[Asterisk-Users] How to connect two Asterisks as secure as po
ssiblewithout too much additional bandwidth ?
Patrick Campbell
PCampbell at ourvacationstore.com
Tue Dec 28 17:45:45 MST 2004
SSH tunnel is the way to go. Here is a little tid bit about setting up SSH
keys, a simple keep alive script, and creating the SSH tunnel I use to
tunnel my SMTP traffic to a reliable SMTP server since my ISP blocks all
traffic incoming/outgoing on port 25.
http://xj.cdevco.net/comp/smtptunnel/
You could use the same exact thing with an SSH tunnel. In fact, we've done
VoIP over SSH using a Linux NAT box. The SIP adapter connects locally to a
box which SSHes to the SIP server where the unencrypted connection is made
locally. So from the EU to the server is all encrypted.
--
Patrick Campbell
OurVacationStore.com
Website Administrator
Tel. 602.896.4729
-----Original Message-----
From: asterisk-users-bounces at lists.digium.com
[mailto:asterisk-users-bounces at lists.digium.com] On Behalf Of Rustin Bergren
Sent: Tuesday, December 28, 2004 4:54 PM
To: 'Asterisk Users Mailing List - Non-Commercial Discussion'
Subject: RE: [Asterisk-Users] How to connect two Asterisks as secure as
possiblewithout too much additional bandwidth ?
Couldn't you just tunnel the involved ports over SSH? As far as bandwidth
is concerned you could enable compression and may even end up with a smaller
data stream. You could generate both keys before hand and very simply do
this on a *nix box. This would probably require both peers to have an
adequate speed cpu, enough to avoid any delay added by the encrypting
subsequently causing jitter.
Is this flawed because RTP streams are on unpredictable ports? I think only
signaling (SIP/IAX) uses 5060 and RTP streams take place on random ports.
Rustin Bergren
-----Original Message-----
From: asterisk-users-bounces at lists.digium.com
[mailto:asterisk-users-bounces at lists.digium.com] On Behalf Of Robert Rozman
Sent: Saturday, December 25, 2004 9:07 AM
To: Asterisk Users Mailing List - Non-Commercial Discussion
Subject: [Asterisk-Users] How to connect two Asterisks as secure as
possiblewithout too much additional bandwidth ?
Hi,
I plan to connect to remote Asterisk that will terminate calls to ISDN
primary channel. I'd certainly like to secure this type of service, so would
kindly ask for any advice on how to secure this authentication as much as
reasonably possible.
Since there is long IP route I guess VPN will take too much additional
bandwidth...
Regards,
Robert.
_______________________________________________
Asterisk-Users mailing list
Asterisk-Users at lists.digium.com
http://lists.digium.com/mailman/listinfo/asterisk-users
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
_______________________________________________
Asterisk-Users mailing list
Asterisk-Users at lists.digium.com
http://lists.digium.com/mailman/listinfo/asterisk-users
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
More information about the asterisk-users
mailing list