[SR-Users] No need for Authentication... Why?

Daniel-Constantin Mierla miconda at gmail.com
Wed Oct 15 12:27:37 CEST 2014


On 14/10/14 21:11, Manuel Camarg wrote:
> > If you want to block that, you can change the config so only users with 
> >local domains are allowed to use the service.
> Thanks Daniel,
> Where shall I look in the docs to find info about this?

It is a matter of config file, mainly the route[AUTH] -- remove the if
condition about what has to be authenticated and authenticate all the
requests.

Cheers,
Daniel

>
>
> 2014-10-12 16:26 GMT+02:00 Manuel Camarg <sir.louen at gmail.com
> <mailto:sir.louen at gmail.com>>:
>
>     Following this asipto guide:
>
>     http://kb.asipto.com/asterisk:realtime:kamailio-4.0.x-asterisk-11.3.0-astdb
>
>     I've found that no auth is required to create a communication:
>     Invites are sent regardless of a previously done auth with the
>     kam's auth_db
>
>     I've used this sip checker:
>     http://www.sinologic.net/proyectos/asterisk/checkSecurity/
>
>     Result: 
>
>     Uh oh! you allow external calls...
>     Configure better your sip configuration to avoid this calls
>
>     SIP/2.0 100 trying -- your call is important to us
>
>     What is missing in the config file explained in the guide?
>
>     Manuel
>
>
>
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users

-- 
Daniel-Constantin Mierla
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20141015/164239ac/attachment.html>


More information about the sr-users mailing list