[SR-Users] No need for Authentication... Why?
Daniel-Constantin Mierla
miconda at gmail.com
Wed Oct 15 12:27:37 CEST 2014
On 14/10/14 21:11, Manuel Camarg wrote:
> > If you want to block that, you can change the config so only users with
> >local domains are allowed to use the service.
> Thanks Daniel,
> Where shall I look in the docs to find info about this?
It is a matter of config file, mainly the route[AUTH] -- remove the if
condition about what has to be authenticated and authenticate all the
requests.
Cheers,
Daniel
>
>
> 2014-10-12 16:26 GMT+02:00 Manuel Camarg <sir.louen at gmail.com
> <mailto:sir.louen at gmail.com>>:
>
> Following this asipto guide:
>
> http://kb.asipto.com/asterisk:realtime:kamailio-4.0.x-asterisk-11.3.0-astdb
>
> I've found that no auth is required to create a communication:
> Invites are sent regardless of a previously done auth with the
> kam's auth_db
>
> I've used this sip checker:
> http://www.sinologic.net/proyectos/asterisk/checkSecurity/
>
> Result:
>
> Uh oh! you allow external calls...
> Configure better your sip configuration to avoid this calls
>
> SIP/2.0 100 trying -- your call is important to us
>
> What is missing in the config file explained in the guide?
>
> Manuel
>
>
>
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
--
Daniel-Constantin Mierla
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20141015/164239ac/attachment.html>
More information about the sr-users
mailing list