
Session Version: 1232535
Owner Network Type: IN
Owner Address Type: IP4
Owner Address: 10.10.x.x
Session Name (s): call
Connection Information (c): IN IP4 10.10.x.x
Connection Network Type: IN
Connection Address Type: IP4
Connection Address: 10.10.x.x
Time Description, active time (t): 0 0
Session Start Time: 0
Session Stop Time: 0
Media Description, name and address (m): audio 7078 RTP/AVP 8 0 2 102 100 99 97 101
Media Type: audio
Media Port: 7078
Media Protocol: RTP/AVP
Media Format: ITU-T G.711 PCMA
Media Format: ITU-T G.711 PCMU
Media Format: ITU-T G.721
Media Format: DynamicRTP-Type-102
Media Format: DynamicRTP-Type-100
Media Format: DynamicRTP-Type-99
Media Format: DynamicRTP-Type-97
Media Format: DynamicRTP-Type-101
Media Attribute (a): sendrecv
Media Attribute (a): rtpmap:2 G726-32/8000
Media Attribute Fieldname: rtpmap
Media Format: 2
MIME Type: G726-32
Sample Rate: 8000
Media Attribute (a): rtpmap:102 G726-32/8000
Media Attribute Fieldname: rtpmap
Media Format: 102
MIME Type: G726-32
Sample Rate: 8000
Media Attribute (a): rtpmap:100 G726-40/8000
Media Attribute Fieldname: rtpmap
Media Format: 100
MIME Type: G726-40
Sample Rate: 8000
Media Attribute (a): rtpmap:99 G726-24/8000
Media Attribute Fieldname: rtpmap
Media Format: 99
MIME Type: G726-24
Sample Rate: 8000
Media Attribute (a): rtpmap:97 iLBC/8000
Media Attribute Fieldname: rtpmap
Media Format: 97
MIME Type: iLBC
Sample Rate: 8000
Media Attribute (a): fmtp:97 mode=30
Media Attribute Fieldname: fmtp
Media Format: 97 [iLBC]
Media format specific parameters: mode=30
Media Attribute (a): rtpmap:101 telephone-event/8000
Media Attribute Fieldname: rtpmap
Media Format: 101
MIME Type: telephone-event
Sample Rate: 8000
Media Attribute (a): fmtp:101 0-15
Media Attribute Fieldname: fmtp
Media Format: 101 [telephone-event]
Media format specific parameters: 0-15
Media Attribute (a): rtcp:7079
Media Attribute Fieldname: rtcp
Media Attribute Value: 7079
Media Attribute (a): ptime:20
Media Attribute Fieldname: ptime
Media Attribute Value: 20
This were the first packets sent from FreePBX:
Internet Protocol Version 4, Src: 10.10.x.x (10.10.x.x), Dst: 172.x.y.z (172.x.y.z)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x60 (DSCP 0x18: Class Selector 3; ECN: 0x00: Not-ECT (Not ECN-Capable Transport))
0110 00.. = Differentiated Services Codepoint: Class Selector 3 (0x18)
.... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable Transport) (0x00)
Total Length: 828
Identification: 0xbcf6 (48374)
Flags: 0x00
0... .... = Reserved bit: Not set
.0.. .... = Don't fragment: Not set
..0. .... = More fragments: Not set
Fragment offset: 0
Time to live: 63
Protocol: UDP (17)
Header checksum: 0x461a [validation disabled]
[Good: False]
[Bad: False]
Source: 10.10.x.x (10.10.x.x)
Destination: 172.x.y.z (172.x.y.z)
[Source GeoIP: Unknown]
[Destination GeoIP: Unknown]
User Datagram Protocol, Src Port: sip (5060), Dst Port: sip (5060)
Source port: sip (5060)
Destination port: sip (5060)
Length: 808
Checksum: 0x787a [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Session Initiation Protocol (INVITE)
Request-Line: INVITE sip:016xxxxxxxx@172.x.y.z SIP/2.0
Method: INVITE
Request-URI: sip:016xxxxxxxx@172.x.y.z
