Talk:VoIP Phones - Asterisk: Difference between revisions
SimonArlott (talk | contribs) No edit summary |
SimonArlott (talk | contribs) No edit summary |
||
| Line 7: | Line 7: | ||
context=aaisp-incoming-context |
context=aaisp-incoming-context |
||
secret=aaisp-incoming-password |
secret=aaisp-incoming-password |
||
transport=udp |
|||
disallow=all |
|||
allow=alaw |
|||
trustrpid=yes |
trustrpid=yes |
||
</pre> |
</pre> |
||
| Line 67: | Line 70: | ||
username=aaisp-phone-number |
username=aaisp-phone-number |
||
remotesecret=aaisp-outgoing-password |
remotesecret=aaisp-outgoing-password |
||
transport=udp |
|||
disallow=all |
|||
allow=alaw |
|||
</pre> |
</pre> |
||
| Line 73: | Line 79: | ||
[aaisp-incoming-username] |
[aaisp-incoming-username] |
||
type=friend |
type=friend |
||
transport=udp |
|||
disallow=all |
|||
allow=alaw |
|||
; incoming |
; incoming |
||
context=aaisp-incoming-context |
context=aaisp-incoming-context |
||
Revision as of 19:39, 11 February 2015
Incoming Calls
Peer Section
- Accept authenticated calls and route them to a context.
[aaisp-incoming-username] type=peer context=aaisp-incoming-context secret=aaisp-incoming-password transport=udp disallow=all allow=alaw trustrpid=yes
Authentication
- Voiceless must authenticated so that calls are recognised as the above peer section.
- There are two options: either detect Voiceless and ask it to authenticate, or request that every rejected INVITE from all sources authenticates.
- In both cases you need to use the match_auth_username=yes setting otherwise Asterisk will not recognise Voiceless' username.
Authenticate Everyone
- This is the more secure option as it stops your usernames from being enumerated by brute force.
- You can't allow a default guest context (unauthenticated calls) or calls from Voiceless will use it.
[general] allowguest=no alwaysauthreject=yes match_auth_username=yes
Authenticate Voiceless
- This is the more complex option as you need to list every Voiceless name.
- It is the only option if you need to allow the default guest context (unauthenticated calls).
[general] ; allowguest=yes ; alwaysauthreject=no match_auth_username=yes [aaisp-voiceless] type=peer md5secret=intentionally_invalid_md5_string [aaisp-voiceless-a4](aaisp-voiceless) host=a4.voiceless.aa.net.uk defaultip=81.187.30.111 [aaisp-voiceless-b4](aaisp-voiceless) host=b4.voiceless.aa.net.uk defaultip=81.187.30.113 [aaisp-voiceless-c4](aaisp-voiceless) host=c4.voiceless.aa.net.uk defaultip=81.187.30.112 [aaisp-voiceless-d4](aaisp-voiceless) host=d4.voiceless.aa.net.uk defaultip=81.187.30.114
Outgoing Calls
- Either use a separate type=user section or combine incoming and outgoing in one type=friend section
Separate Section
[aaisp-outgoing-account] type=user host=voiceless.aa.net.uk defaultip=81.187.30.111 username=aaisp-phone-number remotesecret=aaisp-outgoing-password transport=udp disallow=all allow=alaw
Combined Section
[aaisp-incoming-username] type=friend transport=udp disallow=all allow=alaw ; incoming context=aaisp-incoming-context secret=aaisp-incoming-password trustrpid=yes ; outgoing host=voiceless.aa.net.uk defaultip=81.187.30.111 username=aaisp-phone-number remotesecret=aaisp-outgoing-password