25 Nov
2005
25 Nov
'05
8:34 p.m.
Ok. That's the easy solution. However, that ain't protected againts IP
spoofing problems. Isn't there a way to authenticate using users (with
username and password)? So that, when Asterisk send an INVITE do SER,
Asterisk should be a normal SER user, like any other user. I am using the
following code to see if the invite is trusted or not:
log(1, "INVITE not in table trusted\n");
if (!radius_www_authorize("ser host")) {
log(1, "INVITE not authorized, generating
digest\n");
www_challenge("ser host", "0");
break;
};
log(1, "INVITE authorized\n");
And this way, I think only the users that are in my LDAP database (contacted
via radius) and registred to my ser host can make the calls. Am I correct?
Jose Simoes
On 11/25/05, Arek Bekiersz <sip(a)perceval.net> wrote:
You should add following in sip.conf in Asterisk:
; Proxy server for making calls to SIP or receiving calls from SIP
[your.ser.host]
type=friend
host=your.ser.host
context = your-origin
fromdomain=your.domain
In SER, do something like this:
# Authentication for all but your host
if( method=="INVITE" && src_ip!=your.ser.host.ip) {
# Authorize here
}
--
Arek
Voipers Portugal wrote:
Hello,
I am trying to authenticate the call redirection between my SER and my
Asterisk server. My idea is to create a User for each Server, but still
don´t know how to do it. Any ideas?
Regards,
Jose Simoes
_______________________________________________
Serusers mailing list
serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers