When you say to use authentication between server are you suggesting that the proxy that the users are hanging off authenticates all INVITE requests before forwarding them onto the proxy that controls access to the gateway? Or are you referring to some form of proxy to proxy authentication mechanism? If so what is it, as I've never come across one before and would be very interested in knowing more about it. I think using IPSEC/TLS is a little heavy duty for our needs. We require some means of verifying the identity of the remote SIP proxy that does not go by source IP address.
-----Original Message----- Hi Alan,
Excepting source IP check (which is not reliable), you can also use authentication between server - SIPproxy2 authenticates all request sent to SIP proxy1 and vice-versa.
Since the end points are fixed (PSTN GWs), you can create IPSEC tunnels to transport the signaling part. Tunneling also the media will probably introduce delay and will require some really performat machines :-).
Also you can go for TLS, which is as concept basically the same thing IPSEC tunnels. The major difference is that TLS is not free as IPSEC is.
Best regards, Marian
------------------------------------------------------------------------------------------------------- This email, and any files transmitted with it, is copyright and may contain confidential information. The contents are intended for the use of the addressee(s) only. Unauthorized use may be unlawful. If you receive this email by mistake, please advise sender immediately. The views of the author may not necessarily constitute the views of Telco Electronics Limited. Nothing in this mail shall bind Telco Electronics Limited in any contract or obligation.
Telco Electronics Limited 6-8 Oxford Court Brackley Northants NN13 7XY
Tel 01280 761600 Fax 01280 841174