11 Feb
2004
11 Feb
'04
6:10 p.m.
On Wed, 11 Feb 2004, Alan Litster wrote:
Hi,
We have a few local domains that we will be using SER
act as a proxy and to
protect our gateway. In the near future we will also be providing PSTN
breakout for other SIP domains that are not on our proxy.
What is the best way to allow traffic from certain know SIP domains out
through our gateways?
I've thought about having users authenticate to our proxy, but this could
get very complex and messy serving multiple local & remote domains. Other
option is just to allow traffic through from the trusted domains I guess.
You can use radius authentication. This way, you can authenticate your local
users/domains and proxy the auth radius requests to a remote radius
owned/managed by your customer for external users.
One last question, is any one familiar with the Cisco
AS5300?
How do you go about locking it down so that only authorised users can pass
calls out onto the PSTN?
Set an access-list in your gateway that only accepts traffic to port 5060 from
your ser proxy.
We have a number of Vega 100's that have the
option of only allow proxy
invited calls. Is there something similar on the AS5300 or would that have
to do authentication aswell, AAA ?
Cisco AS5xxx can only do Microsoft Passport Authentication for SIP :(
Saludos
JesusR.
-------------------------------
Jesus Rodriguez
VozTelecom Sistemas, S.L.
jesusr(a)voztele.com
http://www.voztele.com
Tel. 902360305
-------------------------------