[Serusers] Security methods for PSTN termination of SIP calls

Jan Janak jan at iptel.org
Fri Feb 18 20:12:36 CET 2005


On 18-02 09:51, Alan Litster wrote:
> Marian,
> 
> When you say to use authentication between server are you suggesting that
> the proxy that the users are hanging off authenticates all INVITE requests
> before forwarding them onto the proxy that controls access to the gateway?
> Or are you referring to some form of proxy to proxy authentication
> mechanism? If so what is it, as I've never come across one before and would
> be very interested in knowing more about it.
> I think using IPSEC/TLS is a little heavy duty for our needs. We require
> some means of verifying the identity of the remote SIP proxy that does not
> go by source IP address.

  The problem here is that SER cannot respond to digest challenge.
  Therefore you cannot use digest authentication between the proxies.

  If your PSTN gateway supports digest authentication, then you could
  possibly configure it with the credentials of the remote SIP proxy and
  the proxy which is "close" to the gateway would just forward the
  digest challenge to the pstn (401/407).

    Jan.




More information about the sr-users mailing list