Depends on the config and what type of message the caller managed to make asterisk create... You could (and probably should) put asterisk on a private routable network (i.e. NATed behind a firewall). The best would be to put ser and asterisk on the same network and only allow outside world to contact ser and let ser contact asterisk using the private address of asterisk. Alternatively you could use tcp to asterisk and stop udp traffic. Why the caller wouldn't receive audio, I don't understand... g-)

Nick Hoffman wrote:

Hi guys. Say you have this setup, with an account for the caller on both Asterisk and SER: Caller -> SER -> Asterisk -> VoIP Provider -> Callee

If the caller were to spoof SER's IP address and place a call directly to Asterisk (thus circumventing SER), what would happen?

If the call was in fact setup, obviously the caller would not receive any audio from the callee. However, would the call be setup? When Asterisk responds to the caller's request and sends SIP packets back (to SER), would SER say "I don't know anything about this call! Asterisk, kill this call please."?

Thanks for your input! -- Nick e: nick.hoffman@altcall.com p: +61 7 5591 3588 f: +61 7 5591 6588

If you receive this email by mistake, please notify us and do not make any use of the email. We do not waive any privilege, confidentiality or copyright associated with it. _______________________________________________ Serusers mailing list Serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers