[OpenSER-Users] Forward REGISTER to Asterisk

[Jeremy McNamara]

Bogdan-Andrei Iancu wrote:
> Hi Halomoan,
>
> If openser receives the REGISTER and fwd it to Asterisk, then do not 
> try to do authentication on Asterisk...do it only on openser


That is correct....proxy authentication is a challenge and response 
operation.   If you defined a secret in a type=peer based context, 
asterisk would challenge the request (forwarded from OpenSER), which 
would not succeed.    I believe you can limit access using permit/deny 
to only accept call setups from your own proxies.

On the other hand, my own OpenSER+Asterisk based systems all run with a 
very very dumb Asterisk configuration - very very minimal 
configuration.  Attempting to keep all of the SIP type=peer's straight 
and a complex dialplan, especially in terms of scale, is still a big 
issue for Asterisk.  Thus I have almost gone out of my way to ensure I 
don't ever require very complex (or even regularly changing) Asterisk 
configurations.

Remember Asterisk is not a SIP Proxy and only generally complies with 
what is called a B2B-UA.    Asterisk very much does its own thing. So, 
let asterisk do what its good at.... media and application logic and 
then build the rest of the system accordingly.




Jeremy McNamara