btw: if you use IP based authentication do not use UDP (except you can be sure that the packets can't be spoofed).
regards klaus On Thu, January 18, 2007 16:38, Cristian Caprar said: > I was afraid of this answer. So I guess the solution for us is to fix > the IP address of the GW and keep it in the trusted table. > > Thanks, > Cristian > >> -----Original Message----- >> From: Klaus Darilion [mailto:[EMAIL PROTECTED] >> Sent: Thursday, January 18, 2007 11:02 AM >> To: Cristian Caprar >> Cc: [email protected] >> Subject: Re: [Users] allow trusted proxies with dynamic IPs >> >> You can'T use IP based authentication if the IP addresses are > changing. >> >> Thus, you either have to use gateways which are able to authenticate >> with digest authentication or the gateway supports TLS. >> >> regards >> klaus >> >> Cristian Caprar wrote: >> > Hi all, >> > >> > >> > >> > Can someone provide any hints on how to solve the issue described > below? >> > >> > >> > >> > Thanks, >> > >> > Cristian >> > >> > >> > >> > ________________________________ >> > >> > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > On >> > Behalf Of Cristian Caprar >> > Sent: Tuesday, January 16, 2007 12:55 PM >> > To: [email protected] >> > Subject: [Users] allow trusted proxies with dynamic IPs >> > >> > >> > >> > Hi, >> > >> > >> > >> > Is it possible to allow_trusted some PSTN gateways which have a > dynamic >> > IP address? >> > >> > >> > >> >>From what it looks like, the trusted table only allows the usage of > a >> > source IP address. A hostname that is DNS resolvable or an IP/mask > pair >> > would solve this. >> > >> > >> > >> > What can be done? >> > >> > >> > >> > Thanks, >> > >> > Cristian >> > >> > >> > >> > >> > > ------------------------------------------------------------------------ >> > >> > _______________________________________________ >> > Users mailing list >> > [email protected] >> > http://openser.org/cgi-bin/mailman/listinfo/users >> >> >> -- >> Klaus Darilion >> nic.at > > _______________________________________________ Users mailing list [email protected] http://openser.org/cgi-bin/mailman/listinfo/users
