Isn't it the regular practice to use proxy_challenge and proxy_authorize for non REGISER methods.
Mohammad
Original Message: ----------------- From: Marian Dumitru marian.dumitru@voice-sistem.ro Date: Wed, 23 Mar 2005 21:59:27 +0100 To: rrisco@millicom.net.pe, serusers@iptel.org Subject: Re: [Serusers] Authenticating INVITE requests method
Hi Rafael,
replace if (method=="INVITE") { with if (method=="INVITE" && src_ip!=xxx.xxx.xxx.xxx) {
where that many xxx-s is the GW's IP.
Best regards, Marian
Rafael J. Risco G.V. wrote:
Hello I am doing some security improvements to my configuration because IĀ“ve realized that everyone can sends calls to PSTN gateways and other registered users even if the caller fails to register in SER, so now I instruct SER to check the username and password of the CALLER in every INVITE request like that:
if (method=="INVITE") { if (!www_authorize("mydomain", "subscriber")) { www_challenge("mydomain", "0"); break; }; };
well it works but not when calls are generated in my gateway Cisco AS5350 (these GWs dont have register comand) so I need some advice to "exclude" gateway IP for this authorization process.
thanks Rafael