Ok. That's the easy solution. However, that ain't protected againts IP spoofing problems. Isn't there a way to authenticate using users (with username and password)? So that, when Asterisk send an INVITE do SER, Asterisk should be a normal SER user, like any other user. I am using the following code to see if the invite is trusted or not:

 

                log(1, "INVITE not in table trusted\n");
                if (!radius_www_authorize("ser host")) {
                        log(1, "INVITE not authorized, generating digest\n");
                        www_challenge("ser host", "0");
                        break;
                };
                log(1, "INVITE authorized\n");

And this way, I think only the users that are in my LDAP database (contacted via radius) and registred to my ser host can make the calls. Am I correct?

 

Jose Simoes
 

On 11/25/05, Arek Bekiersz <sip@perceval.net> wrote:

You should add following in sip.conf in Asterisk:

; Proxy server for making calls to SIP or receiving calls from SIP
[your.ser.host]
type=friend
host=your.ser.host
context = your-origin
fromdomain=your.domain


In SER, do something like this:

# Authentication for all but your host
if( method=="INVITE" && src_ip!= your.ser.host.ip) {
    # Authorize here
}


--
Arek



Voipers Portugal wrote:
> Hello,
>
> I am trying to authenticate the call redirection between my SER and my
> Asterisk server. My idea is to create a User for each Server, but still
> donīt know how to do it. Any ideas?
>
> Regards,
>
> Jose Simoes

_______________________________________________
Serusers mailing list
Serusers@iptel.org
http://mail.iptel.org/mailman/listinfo/serusers