[Serusers] Serving multiple domains

Jesus Rodriguez jesusr at voztele.com
Wed Feb 11 17:10:01 CET 2004

On Wed, 11 Feb 2004, Alan Litster wrote:


> We have a few local domains that we will be using SER act as a proxy and to
> protect our gateway. In the near future we will also be providing PSTN
> breakout for other SIP domains that are not on our proxy.
> What is the best way to allow traffic from certain know SIP domains out
> through our gateways?
> I've thought about having users authenticate to our proxy, but this could
> get very complex and messy serving multiple local & remote domains. Other
> option is just to allow traffic through from the trusted domains I guess.

You can use radius authentication. This way, you can authenticate your local
users/domains and proxy the auth radius requests to a remote radius
owned/managed by your customer for external users.

> One last question, is any one familiar with the Cisco AS5300?
> How do you go about locking it down so that only authorised users can pass
> calls out onto the PSTN?

Set an access-list in your gateway that only accepts traffic to port 5060 from
your ser proxy.

> We have a number of Vega 100's that have the option of only allow proxy
> invited calls. Is there something similar on the AS5300 or would that have
> to do authentication aswell, AAA ?

Cisco AS5xxx can only do Microsoft Passport Authentication  for SIP :(


Jesus Rodriguez
VozTelecom Sistemas, S.L.
jesusr at voztele.com
Tel. 902360305

More information about the sr-users mailing list