21 May
2005
21 May
'05
9:18 p.m.
On Saturday 21 May 2005 02:31 am, you wrote:
I would say SER is what you need, except that you
struggle with the
authentication. You have the following scenarios:
1. PSTN termination with IP-based access control (easiest)
2. PSTN termination with authentication of all INVITEs (yes, that's the UAC
module. You should contact the maintainer, Ramona-Elena Modroiu about the
status. I thought it was reported to work, but haven't tried myself)
3. PSTN termination with registration and authentication of REGISTER (but
not INVITEs). Use sipsak to generate a REGISTER for your box.
#2 requires that all INVITEs are sent twice and is not a very good option.
I would seek out PSTN providers who will give you #1.
g-)
UAC module doesn't work and I think won't work unless ser is made call-statefull,
'cause it needs to adjust cseq within dialog. I posted my findings to this list
several days ago (UAC module (backport to 0.9.0). Nobody replied so I guess
nobody knows the way to make it work.
As for ip auth I guess it's just not good enough. UDP invites don't require any
handshake
it's not hard at all to spoof ip address. I believe sending 2 invites worth the
security it
actually adds.
Also I don't understand what you mean by #3. Taking ip address from authenticated
REGISTER
and then doing IP auth on that?
Thanks,
Michael
Michael Ulitskiy wrote:
--
See you later,
Michael
-------------------------------------------------------
--
See you later,
Michael
Hello,
I'd like ask for advice on what is in your opinion the best solution
in the following scenario.
I have a bunch of sip servers (asterisk boxes as my users need pbx
functionality) that can make sip call to each other and my PSTN
gateway. Now I want to purchase PSTN terminitaion in several
different markets (and probably more in the future). All those
terminations will require authentication.
I want all my boxes when they see non-local call to send it to a
central routing server that would determine where this call should
be sent and authenticate to the appropriate provider so that I don't
have to configure all credentials on all asterisk boxes. Also I want
it not to deal with the media at all. All media streams should go
directly from asterisk box to the PSTN termination provider.
So basically it should be central SIP router that is able to
authenticate calls if neccessary.
I thought I could do it with SER and its UAC module, but it appears
UAC module doesn't work and probably won't work (see my previous
post in this list about UAC backport to 0.9.0).
Also I don't want to use asterisk in this place as asterisk always
wants to stay in media path and I'd really like to avoid of getting
into hassle with re-invites.
So the question is what are my options and what you would advice
as a solution. Are there any software out there that can do it
(preferably open-source, of course) or what else you could suggest to
do to get desired results.
Thanks a lot,