[Asterisk-Users] SIP permit/deny
Douglas Garstang
dgarstang at oneeighty.com
Fri Dec 23 09:41:02 MST 2005
Aaron.
They're static, and I'm just using IP addresses for now.
I see you have secret= in there. I think Asterisk then asks for a password. I'm trying to avoid that and simply trust connections from the permitted hosts. I wouldn't be surprised if you took your host= out, it will still accept connections from other hosts and ask for a password.
Doug.
-----Original Message-----
From: Aaron Daniel [mailto:amdtech at shsu.edu]
Sent: Friday, December 23, 2005 9:30 AM
To: Asterisk Users Mailing List - Non-Commercial Discussion
Subject: Re: [Asterisk-Users] SIP permit/deny
Do the hosts have dynamic ip addresses, or can you set them up as
static? We've got ours set up so that each server has the hostname of
the other ones in the config files as such, and it only accepts
communications that identify as those servers from those hostnames:
[svm1]
type=friend
secret=password
;insecure=very
context=default
host=svm1.shsu.edu
qualify=yes
Douglas Garstang wrote:
> I have the following in sip.conf. It was my understanding that this configuration (ie with deny/permit) would only allow connections from hosts 192.168.10.4 and 192.168.10.5. That doesn't seem to be the case. Asterisk is accepting INVITE's from other addresses.
>
> [a00090101]
> type=friend
> context=Company1
> username=a00090101
> ;secret=180
> ;insecure=very
> host=dynamic
> mailbox=company1 at vmusers
> deny=0.0.0.0/0.0.0.0
> permit=192.168.10.4/255.255.255.0
> permit=192.168.10.5/255.255.255.0
> accountcode=a00090101
> subscribecontext=status
> ;qualify=yes
> canreinvite=yes
>
> I'm trying to configure Asterisk to accept connections (ie invites) from two trusted hosts without asking for a password. If it gets an invite from somewhere else, send back Forbidden. Anyone know how to do this?
>
> Thanks,
> Doug.
> _______________________________________________
> --Bandwidth and Colocation provided by Easynews.com --
>
> Asterisk-Users mailing list
> To UNSUBSCRIBE or update options visit:
> http://lists.digium.com/mailman/listinfo/asterisk-users
>
_______________________________________________
--Bandwidth and Colocation provided by Easynews.com --
Asterisk-Users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
More information about the asterisk-users
mailing list