Hey,
are there working ways for authentication with sip trunks? i've read cisco gateways (PGW) and cisco call manager can do this.
anyone knows if openser+asterisk support it too?
Martin Klisch wrote:
Hey,
are there working ways for authentication with sip trunks? i've read cisco gateways (PGW) and cisco call manager can do this.
it depends on what kind of authentication you mean. Trunks may be authenticated on IP address, digest authentication, TLS or some kind of secret cookie/token (in a proprietary header (like OSP does) or as prefix in the request uri).
All of these can be used with openser, whereas digest authentication is not RFC conform (CSeq problem).
I think Asterisk supports all of them except TLS.
btw: if you use IP based authentication do not use UDP (as it can be spoofed easily)
regards klaus
anyone knows if openser+asterisk support it too?
Users mailing list Users@openser.org http://openser.org/cgi-bin/mailman/listinfo/users
Martin Klisch wrote:
Hey,
are there working ways for authentication with sip trunks? i've read cisco gateways (PGW) and cisco call manager can do this.
it depends on what kind of authentication you mean. Trunks may be authenticated on IP address, digest authentication, TLS or some kind of secret cookie/token (in a proprietary header (like OSP does) or as prefix in the request uri).
All of these can be used with openser, whereas digest authentication is not RFC conform (CSeq problem).
I think Asterisk supports all of them except TLS.
btw: if you use IP based authentication do not use UDP (as it can be spoofed easily)
That's my problem. We want to use standard SIP trunk (via UDP) to connect different PBX's and other carriers. So we cant use something, that isnt rfc conform. at the moment we put a cisco router in front of a pbx and build a tunnel to our ser. this is an expensive solution. anyone knows other ways to do it?
Martin Klisch wrote:
I think Asterisk supports all of them except TLS.
btw: if you use IP based authentication do not use UDP (as it can be spoofed easily)
That's my problem. We want to use standard SIP trunk (via UDP) to connect different PBX's and other carriers. So we cant use something, that isnt rfc conform. at the moment we put a cisco router in front of a pbx and build a tunnel to our ser. this is an expensive solution. anyone knows other ways to do it?
Who authenticates who? Does the PBX authenticate or does openser authenticate?
klaus
Hi Martin,
Klaus Darilion wrote:
Martin Klisch wrote:
I think Asterisk supports all of them except TLS.
btw: if you use IP based authentication do not use UDP (as it can be spoofed easily)
That's my problem. We want to use standard SIP trunk (via UDP) to connect different PBX's and other carriers. So we cant use something, that isnt rfc conform. at the moment we put a cisco router in front of a pbx and build a tunnel to our ser. this is an expensive solution. anyone knows other ways to do it?
Who authenticates who? Does the PBX authenticate or does openser authenticate?
if I understand correctly the PBX has to authenticate to OpenSER ,right? if so, digest authentication will not be a problem.
regards, bogdan
-
Bogdan-Andrei Iancu -
Klaus Darilion -
Martin Klisch