[asterisk-users] how to show used "wrong password"

Warren Selby wcselby at selbytech.com
Thu Mar 15 14:38:27 CDT 2012

On Wed, Mar 14, 2012 at 1:36 PM, Randall <randall at songshu.org> wrote:

> all works as expected only there is 1 extension that is trying to register
> with a wrong password causing fail2ban to block the IP address, normally
> that is ok behaviour but i have several extensions on that IP address.

First of all, white list the IP in fail2ban and you won't accidentally ban
the whole office.  This can be done by following this guide:

Second, this is kind of outside the box thinking, so it may not work at
all, but try setting the NAT on that peer to no, and then tcpdump the
incoming registration attempts and see if you can see the internal private
IP address of the packet.  If there's a SIP helper on the far end, this may
not help.  Possibly, remove the secret= line from that peer in sip.conf and
see if it successfully registers.  Again, with the right nat= setting, you
may be able to tcpdump the communication with that peer and get the private
IP address so that you can then attempt narrow it down.  This is not a long
term solution, obviously, as it would create a gaping security hole, but
it's worth a shot.

--Warren Selby, dCAP
http://www.SelbyTech.com <http://www.selbytech.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20120315/8107f402/attachment.htm>

More information about the asterisk-users mailing list