[asterisk-users] sip configuration masking the peers

Andrew Thomas andy at datavox.co.uk
Wed Jul 22 05:16:27 CDT 2009 

'host=dynamic' is your problem - as this allows any IP address to register as that friend - assuming they know the password/username combination.

Why not simply have group 1 as 'secret=pass123' and group2 as 'secret=pass456'?  Just don't tell group 1 uses the password for group 2 - and vice-versa!

-----Original Message-----
From: asterisk-users-bounces at lists.digium.com [mailto:asterisk-users-bounces at lists.digium.com] On Behalf Of peace keeper
Sent: 22 July 2009 09:44
To: Asterisk Users Mailing List - Non-Commercial Discussion
Subject: [asterisk-users] sip configuration masking the peers

Hi all, 
     I need to specify two groups of peers who are on two sub networks, the case is as follows: 
two groups of users (that are supposed to use the X-lite) group1 and group2, each group is on a sub network net1, and net2, respectively,  each group has its own dial plan defined in the extension.conf, 
we have defined the peers in the sip.conf for both groups, and successfully made a call between two peers from the groups, but the idea is we need to prevent users from network1 to register as peers of group1, 

I suppose this would be a configuration solution, but I am afraid that do know what are the right needed configurations:

here is definition of two peers each from different group: 

[1010]
type=friend
host=dynamic
context=group1   
secret=pass
host=dynamic
callerid=TestAccount<1010>
vm Extension=test 1010
mailbox=1010 at default        
nat=yes

[2003]
type=friend
context=group2    
secret=pass
host=dynamic 
callerid=Account<2003>
vm Extension=test 2003
mailbox=2003 at default
nat=yes 

each of group1 and group2 context are defined in the extension configuration as follows : 
exten => _2XXX,1,Dial(SIP/${EXTEN})
exten => _2XXX,n,Playback(unavailable)
exten => _2XXX,n,Hangup()

exten => _1XXX,1,Dial(SIP/${EXTEN})
exten => _1XXX,n,Playback(unavailable)
exten => _1XXX,n,Hangup()

in order the both groups can talk to each other, 

currentlly users in network1 can register as peer 2003 which is supposed to be allowed just for users from network2 , although this registration is supposed to be failed, any suggestions plz!! 

hope I made the scenario clear , any help would appreciated.
Thanks in advance.

More information about the asterisk-users mailing list