Ok. That's the easy solution. However, that ain't protected againts IP spoofing problems. Isn't there a way to authenticate using users (with username and password)? So that, when Asterisk send an INVITE do SER, Asterisk should be a normal SER user, like any other user. I am using the following code to see if the invite is trusted or not:
log(1, "INVITE not in table trusted\n");
if (!radius_www_authorize("ser host")) {
log(1, "INVITE not authorized, generating digest\n");
www_challenge("ser host", "0");
break;
};
log(1, "INVITE authorized\n");
And this way, I think only the users that are in my LDAP database (contacted via radius) and registred to my ser host can make the calls. Am I correct?
Jose Simoes
On 11/25/05, Arek Bekiersz <sip@perceval.net> wrote:
You should add following in sip.conf in Asterisk:
; Proxy server for making calls to SIP or receiving calls from SIP
[your.ser.host]
type=friend
host=your.ser.host
context = your-origin
fromdomain=your.domain
In SER, do something like this:
# Authentication for all but your host
if( method=="INVITE" && src_ip!=
your.ser.host.ip) {
# Authorize here
}
--
Arek
Voipers Portugal wrote:
> Hello,
>
> I am trying to authenticate the call redirection between my SER and my
> Asterisk server. My idea is to create a User for each Server, but still
> donīt know how to do it. Any ideas?
>
> Regards,
>
> Jose Simoes
_______________________________________________
Serusers mailing list
Serusers@iptel.org
http://mail.iptel.org/mailman/listinfo/serusers