[SR-Users] routing based on TLS auth
miconda at gmail.com
Fri Oct 16 16:31:58 CEST 2015
you can get the attributes of the certificate via config variables, see:
Based on them, you can decide what provider to be used. For example, you
can keep the relation asterisk/certificate and provider (address) in a
database (see sqlops) or hash table (see htable).
On 15/10/15 16:41, Max wrote:
> I've got bunch of sip gateways to use and bunch of asterisk instances connecting to
> my Kamailio over TLS (own CA used).
> I'd like to match source with destination based on TLS authentication:
> * all the calls from asterisk A (TLS cert A) allowed via provider A
> * all the calls from asterisk B (TLS cert B) allowed via provider B
> * all the incoming calls from provider A forwarded to asterisk A (TLS cert A)
> * all the incoming calls from provider B forwarded to asterisk B (TLS cert B)
> * calls not coming from provider X or via TLS dropped.
> Providers are regular VoIP gateways (login:password, connection via SIP).
> I'm pretty sure this is possible with Kamailio but I'd appreciate any examples and
> pointers to modules I should use to implement this. Or detailed explanation of why
> this is a bad idea.
> Also, I'm not sure where it's better to place user database - should it be separate
> on per-asterisk basis? Central in Kamailio? No user db needed at all?
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
Book: SIP Routing With Kamailio - http://www.asipto.com
More information about the sr-users