Talk:VoIP Phones - Asterisk: Difference between revisions
SimonArlott (talk | contribs) (Created page with "== Incoming Calls == === Peer Section === *Accept authenticated calls and route them to a context. <pre> [aaisp-incoming-username] type=peer context=aaisp-incoming-context sec...") |
SimonArlott (talk | contribs) No edit summary |
||
| (5 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
= Incoming Calls = |
|||
== Peer Section == |
|||
*Accept authenticated calls and route them to a context. |
*Accept authenticated calls and route them to a context. |
||
<pre> |
<pre> |
||
| Line 7: | Line 7: | ||
context=aaisp-incoming-context |
context=aaisp-incoming-context |
||
secret=aaisp-incoming-password |
secret=aaisp-incoming-password |
||
transport=udp |
|||
disallow=all |
|||
allow=alaw |
|||
trustrpid=yes |
trustrpid=yes |
||
</pre> |
</pre> |
||
| ⚫ | |||
*There are two options: either detect Voiceless and ask it to authenticate, or request that every rejected attempt authenticates. |
|||
| ⚫ | |||
| ⚫ | |||
==== Authenticate Everyone ==== |
|||
*Voiceless must authenticated so that calls are recognised as the above peer section. |
|||
*This is the more secure option as it stops your usernames from being enumerated by brute force. |
|||
| ⚫ | |||
<pre> |
<pre> |
||
[general] |
[general] |
||
alwaysauthreject=yes |
|||
match_auth_username=yes |
match_auth_username=yes |
||
</pre> |
</pre> |
||
| ⚫ | |||
==== Authenticate Voiceless ==== |
|||
| ⚫ | |||
*This is the more complex option as you need to list every Voiceless name. |
|||
| ⚫ | |||
[general] |
|||
alwaysauthreject=no |
|||
match_auth_username=yes |
|||
== Separate Section == |
|||
[aaisp-voiceless] |
|||
| ⚫ | |||
| ⚫ | |||
[aaisp-outgoing-account] |
|||
md5secret=intentionally_invalid_md5_string |
|||
| ⚫ | |||
host=voiceless.aa.net.uk |
|||
| ⚫ | |||
defaultip=81.187.30.111 |
defaultip=81.187.30.111 |
||
username=aaisp-phone-number |
|||
remotesecret=aaisp-outgoing-password |
|||
[aaisp-voiceless-b4](aaisp-voiceless) |
|||
transport=udp |
|||
host=b4.voiceless.aa.net.uk |
|||
disallow=all |
|||
| ⚫ | |||
allow=alaw |
|||
[aaisp-voiceless-c4](aaisp-voiceless) |
|||
host=c4.voiceless.aa.net.uk |
|||
defaultip=81.187.30.112 |
|||
[aaisp-voiceless-d4](aaisp-voiceless) |
|||
host=d4.voiceless.aa.net.uk |
|||
defaultip=81.187.30.114 |
|||
</pre> |
</pre> |
||
== Combined Section == |
|||
<pre> |
|||
| ⚫ | |||
[aaisp-incoming-username] |
|||
| ⚫ | |||
type=friend |
|||
transport=udp |
|||
disallow=all |
|||
allow=alaw |
|||
; incoming |
|||
context=aaisp-incoming-context |
|||
secret=aaisp-incoming-password |
|||
trustrpid=yes |
|||
; outgoing |
|||
| ⚫ | |||
| ⚫ | |||
username=aaisp-phone-number |
|||
remotesecret=aaisp-outgoing-password |
|||
</pre> |
|||
Latest revision as of 20:04, 7 April 2015
Incoming Calls
Peer Section
- Accept authenticated calls and route them to a context.
[aaisp-incoming-username] type=peer context=aaisp-incoming-context secret=aaisp-incoming-password transport=udp disallow=all allow=alaw trustrpid=yes
Authentication
- Voiceless must authenticated so that calls are recognised as the above peer section.
- You need to use the match_auth_username=yes setting otherwise Asterisk will not recognise Voiceless' initial requests.
[general] match_auth_username=yes
Outgoing Calls
- Either use a separate type=user section or combine incoming and outgoing in one type=friend section
Separate Section
[aaisp-outgoing-account] type=user host=voiceless.aa.net.uk defaultip=81.187.30.111 username=aaisp-phone-number remotesecret=aaisp-outgoing-password transport=udp disallow=all allow=alaw
Combined Section
[aaisp-incoming-username] type=friend transport=udp disallow=all allow=alaw ; incoming context=aaisp-incoming-context secret=aaisp-incoming-password trustrpid=yes ; outgoing host=voiceless.aa.net.uk defaultip=81.187.30.111 username=aaisp-phone-number remotesecret=aaisp-outgoing-password