[asterisk-users] Security - Using Linksys PAP2T from outside with a dynamic IP is there anyway to block all other traffic but those of the PAP2T?

[Carlos Chavez]

On Sat, 2 Oct 2010 14:56:11 -0400, bruce bruce wrote
> Hi Everyone
> 
> I think PAP2T supports DynDNS and other Dynamic DNS providers. I have a box that needs to be secured at all times. Currently it's not connected to the internet. If it were connected, I would have iptables block any and all traffic from outside but I want a single device - Linksys PAP2T - to be able to connect back to the server. That is a stand alone device and doesn't support VPN and I don't have the luxury of putting a VPN client on the PAP2T side to connect back to the server. Is there any way I can DynDNS on the PAP2T to somehow notify the Asterisk Server that it's a safe device coming in?
> 
> I do use fail2ban but that is not what I am looking for at this moment. And since the IP is dynamic on the PAP2T, I can't just use the iptables to let it in as it might change all a sudden.
>

The PAP2T does not include DynDns (or any other dynamic DNS client) support.  Mostly because it really does not need to.  Asterisk gets the IP address of the PAP2T when it registers so it does not need anything else to find it.  If you are unwilling or unable to open/expose the necessary ports to the Internet then there is no way for the PAP2T to communicate with your Asterisk server.

Maybe you could have a SIP proxy on the outside on a static IP and then allow that Proxy to relay the PAP2T into your network?

-- 
Carlos Chavez 
Director de Tecnología 
Telecomunicaciones Abiertas de México S.A. de C.V. 
Tel: +52-55-91169161 Ext 2001
 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20101003/86e2f133/attachment.htm