[asterisk-users] Asterisk 11 under VMware?
Hi! Anyone that have tried using Asterisk 11 with SIP + Confbridge as a VMware virtual machine? Any issues to be aware of? Of course the hardware node needs to to be powerful enough - but say you have just one virtual machine on the node - will the performance be drastically less than running asterisk on the metal? Or can I expect roughly the same performance? Thanks! -- Johan Wilfer -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] PAGI
2014-04-03 18:58, Gopalakrishnan N skrev: Hi, Anybody using PAGI scripts, http://marcelog.github.io/articles/pagi_tutorial_create_voip_telephony_application_for_asterisk_with_agi_and_php.html Would like to know the feasibility to build a IVR solutions. Regards I use PAMI, and it works great. PAGI seems to be a sister-project for AGI. https://github.com/marcelog/PAMI https://github.com/marcelog/PAGI -- Johan Wilfer -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
[asterisk-users] Asterisk 1.6
Hello All, my asterisk server is constantly under attack [Apr 4 06:56:00] NOTICE[21745]: chan_sip.c:25673 handle_request_register: Registration from '4941 sip:4941@public_ip' failed for '194.100.46.132 194.100.46.132:56714' - Wrong password [Apr 4 06:56:00] NOTICE[21745]: chan_sip.c:25673 handle_request_register: Registration from '4941 sip:4941@public_ip' failed for '194.100.46.132 194.100.46.132:56714' - Wrong password [Apr 4 06:56:00] NOTICE[21745]: chan_sip.c:25673 handle_request_register: Registration from '4941 sip:4941@public_ip' failed for '194.100.46.132 194.100.46.132:56714' - Wrong password [Apr 4 06:56:00] NOTICE[21745]: chan_sip.c:25673 handle_request_register: Registration from '4941 sip:4941@public_ip' failed for '194.100.46.132 194.100.46.132:56714' - Wrong password [Apr 4 06:56:00] NOTICE[21745]: chan_sip.c:25673 handle_request_register: Registration from '4941 sip:4941@public_ip' failed for '194.100.46.132 194.100.46.132:56714' - Wrong password is there a way to reject their registration after a three consecutive tries? Thanks, Call Send SMS Add to Skype You'll need Skype CreditFree via Skype -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Asterisk 1.6
I don't know what platform you are on, but if you are on Linux (and possibly BSD) you could use fail2ban to block them at the network interface. On 04/04/2014 09:00 AM, motty cruz wrote: Hello All, my asterisk server is constantly under attack [Apr 4 06:56:00] NOTICE[21745]: chan_sip.c:25673 handle_request_register: Registration from '4941 sip:4941@public_ip' failed for '194.100.46.132194.100.46.132:56714' - Wrong password [Apr 4 06:56:00] NOTICE[21745]: chan_sip.c:25673 handle_request_register: Registration from '4941 sip:4941@public_ip' failed for '194.100.46.132194.100.46.132:56714' - Wrong password [Apr 4 06:56:00] NOTICE[21745]: chan_sip.c:25673 handle_request_register: Registration from '4941 sip:4941@public_ip' failed for '194.100.46.132194.100.46.132:56714' - Wrong password [Apr 4 06:56:00] NOTICE[21745]: chan_sip.c:25673 handle_request_register: Registration from '4941 sip:4941@public_ip' failed for '194.100.46.132194.100.46.132:56714' - Wrong password [Apr 4 06:56:00] NOTICE[21745]: chan_sip.c:25673 handle_request_register: Registration from '4941 sip:4941@public_ip' failed for '194.100.46.132194.100.46.132:56714' - Wrong password is there a way to reject their registration after a three consecutive tries? Thanks, Call Send SMS Add to Skype You'll need Skype CreditFree via Skype -- Daniel Taylor VP OperationsVocal Laboratories, Inc. dtay...@vocalabs.com http://www.vocalabs.com/(612)235-5711 -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Asterisk 1.6
On 4 April 2014 15:00, motty cruz motty.c...@gmail.com wrote: Hello All, my asterisk server is constantly under attack Unfortunately you are not alone. [Apr 4 06:56:00] NOTICE[21745]: chan_sip.c:25673 handle_request_register: Registration from '4941 sip:4941@public_ip' failed for '194.100.46.132 194.100.46.132:56714' - Wrong password sip:4941@public_ip' failed for '194.100.46.132194.100.46.132:56714' - Wrong password is there a way to reject their registration after a three consecutive tries? Check out fail2ban. Works well. Hope this helps. -Barry Flanagan Thanks, Call Send SMS Add to Skype You'll need Skype CreditFree via Skype -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Asterisk 1.6
On Fri, Apr 4, 2014 at 10:05 AM, Daniel Taylor dtay...@vocalabs.com wrote: I don't know what platform you are on, but if you are on Linux (and possibly BSD) you could use fail2ban to block them at the network interface. I second fail2ban. If you need some ideas to configure it, you can steal them from the freepbx setup. How many sip phones do you have outside your network? If few and in well-known IPs, consider limiting access to only those (and the sip provider you are using). On 04/04/2014 09:00 AM, motty cruz wrote: Hello All, my asterisk server is constantly under attack [Apr 4 06:56:00] NOTICE[21745]: chan_sip.c:25673 handle_request_register: Registration from '4941 sip:4941@public_ip' failed for '194.100.46.132 194.100.46.132:56714' - Wrong password [Apr 4 06:56:00] NOTICE[21745]: chan_sip.c:25673 handle_request_register: Registration from '4941 sip:4941@public_ip' failed for '194.100.46.132 194.100.46.132:56714' - Wrong password [Apr 4 06:56:00] NOTICE[21745]: chan_sip.c:25673 handle_request_register: Registration from '4941 sip:4941@public_ip' failed for '194.100.46.132 194.100.46.132:56714' - Wrong password [Apr 4 06:56:00] NOTICE[21745]: chan_sip.c:25673 handle_request_register: Registration from '4941 sip:4941@public_ip' failed for '194.100.46.132 194.100.46.132:56714' - Wrong password [Apr 4 06:56:00] NOTICE[21745]: chan_sip.c:25673 handle_request_register: Registration from '4941 sip:4941@public_ip' failed for '194.100.46.132 194.100.46.132:56714' - Wrong password is there a way to reject their registration after a three consecutive tries? Thanks, Call Send SMS Add to Skype You'll need Skype CreditFree via Skype -- Daniel Taylor VP OperationsVocal Laboratories, inc.dtay...@vocalabs.com http://www.vocalabs.com/(612)235-5711 -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Asterisk 1.6
thank you all for your support. I am using Linux, I only have about 7 users outside our home network. I will learn fail2ban and will use it accordingly. again Thanks for your support. On Fri, Apr 4, 2014 at 7:09 AM, Mauricio Tavares raubvo...@gmail.comwrote: On Fri, Apr 4, 2014 at 10:05 AM, Daniel Taylor dtay...@vocalabs.comwrote: I don't know what platform you are on, but if you are on Linux (and possibly BSD) you could use fail2ban to block them at the network interface. I second fail2ban. If you need some ideas to configure it, you can steal them from the freepbx setup. How many sip phones do you have outside your network? If few and in well-known IPs, consider limiting access to only those (and the sip provider you are using). On 04/04/2014 09:00 AM, motty cruz wrote: Hello All, my asterisk server is constantly under attack [Apr 4 06:56:00] NOTICE[21745]: chan_sip.c:25673 handle_request_register: Registration from '4941 sip:4941@public_ip' failed for '194.100.46.132194.100.46.132:56714' - Wrong password [Apr 4 06:56:00] NOTICE[21745]: chan_sip.c:25673 handle_request_register: Registration from '4941 sip:4941@public_ip' failed for '194.100.46.132194.100.46.132:56714' - Wrong password [Apr 4 06:56:00] NOTICE[21745]: chan_sip.c:25673 handle_request_register: Registration from '4941 sip:4941@public_ip' failed for '194.100.46.132194.100.46.132:56714' - Wrong password [Apr 4 06:56:00] NOTICE[21745]: chan_sip.c:25673 handle_request_register: Registration from '4941 sip:4941@public_ip' failed for '194.100.46.132194.100.46.132:56714' - Wrong password [Apr 4 06:56:00] NOTICE[21745]: chan_sip.c:25673 handle_request_register: Registration from '4941 sip:4941@public_ip' failed for '194.100.46.132194.100.46.132:56714' - Wrong password is there a way to reject their registration after a three consecutive tries? Thanks, Call Send SMS Add to Skype You'll need Skype CreditFree via Skype -- Daniel Taylor VP OperationsVocal Laboratories, inc.dtay...@vocalabs.com http://www.vocalabs.com/(612)235-5711 -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Asterisk 1.6
Take a look a SecAst from www.generationd.comhttp://www.generationd.com/ It does everything fail2ban does and more, including blocking users by geography (we exclude all of Asia and Africa), detection of break-in patterns (even if someone guessed your un/pw), detect changes in dial rates, etc. Grab the free version - its a BIG step up from fail2ban. -=Michelle=-? All opions posted are my person ones. And personnally I like generationd products because I work for them :) From: asterisk-users-boun...@lists.digium.com asterisk-users-boun...@lists.digium.com on behalf of motty cruz motty.c...@gmail.com Sent: Friday, April 4, 2014 10:00 AM To: Asterisk Users List Subject: [asterisk-users] Asterisk 1.6 Hello All, my asterisk server is constantly under attack [Apr 4 06:56:00] NOTICE[21745]: chan_sip.c:25673 handle_request_register: Registration from '4941 sip:4941@public_ip' failed for '194.100.46.132[X]194.100.46.132:56714' - Wrong password [Apr 4 06:56:00] NOTICE[21745]: chan_sip.c:25673 handle_request_register: Registration from '4941 sip:4941@public_ip' failed for '194.100.46.132[X]194.100.46.132:56714' - Wrong password [Apr 4 06:56:00] NOTICE[21745]: chan_sip.c:25673 handle_request_register: Registration from '4941 sip:4941@public_ip' failed for '194.100.46.132[X]194.100.46.132:56714' - Wrong password [Apr 4 06:56:00] NOTICE[21745]: chan_sip.c:25673 handle_request_register: Registration from '4941 sip:4941@public_ip' failed for '194.100.46.132[X]194.100.46.132:56714' - Wrong password [Apr 4 06:56:00] NOTICE[21745]: chan_sip.c:25673 handle_request_register: Registration from '4941 sip:4941@public_ip' failed for '194.100.46.132[X]194.100.46.132:56714' - Wrong password is there a way to reject their registration after a three consecutive tries? Thanks, Call Send SMS Add to Skype You'll need Skype CreditFree via Skype -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Asterisk 1.6
