14 Oct
2014
14 Oct
'14
11:12 a.m.
On 12/10/14 16:26, Manuel Camarg wrote:
Following this asipto guide:
http://kb.asipto.com/asterisk:realtime:kamailio-4.0.x-asterisk-11.3.0-astdb
I've found that no auth is required to create a communication: Invites
are sent regardless of a previously done auth with the kam's auth_db
I've used this sip checker:
http://www.sinologic.net/proyectos/asterisk/checkSecurity/
Result:
Uh oh! you allow external calls...
Configure better your sip configuration to avoid this calls
SIP/2.0 100 trying -- your call is important to us
What is missing in the config file explained in the guide?
By default with
kamailio.cfg we are open for interconnect, thus allowing
calls from users of external voip services to local users and from local
users to users of external voip services.
If you want to block that, you can change the config so only users with
local domains are allowed to use the service.
Also, the tutorial is more like getting started with kamailio and
asterisk, you have to tailor it to your needs and constraints you want
to have. You can take the tutorials as a basis to build another one
which is more restrictive and publish it for people that will have same
interests.
Cheers,
Daniel
--
Daniel-Constantin Mierla
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda