[Asterisk-Users] Connecting 2 * Together-Pulling hair out

Tim Pushor timp at crossthread.com
Thu May 5 14:06:06 MST 2005


Personally, if I owned both boxes and had full control of the dialplan 
on both, I'd stay away from passwords. (but be careful what I say, I'm a 
hack)

I have a bunch of boxes connected together via IAX and authenticating 
via RSA. The entries in iax.conf are simple, and dialing across the 
connection is simple (no passwords in the dialplan) (thanks again Rich 
for taking the time).

Tim

Here is a sample of iax.conf entries on machine a:

[machineb]
type=user
host=machineb.internal.net
auth=rsa
inkeys=machineb
username=machineb
context=inbound

[machineb]
type=peer
host=machineb.internal.net
auth=rsa
outkey=machinea
username=machinea

And an example dialplan entry to dial an extention on machineb (in the 
inbound context):

exten => 333,1,Dial(IAX2/machineb/333)

And on machinea, the opposite of machineb:

[machinea]
type=user
host=machinea.internal.net
auth=rsa
inkeys=machinea
username=machinea
context=inbound

[machinea]
type=peer
host=machinea.internal.net
auth=rsa
outkey=machineb
username=machineb

To generate the keys:

on machinea:

astgenkey -n machinea
mv machinea.* /var/lib/asterisk/keys

copy machinea.pub to machineb's /var/lib/asterisk/keys

on machineb:

astgenkey -n machineb
mv machineb.* /var/lib/asterisk/keys

copy machineb.pub to machinea's /var/lib/asterisk/keys


Chris wrote:

