[asterisk-users] IAX and rsa

picciuX matteo at picciux.it
Wed Sep 6 02:04:17 MST 2006 

try adding a "username" setting in your friends: auth is "username/key", not
only "key".
Keep in mind that "username" in peers and friends is valid only for
"outbound", i.e. it is used for outbound authentication, no inbound. When
you receive a call, the incoming username is matched with the [.....] part
of the peer/friend definition.
In other words, "username" is for "peers", not for "users". So when used in
a "friend", username is used only when that "friend" is acting as a peer,
i.e. when you're calling it.

Be sure also to put private and public keys in correct directory
(/var/lib/asterisk/keys, as I remember).

In your conf:

iax.conf on box 1

[asterisk2]

type=friend
username=asterisk1   ; <=========== add this: your outbound username
context=main
auth=rsa
inkey=asterisk2.mydomain.com
outkey=asterisk1.mydomain.com
host=asterisk2.mydomain.com

extensions.conf looks like this:

exten => _XX.,1,Dial(IAX2/asterisk2/${EXTEN})

iax on box 2

[asterisk1]

type=friend
context=main
username=asterisk2   ; <=========== add this: your outbound username
auth=rsa
inkey=asterisk1.mydomain.com
outkey=asterisk2.mydomain.com
host=asterisk1.mydomain.com

extensions.conf looks like this

exten => _XX.,1,Dial(IAX2/asterisk1/${EXTEN})


Hope this helps

05 Sep 2006 20:37:40 +0200, andrutto <andrutto at poczta.fm>:
>
> Hi
>
> I am tyring to connect two * boxes over IAX with rsa, but I am having a
> slight problem. It just doesn't work. My configuration looks like this:
>
> iax.conf on box 1
>
> [asterisk2]
>
> type=friend
> context=main
> auth=rsa
> inkey=asterisk2.mydomain.com
> outkey=asterisk1.mydomain.com
> host=asterisk2.mydomain.com
>
> extensions.conf looks like this:
>
> exten => _XX.,1,Dial(IAX2/asterisk2/${EXTEN})
>
> iax on box 2
>
> [asterisk1]
>
> type=friend
> context=main
> auth=rsa
> inkey=asterisk1.mydomain.com
> outkey=asterisk2.mydomain.com
> host=asterisk1.mydomain.com
>
> extensions.conf looks like this
>
> exten => _XX.,1,Dial(IAX2/asterisk1/${EXTEN})
>
> I generated the key with astgenkey -n asterisk1.mydoamin.com on box 1 and
> astgenkey -n asterisk2.mydomain.com on box 2. I have also exchanged the
> .pub files between the servers.
>
> When I try to call, I can see on a console that the call is not
> authenticated.
>
> I know I did something wrong (but what?). Is it possible to have rsa
> authentication with type=friend? Any help would be appreciated.
>
> Cheers
>
> Andrutto
>
>
>
>
>
> ----------------------------------------------------------------------
> Zobacz samochody przyszlosci! >>> http://link.interia.pl/f199d
>
> _______________________________________________
> --Bandwidth and Colocation provided by Easynews.com --
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>    http://lists.digium.com/mailman/listinfo/asterisk-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20060906/be2609a2/attachment.htm

More information about the asterisk-users mailing list