[SR-Users] Authentication and outbound proxy
Isaac McDonald
imcdona at suscall.com
Tue Sep 17 22:45:17 CEST 2013
It sounds like I should take a different approach. I'd like to avoid any
comparability issues. I'm thinking I could filter the traffic in
Kamailio based on destination SIP proxy. This would at least lock down
Kamailio to only proxy "whitelisted" destinations.
Are there any best practices for a setup like this?
On 9/17/2013 12:59 PM, Olle E. Johansson wrote:
>
> 17 sep 2013 kl. 21:37 skrev Isaac McDonald <imcdona at suscall.com>:
>
>> Hello,
>>
>> Is there any way to authenticate requests when using Kamailio as an outbound proxy?
>>
>> For example, if all the phones are configured to use Kamailio as an outbound proxy for NAT traversal, the credentials on the phone authenticate against the destination SIP proxy and not the outbound SIP proxy (Kamailio). Is there a way to have the credentials on the phone authenticate to BOTH the outbound proxy and the destination SIP proxy?
>
> In theory a SIP request can have multiple proxy authentications and one www authentication. In practise very few phones support it.
>
> This means that you will have to have the same realm and same credentials (username/password) on both servers.
>
> /O
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
>
--
Isaac McDonald
SusCall, LLC
E-Mail: imcdona at suscall.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3748 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20130917/f4d03ca1/attachment.bin>
More information about the sr-users
mailing list