Re: [asterisk-users] asterisk ip authentication
send me a copy of your sip config also make sure dissallow is before allow. Kind Regards Andrew Colin Technical Director T:010 591 4358 C: 082 310 3007 and...@vsave.co.za On 7/29/2013 1:07 AM, james jan wrote: hi all, i've changedallow=all and restarted service. butstill gives488 Not acceptable here The softswitch sends codec g729. "core show translation" says codec g729 alsa installed. On Sun, Jul 28, 2013 at 10:11 PM, Andrew Colin and...@vsave.co.za wrote: I just find it insecure because if someone does hack they can use any codec. I suppose not very insecure but I like to lock things down as much as possible. On 7/28/2013 9:09 PM, Matt Behrens wrote: On Jul 28, 2013, at 2:59 PM, Andrew Colin and...@vsave.co.za wrote: if you say allow=all it will work but thats not secure at all. How is allow=all insecure? I can see inefficient, but what would make that insecure eludes me. -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] asterisk ip authentication
hi Andrew, here is my sip.conf [] host=x.x.x.x qualify=yes type=peer insecure=port,invite context=from-internal disallow=all allow=all On Mon, Jul 29, 2013 at 9:17 AM, Andrew Colin and...@vsave.co.za wrote: send me a copy of your sip config also make sure dissallow is before allow. Kind Regards Andrew Colin Technical Director T:010 591 4358 C: 082 310 3007 and...@vsave.co.za On 7/29/2013 1:07 AM, james jan wrote: hi all, i've changed allow=all and restarted service. but still gives 488 Not acceptable here The softswitch sends codec g729. core show translation says codec g729 alsa installed. On Sun, Jul 28, 2013 at 10:11 PM, Andrew Colin and...@vsave.co.za wrote: I just find it insecure because if someone does hack they can use any codec. I suppose not very insecure but I like to lock things down as much as possible. On 7/28/2013 9:09 PM, Matt Behrens wrote: On Jul 28, 2013, at 2:59 PM, Andrew Colin and...@vsave.co.za and...@vsave.co.za wrote: if you say allow=all it will work but thats not secure at all. How is allow=all insecure? I can see inefficient, but what would make that insecure eludes me. -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users vsave logo 2.jpg-- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] asterisk ip authentication
remove disallow completely you are basically saying do not allow anything then allow anything so remove the disallow part and leave allow Kind Regards Andrew Colin Technical Director T:010 591 4358 C: 082 310 3007 and...@vsave.co.za On 7/29/2013 9:48 AM, james jan wrote: hi Andrew, here is my sip.conf [] host=x.x.x.x qualify=yes type=peer insecure=port,invite context=from-internal disallow=all allow=all On Mon, Jul 29, 2013 at 9:17 AM, Andrew Colin and...@vsave.co.za wrote: send me a copy of your sip config also make sure dissallow is before allow. Kind Regards Andrew Colin Technical Director T:010 591 4358 C: 082 310 3007 and...@vsave.co.za On 7/29/2013 1:07 AM, james jan wrote: hi all, i've changedallow=all and restarted service. butstill gives488 Not acceptable here The softswitch sends codec g729. "core show translation" says codec g729 alsa installed. On Sun, Jul 28, 2013 at 10:11 PM, Andrew Colin and...@vsave.co.za wrote: I just find it insecure because if someone does hack they can use any codec. I suppose not very insecure but I like to lock things down as much as possible. On 7/28/2013 9:09 PM, Matt Behrens wrote: On Jul 28, 2013, at 2:59 PM, Andrew Colin and...@vsave.co.za wrote: if you say allow=all it will work but thats not secure at all. How is allow=all insecure? I can see inefficient, but what would make that insecure eludes me. -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit:
Re: [asterisk-users] asterisk ip authentication
What is the output of g729 show version? -Original Message- From: asterisk-users-boun...@lists.digium.com [mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of james jan Sent: Sunday, July 28, 2013 7:07 PM To: Asterisk Users Mailing List - Non-Commercial Discussion Subject: Re: [asterisk-users] asterisk ip authentication hi all, i've changed allow=all and restarted service. but still gives 488 Not acceptable here The softswitch sends codec g729. core show translation says codec g729 alsa installed. On Sun, Jul 28, 2013 at 10:11 PM, Andrew Colin and...@vsave.co.za wrote: I just find it insecure because if someone does hack they can use any codec. I suppose not very insecure but I like to lock things down as much as possible. On 7/28/2013 9:09 PM, Matt Behrens wrote: On Jul 28, 2013, at 2:59 PM, Andrew Colin and...@vsave.co.za mailto:and...@vsave.co.za wrote: if you say allow=all it will work but thats not secure at all. How is allow=all insecure? I can see inefficient, but what would make that insecure eludes me. -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] asterisk ip authentication
