[SR-Users] Configuring Kamailio as an authenticating SIP Proxy?
Mark D. Montgomery II
techiem2 at techiem2.net
Tue Dec 10 11:39:55 CET 2013
Here's the issue:
I have a FreePBX server running at a location that
1. Is not directly accessible from all the outside locations I would be at
2. I don't want the SIP ports directly open to it from the whole
world anyway for security reasons.
I have a VPS that I am currently using as a pure SIP redirector via
firewall rules, and the main location allows connection from the VPS
only.
The issue I've run into (which is the same issue as having the main
server open to the world), is that I still get a fair number of
exploit hits to the server.
What I'd like to do is use Kamailio as an authenticating proxy so I
could use fail2ban on the VPS to ban the offenders when they try to
exploit the server.
Basically I want Kamailio to handle passing authentication back and
forth from the client to the actual server and then handle proxying
the full connection when the auth is correct.
Is this doable?
If so, how would I go about setting it up?
It looks like Kamailio should be able to do just about anything, but I
don't know where to start.
Thanks.
Mark II
--
Mark D. Montgomery II
http://www.techiem2.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-keys
Size: 3323 bytes
Desc: PGP Public Key
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20131210/6e2f98c1/attachment.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: PGP Digital Signature
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20131210/6e2f98c1/attachment.pgp>
More information about the sr-users
mailing list