Peter,
I don’t believe there is any security features around DDOS prevention, etc. For that kind of functionality I’d look towards an Ingate Siperator or Firewall. Mike From: [email protected] [mailto:[email protected]] On Behalf Of Peter Selc Sent: Thursday, August 06, 2009 3:11 AM To: Robert Joly Cc: [email protected] Subject: Re: [sipx-users] remote worker can't register Therefore I tried to register Twinkle softphone behind NAT. As SIP registrar - publicIP:port was configured. When the "SIP account -> domain" was set to publicIP:port - phone didn't register as well (401). If i set only publicIP - phone registered, but can't make any outbound call, because publicIP:5060 is not the real public port. Later I changed the public port to 5060, and Twinkle registered correctly. But i would prefer to have it on non-standard port because of security reasons. Does sipxecs have some security features (ddos prevention...)? Is it known to be a working scenario, if public port is not 5060? Regards, Peter Robert Joly wrote: > On Tue, 2009-08-04 at 23:59 +0200, Peter Selc wrote: > > Hi, > > > > attached is the sip log from registrar. The extension > behind NAT was 202. > > >From that log file: > > "2009-08-04T21:46:53.644866Z":1194:AUTH:ERR:sipx.company.local > :SipRegistrarServer:B6CB5B90:SipRegistrar:"Unable to get > credentials for '[email protected]:7070', > realm='company.local', user='202'" > > The problem is that you're trying to register to the identity > [email protected]:7070 instead of [email protected] (which > would have other problems given that you're trying to do it > from the Internet). > > It may be possible to configure that public address and port > as an alias for your system... > Unfortunately, you cannot add port information to a domain alias in sipXconfig as ports are not technically part of the SIP domain. Your phone is providing a To: header with a URI containing port information and that is the source of your problem. Strictly speaking, the To: header generated by your Astraa phone is non-standard as UAs are not allowed to include port information in To: headers - please refer to table 1 of RFC 3261 for the details. You may want to check with Astraa regarding this problem.
_______________________________________________ sipx-users mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-users Unsubscribe: http://list.sipfoundry.org/mailman/listinfo/sipx-users sipXecs IP PBX -- http://www.sipfoundry.org/