hi, [] type=peer insecure=invite,port host=x.x.x.x context=from-internal disallow=all allow=g729 allow=alaw allow=ulaw allow=gsm canreinvite=no nat=no qualify=yes this works fine for one softswitch bu i tried another soft switch it gives SIP/2.0 488 Not acceptable here error. Any idea? On Fri, Jul 26, 2013 at 6:17 PM, Thorsten Göllner t...@ovm-group.com wrote: Additionally you shoudl take a look at sip set debug on (in cli) and then place a call. Am 26.07.2013 17:14, schrieb Thorsten Göllner: You should take a look at this options: type=friend context=my_context host=ip_address Am 26.07.2013 16:52, schrieb jin jan: Hi all, I've tried to sen calls to asterisk from different soft switch. I want to define ip authentication(not register) to an extension for make call through asterisk. Is there any way to make call from asterisk without register. Only ip authentication. I tried too many different configurations but it hasn't worked. This is my sip.conf --sip.conf [] host=x.x.x.x qualify=yes type=peer insecure=port,invite context=from-internal disallow=all allow=ulaw allow=alaw allow=g729 allow=gsm But gives SIP/2.0 401 Unauthorized error. Tel.: +49(0)211 / 618 57 53 Fax: +49(0)211 / 618 57 54 -- __**__**_ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/**mailman/listinfo/asterisk-**usershttp://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] asterisk ip authentication
No Acceptable here is a codec error. Check the other soft switch and see what codecs it is sending. if you say allow=all it will work but thats not secure at all. Kind Regards Andrew Colin Technical Director T:010 591 4358 C: 082 310 3007 and...@vsave.co.za On 7/28/2013 6:26 PM, james jan wrote: allow=g729 allow=alaw allow=ulaw allow=gsm -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] asterisk ip authentication
On Jul 28, 2013, at 2:59 PM, Andrew Colin and...@vsave.co.za wrote: if you say allow=all it will work but thats not secure at all. How is allow=all insecure? I can see inefficient, but what would make that insecure eludes me. smime.p7s Description: S/MIME cryptographic signature -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] asterisk ip authentication
I just find it insecure because if someone does hack they can use any codec. I suppose not very insecure but I like to lock things down as much as possible. On 7/28/2013 9:09 PM, Matt Behrens wrote: On Jul 28, 2013, at 2:59 PM, Andrew Colin and...@vsave.co.za wrote: if you say allow=all it will work but thats not secure at all. How is allow=all insecure? I can see inefficient, but what would make that insecure eludes me. -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] asterisk ip authentication
hi all, i've changed allow=all and restarted service. but still gives 488 Not acceptable here The softswitch sends codec g729. core show translation says codec g729 alsa installed. On Sun, Jul 28, 2013 at 10:11 PM, Andrew Colin and...@vsave.co.za wrote: I just find it insecure because if someone does hack they can use any codec. I suppose not very insecure but I like to lock things down as much as possible. On 7/28/2013 9:09 PM, Matt Behrens wrote: On Jul 28, 2013, at 2:59 PM, Andrew Colin and...@vsave.co.za and...@vsave.co.za wrote: if you say allow=all it will work but thats not secure at all. How is allow=all insecure? I can see inefficient, but what would make that insecure eludes me. -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] asterisk ip authentication
You should take a look at this options: type=friend context=my_context host=ip_address Am 26.07.2013 16:52, schrieb jin jan: Hi all, I've tried to sen calls to asterisk from different soft switch. I want to define ip authentication(not register) to an extension for make call through asterisk. Is there any way to make call from asterisk without register. Only ip authentication. I tried too many different configurations but it hasn't worked. This is my sip.conf --sip.conf [] host=x.x.x.x qualify=yes type=peer insecure=port,invite context=from-internal disallow=all allow=ulaw allow=alaw allow=g729 allow=gsm But gives SIP/2.0 401 Unauthorized error. Kind Regards. -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] asterisk ip authentication
Additionally you shoudl take a look at sip set debug on (in cli) and then place a call. Am 26.07.2013 17:14, schrieb Thorsten Göllner: You should take a look at this options: type=friend context=my_context host=ip_address Am 26.07.2013 16:52, schrieb jin jan: Hi all, I've tried to sen calls to asterisk from different soft switch. I want to define ip authentication(not register) to an extension for make call through asterisk. Is there any way to make call from asterisk without register. Only ip authentication. I tried too many different configurations but it hasn't worked. This is my sip.conf --sip.conf [] host=x.x.x.x qualify=yes type=peer insecure=port,invite context=from-internal disallow=all allow=ulaw allow=alaw allow=g729 allow=gsm But gives SIP/2.0 401 Unauthorized error. Tel.: +49(0)211 / 618 57 53 Fax: +49(0)211 / 618 57 54 -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] asterisk ip authentication
hi Thanks for replay. now asterisk accepts calls. But 32 second later, calls drop. Error code: -Asterisk-HangupCause: Protocol error, unspecified X-Asterisk-HangupCauseCode: 111 On Wed, Sep 26, 2012 at 2:47 PM, Carlos Rojas crt.ro...@gmail.com wrote: Hello Yes, there is, in sip.conf you should be using Insecure=invite,port for that Regards On Sep 25, 2012 4:06 PM, jin jan jinja...@gmail.com wrote: Hi all, I've tried to sen calls to asterisk from different soft switch. I want to define ip authentication(not register) to an extension for make call through asterisk. Is there any way to make call from asterisk without register. Only ip authentication. Kind Regards. -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users