Talk:VoIP Phones - Asterisk: Difference between revisions
SimonArlott (talk | contribs) (Created page with "== Incoming Calls == === Peer Section === *Accept authenticated calls and route them to a context. <pre> [aaisp-incoming-username] type=peer context=aaisp-incoming-context sec...") |
SimonArlott (talk | contribs) No edit summary |
||
| Line 1: | Line 1: | ||
= Incoming Calls = |
|||
== Peer Section == |
|||
*Accept authenticated calls and route them to a context. |
*Accept authenticated calls and route them to a context. |
||
<pre> |
<pre> |
||
| Line 9: | Line 9: | ||
trustrpid=yes |
trustrpid=yes |
||
</pre> |
</pre> |
||
== Authentication == |
|||
*There are two options: either detect Voiceless and ask it to authenticate, or request that every rejected attempt authenticates. |
*There are two options: either detect Voiceless and ask it to authenticate, or request that every rejected attempt authenticates. |
||
*In both cases you need to use the '''match_auth_username=yes''' setting otherwise Asterisk will not recognise Voiceless' username. |
*In both cases you need to use the '''match_auth_username=yes''' setting otherwise Asterisk will not recognise Voiceless' username. |
||
=== Authenticate Everyone === |
|||
*This is the more secure option as it stops your usernames from being enumerated by brute force. |
*This is the more secure option as it stops your usernames from being enumerated by brute force. |
||
<pre> |
<pre> |
||
| Line 21: | Line 21: | ||
</pre> |
</pre> |
||
=== Authenticate Voiceless === |
|||
*This is the more complex option as you need to list every Voiceless name. |
*This is the more complex option as you need to list every Voiceless name. |
||
<pre> |
<pre> |
||
| Line 50: | Line 50: | ||
= Outgoing Calls = |
|||
*Either use a separate '''type=user''' section or combine incoming and outgoing in one '''type=friend''' section |
*Either use a separate '''type=user''' section or combine incoming and outgoing in one '''type=friend''' section |
||
Revision as of 19:24, 11 February 2015
Incoming Calls
Peer Section
- Accept authenticated calls and route them to a context.
[aaisp-incoming-username] type=peer context=aaisp-incoming-context secret=aaisp-incoming-password trustrpid=yes
Authentication
- There are two options: either detect Voiceless and ask it to authenticate, or request that every rejected attempt authenticates.
- In both cases you need to use the match_auth_username=yes setting otherwise Asterisk will not recognise Voiceless' username.
Authenticate Everyone
- This is the more secure option as it stops your usernames from being enumerated by brute force.
[general] alwaysauthreject=yes match_auth_username=yes
Authenticate Voiceless
- This is the more complex option as you need to list every Voiceless name.
[general] alwaysauthreject=no match_auth_username=yes [aaisp-voiceless] type=peer md5secret=intentionally_invalid_md5_string [aaisp-voiceless-a4](aaisp-voiceless) host=a4.voiceless.aa.net.uk defaultip=81.187.30.111 [aaisp-voiceless-b4](aaisp-voiceless) host=b4.voiceless.aa.net.uk defaultip=81.187.30.113 [aaisp-voiceless-c4](aaisp-voiceless) host=c4.voiceless.aa.net.uk defaultip=81.187.30.112 [aaisp-voiceless-d4](aaisp-voiceless) host=d4.voiceless.aa.net.uk defaultip=81.187.30.114
Outgoing Calls
- Either use a separate type=user section or combine incoming and outgoing in one type=friend section