[Serusers] Serving multiple domains
Jesus Rodriguez
jesusr at voztele.com
Wed Feb 11 17:10:01 CET 2004
On Wed, 11 Feb 2004, Alan Litster wrote:
Hi,
> We have a few local domains that we will be using SER act as a proxy and to
> protect our gateway. In the near future we will also be providing PSTN
> breakout for other SIP domains that are not on our proxy.
>
> What is the best way to allow traffic from certain know SIP domains out
> through our gateways?
> I've thought about having users authenticate to our proxy, but this could
> get very complex and messy serving multiple local & remote domains. Other
> option is just to allow traffic through from the trusted domains I guess.
You can use radius authentication. This way, you can authenticate your local
users/domains and proxy the auth radius requests to a remote radius
owned/managed by your customer for external users.
> One last question, is any one familiar with the Cisco AS5300?
> How do you go about locking it down so that only authorised users can pass
> calls out onto the PSTN?
Set an access-list in your gateway that only accepts traffic to port 5060 from
your ser proxy.
> We have a number of Vega 100's that have the option of only allow proxy
> invited calls. Is there something similar on the AS5300 or would that have
> to do authentication aswell, AAA ?
Cisco AS5xxx can only do Microsoft Passport Authentication for SIP :(
Saludos
JesusR.
-------------------------------
Jesus Rodriguez
VozTelecom Sistemas, S.L.
jesusr at voztele.com
http://www.voztele.com
Tel. 902360305
-------------------------------
More information about the sr-users
mailing list