[Asterisk-Users] Asterisk firewall config

Rich Adamson radamson at routers.com
Sat May 22 16:38:00 MST 2004


> The asterisk wiki states that it needs SIP, IAX2, IAX and RTP open to the 
> world to work.  Is this necessarily true, or does it only need some of these 
> outgoing?
> 
> I'm concerned as anyone that could guess an extension number&password could 
> use my server to make outgoing calls.  It would help if the extensions had a 
> netmask/allowable IP setting like the iax.conf file uses, but there isn't one 
> documented...

Tony,

What you open up (and how you restrict access) is really a function of the
resources you have available. Example, on some firewalls you can open a ton
of ports, but then limit which IP's can actually use them.

I think there is a "permit=" statement for sip def's that limit which IP's
can use that sip definition.

If that's not enough, implement IP tables as another mechanism to restrict
access.

All depends on what you've got available.

Rich





More information about the asterisk-users mailing list