>    I have something similar.  Both of my servers are behind a firewall and NAT.  You will need to allow UDP 4569 through the firewall for IAX2. If you have NAT you will need to redirect 4569 to the internal server.  
>
>    I would suggest using AMP and then looking at IAX_ADDITIONAL.CONF to see how it's done. You can modify the IAX.CONf because I don't believe AMP rewrites that file.
>
>    I think the user and passwords are required.   I would suggest using a strong password or someone may decide to make a few phone calls.   After this you will need the routing in Extensions.conf to allow calls to be made on this trunk.
>
>    Asterisk will handle the SIP > IAX.    All my clients are SIP and they have no trouble going over a IAX trunk to other SIP devices on the other server.
>
>This is what my IAX_ADDITIONAL.CONF looks like
>
>SiteA - Dynamic IP
>--------------
>[boxb-peer]
>username=boxa-user
>type=peer
>trunk=yes
>secret=mypassword
>host=thehost.dyndns.org
>
>[boxb-user]
>type=user
>secret=mypassword2
>host=thehost.dyndns.org
>context=from-internal
>
>---------------
>Site b - Static IP
>----------------
>
>[boxa-peer]
>username=boxb-user
>type=peer
>trunk=yes
>secret=mypassword2
>host=xxx.xxx.xxx.xxx
>
>[boxa-user]
>type=user
>secret=mypassword
>host=xxx.xxx.xxx.xxx
>context=from-internal
>
>
>Regards,
>
>Chris
>
>
>----- Original Message ----- 
>From: "mr. barker" <cabalitomb at shaw.ca>
>To: "'Asterisk Users Mailing List - Non-Commercial Discussion'" <asterisk-users at lists.digium.com>
>Sent: Thursday, May 05, 2005 1:58 PM
>Subject: RE: [Asterisk-Users] Connecting 2 * Together-Pulling hair out
>
>
>  
>
>>Yes trying to connect to boxes together.
>>
>>One sits outside the internal firewall and is on the inside.
>>
>>I am using AMP.  However I can just put whatever I need in the custom.conf
>>sections.
>>The users agents are SIP .. can SIP call go over a IAX trunk ? if so great.
>>To create the trunk do I need to use a users name and password ? or ?
>>
>>I need to have the *box that is behind the firewall to be able to place a
>>call out through the *box that has a public ip.
>>
>>Thank you
>>
>>-----Original Message-----
>>From: asterisk-users-bounces at lists.digium.com
>>[mailto:asterisk-users-bounces at lists.digium.com] On Behalf Of Chris
>>Sent: Thursday, May 05, 2005 8:20 AM
>>To: Asterisk Users Mailing List - Non-Commercial Discussion
>>Subject: Re: [Asterisk-Users] Connecting 2 * Together-Pulling hair out
>>
>>    I am not sure what you are trying to do.    I have created an IAX2 trunk
>>between the servers over an internet connection.
>>Then all you have to do is put in call routing on the trunks to forward the
>>call to the right place.  Are you using AMP or trying to do it manually.
>>I found everything a little confusing as well, but it is simple now that I
>>understand it.
>>
>>
>>Chris
>>
>>----- Original Message ----- 
>>From: "mr. barker" <cabalitomb at shaw.ca>
>>To: "'Asterisk Users Mailing List - Non-Commercial Discussion'"
>><asterisk-users at lists.digium.com>
>>Sent: Thursday, May 05, 2005 4:43 AM
>>Subject: [Asterisk-Users] Connecting 2 * Together-Pulling hair out
>>
>>
>>    
>>
>>> 
>>>
>>>  _____  
>>>
>>>Subject: [Asterisk-Users] Connecting 2 * Together-Pulling hair out
>>>
>>> 
>>>
>>>I have read the docs on connecting 2* together but am unsure of a few
>>>      
>>>
>>things
>>    
>>
>>> 
>>>
>>>Do I need a different account for each number that will be called from one
>>>box to the other ? ie. Do I set up a user account on one and then have the
>>>other box log into that account when it whats to make a call ?
>>>
>>> 
>>>
>>>I have 2 asterisk boxes and only one of them has the ability to access a
>>>VoipAccount and PSTN connections.(*box 1). The other holds the SIP
>>>extensions for the internal SIP users/exten(*box2)
>>>
>>>I would like to be able to have the box with the Sip UA(*box2) on it to be
>>>able to place a call using the box that has the VoipAccount and PSTN
>>>connection.  I am able to make multiple UA calls on the VoipAccount and 3
>>>      
>>>
>>on
>>    
>>
>>>the PSTN lines (only have 3 lines coming in).  I can get it to work if I
>>>create a user exten on *box1 and map a trunk(which is really only an
>>>      
>>>
>>exten)
>>    
>>
>>>using the user/password login to that exten from *box2.  However when I
>>>      
>>>
>>try
>>    
>>
>>>to place a second call when the VOIP line is in use it gives me error (
>>>basically saying can't use the trunk because it is in use)  I would like
>>>      
>>>
>>to
>>    
>>
>>>be able to have this exten/trunk to be able to use multiple connections on
>>>it.
>>>
>>> 
>>>
>>>There must be an easier way to do this I am just not sure how.  I looked
>>>      
>>>
>>at
>>    
>>
>>>creating IAX trunks but still come up with the Trunk is really an Exten
>>>name/password .  
>>>
>>> 
>>>
>>>Any help would be appreciated. (my brain is boiling eggs)
>>>
>>> 
>>>
>>>Thank you.
>>>
>>> 
>>>
>>> 
>>>
>>> 
>>>
>>>
>>>      
>>>
>>----------------------------------------------------------------------------
>>----
>>
>>
>>    
>>
>>>_______________________________________________
>>>Asterisk-Users mailing list
>>>Asterisk-Users at lists.digium.com
>>>http://lists.digium.com/mailman/listinfo/asterisk-users
>>>To UNSUBSCRIBE or update options visit:
>>>   http://lists.digium.com/mailman/listinfo/asterisk-users
>>>      
>>>
>>_______________________________________________
>>Asterisk-Users mailing list
>>Asterisk-Users at lists.digium.com
>>http://lists.digium.com/mailman/listinfo/asterisk-users
>>To UNSUBSCRIBE or update options visit:
>>   http://lists.digium.com/mailman/listinfo/asterisk-users
>>
>>------------------------------------------------------------------------
>>
>>_______________________________________________
>>Asterisk-Users mailing list
>>Asterisk-Users at lists.digium.com
>>http://lists.digium.com/mailman/listinfo/asterisk-users
>>To UNSUBSCRIBE or update options visit:
>>   http://lists.digium.com/mailman/listinfo/asterisk-users
>>



More information about the asterisk-users mailing list