I have a setup with asterisk-11.7.0 and kamailio-4.1.1. I am following the setup guide at http://kb.asipto.com/asterisk:realtime:kamailio-4.0.x-asterisk-11.3.0-astdb . I want to run asterisk and kamailio on the same server, with SIP realtime configuration
(MySQL database) so that kamailio authenticates and then forwards the registration to asterisk on localhost. The setup calls for asterisk to be configured to listen for SIP traffic on all interfaces, on a nonstandard port (I chose 5080). It also calls for
blanking of the password for the SIP peer (in my case, a softphone), so that it will not request for authentication again. I have managed to make a call with working audio from the softphone to an extension on asterisk through kamailio.
My concern is that asterisk is left listening for SIP through all interfaces and with no SIP passwords. I want to secure the setup against directed traffic to the asterisk UDP port (5080), that bypasses the kamailio process. I tried setting
bindaddr=127.0.0.1 so asterisk will only listen for SIP traffic on localhost, but this has the side effect of also removing audio - the call appears to be successful on the softphone and on the asterisk logs, but no audio is actually heard. My theory is
that the RTP traffic is being sent to kamailio instead of the softphone.
How can I set up asterisk so that it can send RTP anywhere but reject any SIP
traffic that does not come from the kamailio process on localhost?
--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
http://www.asterisk.org/hello
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
