Issue with Outbound Calls to DIDWW – SIP Gateway F...
# supporta
andmac
03/07/2025, 2:31 PMI have successfully connected with other SIP providers like Infobip, but I’m facing an issue with DIDWW. When making an outbound call, it returns with endedReason: sip-gateway-failed-to-connect-call.
Example Call ID: cfef6f97-a5bd-4be4-9f7a-1b990878ed6f
I’ll attach a screenshot of my DIDWW configuration. Could you help me identify what might be causing this issue?
Let me know if you need any additional information, thanks,
André
https://cdn.discordapp.com/attachments/1347577408261324810/1347577408626360370/image.png?ex=67cc54c2&is=67cb0342&hm=6f6d97a719504c3267988785372f7f3df77bfdc09e5c9113ecbfa57a792f39a6&
andmac
03/07/2025, 2:32 PM@User
v
Vapi Support Bot
03/07/2025, 2:33 PMHi André! 👋
I see you're having trouble with outbound calls to DIDWW while other SIP providers are working fine. Based on your configuration and the error message, here are some potential causes and troubleshooting steps:
### Possible Issues:
1. **Missing RTP IP Addresses**: I noticed your DIDWW configuration doesn't have any Allowed RTP IP Addresses specified. This could prevent media (voice) packets from flowing properly [source](https://discord.com/channels/1211482211119796234/1211483291191083018/1333747605628391434).
2. **SIP Trunk Configuration in VAPI**: Ensure your SIP trunk in VAPI is configured with the correct Credential ID, IP/Port, and Authentication details. If SIP Register is enabled, verify the Domain and Realm settings [source](https://discord.com/channels/1211482211119796234/1211483291191083018/1333747605628391434).
3. **Firewall/NAT Issues**: Check that your firewall allows SIP messages to pass through. The "sip-gateway-failed-to-connect-call" error often indicates network connectivity problems [source](https://discord.com/channels/1211482211119796234/1211483291191083018/1334919245468799007).
4. **SipUri Format**: Verify that the
sipUriforwardingPhoneNumbersVapi Support Bot
03/07/2025, 2:33 PM- [Discord message about firewall and NAT settings](https://discord.com/channels/1211482211119796234/1211483291191083018/threads/1334919245468799007)
n
Nir S (CEO/Founder @Cloudonix)
03/07/2025, 2:33 PM@andmac did you setup the correct information on DIDWW ?
Nir S (CEO/Founder @Cloudonix)
03/07/2025, 2:34 PMI can see that you setup the VAPI IP Addresses, but I can't see that you setup the credentials.
Nir S (CEO/Founder @Cloudonix)
03/07/2025, 2:34 PMI suggest that if you're using credentials that VAPI uses to dial out, don't specify the IP numbers - as that may interfere in the future with scaling.
Nir S (CEO/Founder @Cloudonix)
03/07/2025, 2:35 PMIf it doesn't work, DM me and I'll see if using Cloudonix as your routing engine can resolve the issue
a
andmac
03/07/2025, 2:48 PMI see your point. With another SIP provider (Infobip), using only IP authentication worked fine, so I assumed the same approach would work with DIDWW.
The DIDWW support team mentioned that enabling IP authentication requires a request, but before proceeding with that, I'll test the credentials-based approach to see if that resolves the issue.
andmac
03/10/2025, 2:03 PM@User
I am working on integrating with DIDWW, and they provided the following response regarding IP-based authentication:
“Unfortunately, we cannot enable IP-based authentication because it seems that these IPs are not unique, most likely they are default Vapi IPs. Would it be possible to inquire with Vapi if they are able to provide different sets of IPs? Additionally, if that is not possible, maybe they are able to send some sort of unique IP that could differentiate which customer is making the call?”
Could you confirm if it is possible to have dedicated or unique IPs for authentication? If not, is there any alternative solution that allows DIDWW to distinguish which customer is making the call?
s
Shubham Bajaj
03/10/2025, 6:05 PM@andmac Vapi is designed to use shared infrastructure so unique IPs for each customer are not standard.
You can either use Credential-based authentication or could explore using Cloudonix as your routing engine (as Nir suggested).
Use Credential-Based Authentication (Recommended)
1. Configure your DIDWW trunk to use credential-based authentication instead of IP-based authentication
2. Update your Vapi SIP trunk configuration to include outbound authentication credentials.
This is the most straightforward option.
Another option would be to deploy your own Session Border Controller (SBC) that connects to Vapi and has its own unique IP address.
Let me know your thoughts on this.
a
andmac
03/10/2025, 6:30 PM@Shubham Bajaj
I am trying to implement authentication using username and password by sending a POST request to the Vapi API, but I am not able to get the format right. I followed a payload suggested by the Vapi bot, but it's still not working. Could you guide me on how to do this correctly?
https://cdn.discordapp.com/attachments/1347577408261324810/1348724807008522291/image.png?ex=67d0815c&is=67cf2fdc&hm=b49c969f767f9b71c07ed70cf714375978a7d7cb4c76f9cb574a77b7bbfa5a39&
n
Nir S (CEO/Founder @Cloudonix)
03/10/2025, 6:59 PM@andmac outbound calls via DIDWW require that your username/password credentials are fully registered on Vapi - which means a full B2BUA functionality on Vapi side. This functionality on Vapi side doesn't exist (as far as I know - nor it should, as it consumes resources significantly). We're currently adding that capability to Cloudonix, so performing this via Cloudonix sometime in the second half of April will be available.
a
andmac
03/11/2025, 1:36 PMNir, Thanks for the detailed explanation! It makes sense that full B2BUA functionality is not available on Vapi and that Cloudonix will provide this solution soon. I’ll keep an eye on that update.
@Shubham Bajaj Just to confirm, based on what you mentioned, Vapi should accept credential-based authentication (username/password) for outbound calls via DIDWW. However, as Nir explained, it seems that this functionality is not fully supported on Vapi. Could you confirm whether this authentication would actually work directly, or if there are any limitations in this process?
n
Nir S (CEO/Founder @Cloudonix)
03/12/2025, 1:16 PMThey support Challenge/Response for INVITE, they don't support REGISTER.
s
Shubham Bajaj
03/13/2025, 6:31 PMThe idea is that during call setup (when an INVITE is sent), the system require authentication on a per-call basis. If the INVITE doesn't have the proper credentials, the server can respond with a challenge (like a 401 or 407) asking for a proper credential response. Vapi supports this challenge/response method, so each INVITE gets its own authentication process using the provided credentials. Essentially, each call is individually authenticated rather than using a global credential setup.
Attaching few zoomed in snippets for references.
https://cdn.discordapp.com/attachments/1347577408261324810/1349812015388164168/Screenshot_2025-03-13_at_11.47.56_PM.png?ex=67d475e6&is=67d32466&hm=a8a004ef0e5830f2bc3dd8557cfe0d16f10860a7565625479b9dd06386d3c4f9&
https://cdn.discordapp.com/attachments/1347577408261324810/1349812015761461340/Screenshot_2025-03-13_at_11.48.18_PM.png?ex=67d475e6&is=67d32466&hm=84bdade3084f984a85e285b4e5303050e7227730dfc0b521ac575001ee5e525f&
https://cdn.discordapp.com/attachments/1347577408261324810/1349812016109453405/Screenshot_2025-03-13_at_11.59.15_PM.png?ex=67d475e6&is=67d32466&hm=9b657d637f81e050cc2283ee5d69c113e3e8176bc9eaf2b9d63c1c0538846fc9&
a
andmac
03/16/2025, 5:58 PMThanks for your previous response. I understand that Vapi supports Digest Authentication, where each INVITE is initially rejected with a 401 challenge, requiring the correct credentials in the subsequent request.
Since DIDWW confirmed that my trunks are using Digest Authentication, I need to ensure that the username and password from DIDWW are correctly configured in Vapi. I know this needs to be done via the API, but I’m unsure about the exact contract or format required.
Could you guide me on how to properly send these credentials in the API requests?
k
Kyle
03/17/2025, 8:57 PMHey André, Below I'm putting a minimal process to set up an outbound authentication when making the calls. It basically includes two API calls:
1. One is for creating the credentials
2. The second one is associating that with the phone number
Then you have to make the API call to test it out. So that further I'll link out the documentation, but these two steps are similar in the docs as well. Give it a try and let me know how it goes for you.
Kyle
03/17/2025, 8:58 PMStep 1: Create a SIP Trunk Credential with Authentication
First, create a SIP trunk credential that includes the Digest Authentication details provided by DIDWW:
Copy code
curl -X POST https://api.vapi.ai/credential \
-H "Content-Type: application/json" \
-H "Authorization: Bearer your-private-key" \
-d '{
"provider": "byo-sip-trunk",
"name": "DIDWW Trunk",
"gateways": [
{
"ip": "sip.didww.com",
"port": 5060,
"outboundProtocol": "udp"
}
],
"outboundAuthenticationPlan": {
"authUsername": "username-from-didww",
"authPassword": "password-from-didww"
},
"outboundLeadingPlusEnabled": true
}'username-from-didww Copy code
curl -X POST https://api.vapi.ai/phone-number \
-H "Content-Type: application/json" \
-H "Authorization: Bearer your-private-key" \
-d '{
"provider": "byo-phone-number",
"name": "DIDWW Number",
"number": "your-didww-phone-number",
"numberE164CheckEnabled": false,
"credentialId": "credential-id-from-step-1"
}'10 Views