[asterisk-users] Remote IP Phone's
Hi all, I am wondering what people are doing for security when registering IP phone's remotely if you do not have the equipment to do a VPN tunnel at the remote site. The phone I would be working with mainly is the Polycom lineup. Thanks, Connor Spiess ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Remote IP Phone's
You can restrict on IP address, MAC address and port type and that's just what I know. If someone want's through bad enough you're going to have a problem, but you can at least slow down or stop casual hackers. _ From: asterisk-users-boun...@lists.digium.com [mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of Connor Spiess Sent: Monday, November 02, 2009 9:38 AM To: asterisk-users@lists.digium.com Subject: [asterisk-users] Remote IP Phone's Hi all, I am wondering what people are doing for security when registering IP phone's remotely if you do not have the equipment to do a VPN tunnel at the remote site. The phone I would be working with mainly is the Polycom lineup. Thanks, Connor Spiess ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Remote IP Phone's
Hello Connor, You might be able to start with this link: http://www.voip-info.org/wiki/view/Asterisk+sip+md5secret You can also go even further if you know the IP address of where the phones are coming from by using the permit/deny options: http://www.voip-info.org/wiki/index.php?page=Asterisk+sip+permit-deny-mask Hope that helps. Dean Hoover Connor Spiess wrote: Hi all, I am wondering what people are doing for security when registering IP phone’s remotely if you do not have the equipment to do a VPN tunnel at the remote site. The phone I would be working with mainly is the Polycom lineup. Thanks, Connor Spiess ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Remote IP Phone's
Un-top-posting... [mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of Connor Spiess I am wondering what people are doing for security when registering IP phone's remotely if you do not have the equipment to do a VPN tunnel at the remote site. The phone I would be working with mainly is the Polycom lineup. On Mon, 2 Nov 2009, Danny Nicholas wrote: You can restrict on IP address, MAC address and port type and that's just what I know. If someone want's through bad enough you're going to have a problem, but you can at least slow down or stop casual hackers. Aren't MAC addresses only available to devices on the local network? Don't you mean port number instead of port type? -- Thanks in advance, - Steve Edwards sedwa...@sedwards.com Voice: +1-760-468-3867 PST Newline Fax: +1-760-731-3000 ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Remote IP Phone's
Actually, both. You can (AFAIK) specify 5060, 1 etc and UDP/TCP, etc. Of course, I have been wrong at least once before :) -Original Message- From: asterisk-users-boun...@lists.digium.com [mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of Steve Edwards Sent: Monday, November 02, 2009 11:22 AM To: Asterisk Users Mailing List - Non-Commercial Discussion Subject: Re: [asterisk-users] Remote IP Phone's Un-top-posting... [mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of Connor Spiess I am wondering what people are doing for security when registering IP phone's remotely if you do not have the equipment to do a VPN tunnel at the remote site. The phone I would be working with mainly is the Polycom lineup. On Mon, 2 Nov 2009, Danny Nicholas wrote: You can restrict on IP address, MAC address and port type and that's just what I know. If someone want's through bad enough you're going to have a problem, but you can at least slow down or stop casual hackers. Aren't MAC addresses only available to devices on the local network? Don't you mean port number instead of port type? -- Thanks in advance, - Steve Edwards sedwa...@sedwards.com Voice: +1-760-468-3867 PST Newline Fax: +1-760-731-3000 ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Remote IP Phone's
Un-top-posting... On Mon, 2 Nov 2009, Danny Nicholas wrote: You can restrict on IP address, MAC address and port type and that's just what I know. If someone want's through bad enough you're going to have a problem, but you can at least slow down or stop casual hackers. Aren't MAC addresses only available to devices on the local network? Don't you mean port number instead of port type? On Mon, 2 Nov 2009, Danny Nicholas wrote: Actually, both. You can (AFAIK) specify 5060, 1 etc and UDP/TCP, etc. Of course, I have been wrong at least once before :) I thought SIP on Asterisk was still limited to UDP. I must have missed the memo... -- Thanks in advance, - Steve Edwards sedwa...@sedwards.com Voice: +1-760-468-3867 PST Newline Fax: +1-760-731-3000 ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Remote IP Phone's
On Monday 02 November 2009 11:46:49 am Steve Edwards wrote: Un-top-posting... On Mon, 2 Nov 2009, Danny Nicholas wrote: You can restrict on IP address, MAC address and port type and that's just what I know. If someone want's through bad enough you're going to have a problem, but you can at least slow down or stop casual hackers. Aren't MAC addresses only available to devices on the local network? Don't you mean port number instead of port type? On Mon, 2 Nov 2009, Danny Nicholas wrote: Actually, both. You can (AFAIK) specify 5060, 1 etc and UDP/TCP, etc. Of course, I have been wrong at least once before :) I thought SIP on Asterisk was still limited to UDP. I must have missed the memo... No, you probably missed that some people are using 1.6, in which TCP and TLS are now available for SIP. If you aren't using 1.6, then TCP and TLS are not available options for SIP. -- Tilghman ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
