[asterisk-users] Multiple contacts.

SIP sip at arcdiv.com
Wed Dec 5 10:07:01 CST 2007


Steve Totaro wrote:
> SIP wrote:
>   
>> Steve Totaro wrote:
>>   
>>     
>>> Alex Balashov wrote:
>>>   
>>>     
>>>       
>>>> I'm sure this has been asked a million times before, but is there an easy 
>>>> wa to have Asterisk register more than one (distinct) contact binding
>>>> concurrently?
>>>>
>>>> The goal is to have two phones register with the same credentials from 
>>>> different locations and consistently and reliably ring on inbound calls,
>>>> irrespective of their registration intervals and so on.
>>>>
>>>> --
>>>> Alex Balashov
>>>> Evariste Systems
>>>> Web    : http://www.evaristesys.com/
>>>> Tel    : +1-678-954-0670
>>>> Direct : +1-678-954-0671
>>>>   
>>>>     
>>>>       
>>>>         
>>> A million and one now, check the archives.
>>>
>>> No you cannot and why would you want to?  The device that registers last 
>>> will ring.
>>>
>>> Just set the phones up in a ring group or even a ring all queue.
>>>
>>> Thanks,
>>> Steve Totaro
>>>
>>> _______________________________________________
>>>   
>>>     
>>>       
>> Why would you WANT to? Well heck, I can think of a lot of reasons -- not 
>> the least of which being able to freely log in from anywhere at anytime 
>> with multiple phones (the wifi sip phone from the coffee shop, the desk 
>> phone at the office, the phone at home, the new phone I just picked up 
>> at lunchtime) without having to configure a device entry for each and 
>> every one of them and modify extensions.conf to ring multiple devices 
>> for each and every phone I add or remove from the list.
>>
>> In short, flexibility.
>>
>> The problem with this question is the way Asterisk thinks of phones to 
>> the way many people think of logins. To Asterisk, phones are devices -- 
>> separate entities for which there should be an entry each time. To those 
>> of us NOT migrating into Asterisk from the traditional PBX world, this 
>> is somewhat of a foreign concept. The idea that everywhere we log in 
>> from must be a unique device that has to be configured to be allowed to 
>> log in is somewhat weird in a world of mobility.
>>
>> In the days of terminals all connecting to a central hub, it made more 
>> sense.  But in the days of internet cafes, library computers, wi-fi 
>> everywhere, etc., it's just not a compatible concept. Who wants to 
>> reconfigure his VoIP box every time he goes to a new computer with a new 
>> softphone, for instance?
>>
>> So while it may make absolutely PERFECT sense in the realm of Asterisk, 
>> as Asterisk is a PBX system and that's how PBX systems think, I'm always 
>> surprised at the number of people who simply don't understand why people 
>> ask this question. A lot. :)
>>
>> N.
>>   
>>     
> Every machine in a in a Windows environment must be configured to join a 
> domain.  A user must also be setup in that domain to log in.  It is more 
> secure to lock that user into a single login session so that if they are 
> logged in at one machine, they cannot login somewhere else.  Think of it 
> like that.
>
> Flexibility is not always best practice nor secure.
>
> I do not see how internet cafes and wifi have anything to to do with 
> anything.  If you go to any of these places with your softphone or wifi 
> phone, they should work.  I am not sure how you would expect a computer 
> to just know how to configure itself other than setting up a download 
> site with a provisioning tool.  AFAIK, computers cannot read minds yet, 
> nor just configure themselves without human intervention.
>
> If you want to be that flexible you can just configure Asterisk to allow 
> you to auto register and use authenticate on dialing or to be really 
> flexible, just leave it wide open until you file to file bankruptcy due 
> to toll fraud.
>
> Thanks,
> Steve Totaro
>
> _______________________________________________
> --Bandwidth and Colocation Provided by http://www.api-digital.com--
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>    http://lists.digium.com/mailman/listinfo/asterisk-users
>   
Don't be melodramatic, Steve.

Look at most Internet services. I can log into email from just about 
anywhere with any client. I don't have to set it up before hand. I can 
log into my workstations from any SSH client I choose (as long as I'm in 
an allowed network). I don't have to preconfigure which ones are allowed 
and set them up before hand. I can log into a web site with any browser 
I choose -- the web site owners, apart from a few modifications that 
might need to be made for formatting, don't need to configure their site 
for each and every browser. With SER/OpenSER, I can create a system 
where multiple phones can log in using the same credentials because it 
doesn't even CARE about the devices themselves -- just the users logging 
in (on our service, I have my home phone, mobile, and work phone all 
logged in with the same number -- it catches me anywhere I happen to be, 
and I don't have to make modifications to the server and reload configs 
every time I want to add a phone into the mix).

And yet, none of this increases the fraud possibilities. It's simply the 
flexibility that's expected in this day and age.

As long as you authenticate SOMEhow, you're authenticated. That's kind 
of the idea behind authentication. If username/password authentication 
isn't enough, then perhaps there's a flaw in your auth process.

It's not an unreasonable question to ask why you have to authenticate 
BOTH the device AND the user using the device when you could just say 
"devices are allowed to log in as long as the user is" and allow any and 
all of them if you so CHOOSE.  You might choose not to. But it's not 
unreasonable to want that choice.

IM is one of those few scenarios where I think that I'd NOT want to have 
possibly multiple logins at the same time. The last thing I need is to 
have one half of a conversation on a random machine that I forgot to log 
out of -- if nothing else, just for the space it takes up.

However, with phones? One can be reasonably certain that I'm in control 
of the phones I'm logging in from. If I'm not, then the administrator 
should choose to disallow multiple logins from the same ID. However, if 
so, where's the harm in allowing it?

I just don't get the whole FUD issue with this. I understand that it's 
simply part of the way PBX systems work... but discounting the option as 
'dangerous' is just masking the issue.

N.



More information about the asterisk-users mailing list