Request-URI User Part: 016xxxxxxxx
Request-URI Host Part: 172.x.y.z
[Resent Packet: False]
Message Header
Via: SIP/2.0/UDP 10.10.x.x:5060;branch=z9hG4bK7c0b6ee6;rport
Transport: UDP
Sent-by Address: 10.10.x.x
Sent-by port: 5060
Branch: z9hG4bK7c0b6ee6
RPort: rport
Max-Forwards: 70
From: <sip:2xxx3xxxxxx@10.10.x.x>;tag=as15bcab5e
SIP from address: sip:2xxx3xxxxxx@10.10.x.x
SIP from address User Part: 2xxx3xxxxxx
SIP from address Host Part: 10.10.x.x
SIP from tag: as15bcab5e
To: <sip:016xxxxxxxx@172.x.y.z>
SIP to address: sip:016xxxxxxxx@172.x.y.z
SIP to address User Part: 016xxxxxxxx
SIP to address Host Part: 172.x.y.z
Contact: <sip:2xxx3xxxxxx@10.10.x.x:5060>
Contact URI: sip:2xxx3xxxxxx@10.10.x.x:5060
Contact URI User Part: 2xxx3xxxxxx
Contact URI Host Part: 10.10.x.x
Contact URI Host Port: 5060
Call-ID: 48944ae84ab9a7c9319580f33b5e5e60@10.10.x.x:5060
CSeq: 102 INVITE
Sequence Number: 102
Method: INVITE
User-Agent: AVM FRITZ!Box Fon WLAN 7360 124.06.20 TAL (Oct 14 2014)
Date: Sun, 20 Sep 2015 13:19:24 GMT
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
Supported: replaces, timer
Content-Type: application/sdp
Content-Length: 180
Message Body
Session Description Protocol
Session Description Protocol Version (v): 0
Owner/Creator, Session Id (o): root 1165603241 1165603241 IN IP4 10.10.x.x
Owner Username: root
Session ID: 1165603241
Session Version: 1165603241
Owner Network Type: IN
Owner Address Type: IP4
Owner Address: 10.10.x.x
Session Name (s): Asterisk PBX 11.19.0
Connection Information (c): IN IP4 10.10.x.x
Connection Network Type: IN
Connection Address Type: IP4
Connection Address: 10.10.x.x
Time Description, active time (t): 0 0
Session Start Time: 0
Session Stop Time: 0
Media Description, name and address (m): audio 11548 RTP/AVP 0
Media Type: audio
Media Port: 11548
Media Protocol: RTP/AVP
Media Format: ITU-T G.711 PCMU
Media Attribute (a): rtpmap:0 PCMU/8000
Media Attribute Fieldname: rtpmap
Media Format: 0
MIME Type: PCMU
Sample Rate: 8000
Media Attribute (a): ptime:20
Media Attribute Fieldname: ptime
Media Attribute Value: 20
Media Attribute (a): sendrecv
I've changed the following attributes because I could imagine they might filter on this:
UserAgent
SDP session owner
SDP session name
Now my packets look like:
Internet Protocol Version 4, Src: 10.10.x.x (10.10.x.x), Dst: 172.x.y.z (172.x.y.z)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x60 (DSCP 0x18: Class Selector 3; ECN: 0x00: Not-ECT (Not ECN-Capable Transport))
0110 00.. = Differentiated Services Codepoint: Class Selector 3 (0x18)
.... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable Transport) (0x00)
Total Length: 837
Identification: 0xf821 (63521)
Flags: 0x00
0... .... = Reserved bit: Not set
.0.. .... = Don't fragment: Not set
..0. .... = More fragments: Not set
Fragment offset: 0
Time to live: 63
Protocol: UDP (17)
Header checksum: 0xd4d6 [validation disabled]
[Good: False]
[Bad: False]
Source: 10.10.x.x (10.10.x.x)
Destination: 172.x.y.z (172.x.y.z)
[Source GeoIP: Unknown]
[Destination GeoIP: Unknown]
User Datagram Protocol, Src Port: sip (5060), Dst Port: sip (5060)
Source port: sip (5060)
Destination port: sip (5060)
Length: 817
Checksum: 0xae92 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Session Initiation Protocol (INVITE)
