[asterisk-users] sip peer permit/deny - Need some explanation
Administrator TOOTAI
admin at tootai.net
Mon Jan 12 12:08:26 CST 2009
Rob Hillis a écrit :
> Administrator TOOTAI wrote:
>
>> [MyPeer]
>> host=xxx.xxx.xxx.139
>> deny=0.0.0.0/0.0.0.0
>> permit=xxx.xxx.xxx.136/255.255.255.248 ;IP address from range 138 to 142
>> permit=yyy.yyy.yyy.yyy/255.255.255.255
>> On incoming calls, when the peer address is the one terminating with
>> .139 everything is OK.
>>
>> If I change the external IP from the peer *ON* the peer machine to let's
>> say .140 (or any other permitted address from this peer), incoming calls
>> are not recognized despite the deny/permit stanza. If I modify the host
>> to .140 in my peer definition, it's again working normally.
>>
>> Question is: why even by allowing in the permit stuff the allowed IPs
>> from a peer, Asterisk does only accept calls from those peers if the
>> peer machine has the IP address from the host definition in my peer sip.conf
>>
>>
>
> Since you are including a specific IP address in the host line, Asterisk
> will not accept calls from any other IP address. If you want to accept
> calls from multiple IP addresses, you *must* set host to dynamic and
> then use the permit/deny lines to restrict calls accordingly.
>
> Of course, since your sip peer is now set to "dynamic", it will now need
> to register with Asterisk.
>
Thanks for all your answers.
I really was out of this behaviour: as my conf is a friend (user+peer) I
was thinking that the use of the host=<IP address> will be the IP to
send calls, the deny/permit stuff will be used for incoming calls eg in
user role.
I solved my problem by adding as much [sip peer0|1|2|...] with the right
IP in host= as needed. In this case no need to change setup on both sides.
Regards
--
Daniel
More information about the asterisk-users
mailing list