Following this asipto guide:
http://kb.asipto.com/asterisk:realtime:kamailio-4.0.x-asterisk-11.3.0-astdb
I've found that no auth is required to create a communication: Invites are sent regardless of a previously done auth with the kam's auth_db
I've used this sip checker: http://www.sinologic.net/proyectos/asterisk/checkSecurity/
Result:
Uh oh! you allow external calls... Configure better your sip configuration to avoid this calls
SIP/2.0 100 trying -- your call is important to us
What is missing in the config file explained in the guide?
Manuel
On 12/10/14 16:26, Manuel Camarg wrote:
Following this asipto guide:
http://kb.asipto.com/asterisk:realtime:kamailio-4.0.x-asterisk-11.3.0-astdb
I've found that no auth is required to create a communication: Invites are sent regardless of a previously done auth with the kam's auth_db
I've used this sip checker: http://www.sinologic.net/proyectos/asterisk/checkSecurity/
Result:
Uh oh! you allow external calls... Configure better your sip configuration to avoid this calls
SIP/2.0 100 trying -- your call is important to us
What is missing in the config file explained in the guide?
By default with kamailio.cfg we are open for interconnect, thus allowing calls from users of external voip services to local users and from local users to users of external voip services.
If you want to block that, you can change the config so only users with local domains are allowed to use the service.
Also, the tutorial is more like getting started with kamailio and asterisk, you have to tailor it to your needs and constraints you want to have. You can take the tutorials as a basis to build another one which is more restrictive and publish it for people that will have same interests.
Cheers, Daniel
If you want to block that, you can change the config so only users with local domains are allowed to use the service.
Thanks Daniel,
Where shall I look in the docs to find info about this?
Regards
*Manuel Camargo* Teléfono: 638000836 eMail: sir.louen@gmail.com https://twitter.com/SirLouen [image: Ver el perfil de Manuel Camargo Lominchar en LinkedIn] http://es.linkedin.com/in/louen
2014-10-12 16:26 GMT+02:00 Manuel Camarg sir.louen@gmail.com:
Following this asipto guide:
http://kb.asipto.com/asterisk:realtime:kamailio-4.0.x-asterisk-11.3.0-astdb
I've found that no auth is required to create a communication: Invites are sent regardless of a previously done auth with the kam's auth_db
I've used this sip checker: http://www.sinologic.net/proyectos/asterisk/checkSecurity/
Result:
Uh oh! you allow external calls... Configure better your sip configuration to avoid this calls
SIP/2.0 100 trying -- your call is important to us
What is missing in the config file explained in the guide?
Manuel
On 14/10/14 21:11, Manuel Camarg wrote:
If you want to block that, you can change the config so only users with local domains are allowed to use the service.
Thanks Daniel, Where shall I look in the docs to find info about this?
It is a matter of config file, mainly the route[AUTH] -- remove the if condition about what has to be authenticated and authenticate all the requests.
Cheers, Daniel
2014-10-12 16:26 GMT+02:00 Manuel Camarg <sir.louen@gmail.com mailto:sir.louen@gmail.com>:
Following this asipto guide: http://kb.asipto.com/asterisk:realtime:kamailio-4.0.x-asterisk-11.3.0-astdb I've found that no auth is required to create a communication: Invites are sent regardless of a previously done auth with the kam's auth_db I've used this sip checker: http://www.sinologic.net/proyectos/asterisk/checkSecurity/ Result: Uh oh! you allow external calls... Configure better your sip configuration to avoid this calls SIP/2.0 100 trying -- your call is important to us What is missing in the config file explained in the guide? Manuel
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
-
Daniel-Constantin Mierla -
Manuel Camarg