Request-Line: INVITE sip:016xxxxxxxx@172.x.y.z SIP/2.0
Method: INVITE
Request-URI: sip:016xxxxxxxx@172.x.y.z
Request-URI User Part: 016xxxxxxxx
Request-URI Host Part: 172.x.y.z
[Resent Packet: False]
Message Header
Via: SIP/2.0/UDP 10.10.x.x:5060;branch=z9hG4bK63514c34
Transport: UDP
Sent-by Address: 10.10.x.x
Sent-by port: 5060
Branch: z9hG4bK63514c34
Max-Forwards: 70
From: <sip:2xxx3xxxxxx@10.10.x.x:5060>;tag=as307f3e23
SIP from address: sip:2xxx3xxxxxx@10.10.x.x:5060
SIP from address User Part: 2xxx3xxxxxx
SIP from address Host Part: 10.10.x.x
SIP from address Host Port: 5060
SIP from tag: as307f3e23
To: <sip:016xxxxxxxx@172.x.y.z>
SIP to address: sip:016xxxxxxxx@172.x.y.z
SIP to address User Part: 016xxxxxxxx
SIP to address Host Part: 172.x.y.z
Contact: <sip:2xxx3xxxxxx@10.10.x.x:5060>
Contact URI: sip:2xxx3xxxxxx@10.10.x.x:5060
Contact URI User Part: 2xxx3xxxxxx
Contact URI Host Part: 10.10.x.x
Contact URI Host Port: 5060
Call-ID: 431cf8740456807e520964b35c76c3f6@192.168.21.3:5060
CSeq: 102 INVITE
Sequence Number: 102
Method: INVITE
User-Agent: AVM FRITZ!Box Fon WLAN 7360 124.06.20 TAL (Oct 14 2014)
Date: Tue, 22 Sep 2015 16:09:56 GMT
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
Supported: replaces, timer
Content-Type: application/sdp
Content-Length: 190
Message Body
Session Description Protocol
Session Description Protocol Version (v): 0
Owner/Creator, Session Id (o): user 17803359 17803359 IN IP4 10.10.x.x
Owner Username: user
Session ID: 17803359
Session Version: 17803359
Owner Network Type: IN
Owner Address Type: IP4
Owner Address: 10.10.x.x
Session Name (s): call
Connection Information (c): IN IP4 10.10.x.x
Connection Network Type: IN
Connection Address Type: IP4
Connection Address: 10.10.x.x
Time Description, active time (t): 0 0
Session Start Time: 0
Session Stop Time: 0
Media Description, name and address (m): audio 9518 RTP/AVP 0 111
Media Type: audio
Media Port: 9518
Media Protocol: RTP/AVP
Media Format: ITU-T G.711 PCMU
Media Format: DynamicRTP-Type-111
Media Attribute (a): rtpmap:0 PCMU/8000
Media Attribute Fieldname: rtpmap
Media Format: 0
MIME Type: PCMU
Sample Rate: 8000
Media Attribute (a): rtpmap:111 G726-32/8000
Media Attribute Fieldname: rtpmap
Media Format: 111
MIME Type: G726-32
Sample Rate: 8000
Media Attribute (a): ptime:20
Media Attribute Fieldname: ptime
Media Attribute Value: 20
Media Attribute (a): sendrecv
But it still is not working. 
Still different is the codec list, but this can't lead to a 403 - can it? What I do see is the Fritzbox contains a route - which the FreePBX doesn't.
Route: <sip:172.x.y.z;lr>
Route URI: sip:172.x.y.z;lr
Route Host Part: 172.x.y.z
Route URI parameter: lr
And the Fritzbox contains a further contact parameter:
Contact: <sip:2xxx3xxxxxx@10.10.x.x;uniq=42127CCE7A7A466621DAE696E2365>
Contact URI: sip:2xxx3xxxxxx@10.10.x.x;uniq=42127CCE7A7A466621DAE696E2365
Contact URI User Part: 2xxx3xxxxxx
Contact URI Host Part: 10.10.x.x
Contact URI parameter: uniq=42127CCE7A7A466621DAE696E2365
I think one (or both) might be the possible solution, but I didn't find a way to change the FreePBX behaviour on this.
Any ideas are welcome! 
Thanks in advance.
Stefan