On Friday 04 Apr 2014, Michelle Dupuis wrote: Take a look a SecAst from www.generationd.comhttp://www.generationd.com/ It does everything fail2ban does and more, including blocking users by geography (we exclude all of Asia and Africa), detection of break-in patterns (even if someone guessed your un/pw), detect changes in dial rates, etc. Grab the free version - its a BIG step up from fail2ban. That link points towards a precompiled binary, which could have literally *anything* lurking in it. I politely advise you to back away slowly, and break into a run when you think you are out of sight. Precompiled binaries without Source Code should be treated like a bottle of glowing green liquid labelled drink me, or an offer to come and look at some puppies. No reputable software supplier would object to showing you what is on the inside. -- AJS Note: Originating address only accepts e-mail from list! If replying off- list, change address to asterisk1list at earthshod dot co dot uk . -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Asterisk 1.6
What you are saying is only open source software is safe? You have just excluded most software in use in the business world. We have installed Norton antivirus on all of our workstation; I don't think Symantec will ever release the source code (since that would also show attackers how to get around it). Using the same logic releasing SecAst source would also seem foolish (and make it impossible for any commercial enterprise to sell software). I understand your point of view, and if your preference is to only use open source software that's great. However, that doesn't mean precompiled software is inherently dangerous or malevolent. -=Michelle=- From: asterisk-users-boun...@lists.digium.com asterisk-users-boun...@lists.digium.com on behalf of A J Stiles asterisk_l...@earthshod.co.uk Sent: Friday, April 4, 2014 10:38 AM To: Asterisk Users List Subject: Re: [asterisk-users] Asterisk 1.6 On Friday 04 Apr 2014, Michelle Dupuis wrote: Take a look a SecAst from www.generationd.comhttp://www.generationd.com/ It does everything fail2ban does and more, including blocking users by geography (we exclude all of Asia and Africa), detection of break-in patterns (even if someone guessed your un/pw), detect changes in dial rates, etc. Grab the free version - its a BIG step up from fail2ban. That link points towards a precompiled binary, which could have literally *anything* lurking in it. I politely advise you to back away slowly, and break into a run when you think you are out of sight. Precompiled binaries without Source Code should be treated like a bottle of glowing green liquid labelled drink me, or an offer to come and look at some puppies. No reputable software supplier would object to showing you what is on the inside. -- AJS Note: Originating address only accepts e-mail from list! If replying off- list, change address to asterisk1list at earthshod dot co dot uk . -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Asterisk 1.6
absolutely right A J, thanks for the heads up. I do not intent to implement that solution in production server, I hope to learn it first, build a test server and monitor for a few days or weeks. Thanks again, On Fri, Apr 4, 2014 at 7:38 AM, A J Stiles asterisk_l...@earthshod.co.ukwrote: On Friday 04 Apr 2014, Michelle Dupuis wrote: Take a look a SecAst from www.generationd.com http://www.generationd.com/ It does everything fail2ban does and more, including blocking users by geography (we exclude all of Asia and Africa), detection of break-in patterns (even if someone guessed your un/pw), detect changes in dial rates, etc. Grab the free version - its a BIG step up from fail2ban. That link points towards a precompiled binary, which could have literally *anything* lurking in it. I politely advise you to back away slowly, and break into a run when you think you are out of sight. Precompiled binaries without Source Code should be treated like a bottle of glowing green liquid labelled drink me, or an offer to come and look at some puppies. No reputable software supplier would object to showing you what is on the inside. -- AJS Note: Originating address only accepts e-mail from list! If replying off- list, change address to asterisk1list at earthshod dot co dot uk . -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Asterisk 1.6
On 4 April 2014 15:22, motty cruz motty.c...@gmail.com wrote: thank you all for your support. I am using Linux, I only have about 7 users outside our home network. I will learn fail2ban and will use it accordingly. again Thanks for your support. Do the 7 users outside of your home network always connect from the same IP addresses? If so, you can just lock down your SIP port to those 7 IPs explicitly in your IPTables configuration. Another option would be to change which port you're running SIP on. -- Ishfaq Malik Department: VOIP Support Company: Packnet Limited t: +44 (0)845 004 4994 f: +44 (0)161 660 9825 e: i...@pack-net.co.uk w: http://www.pack-net.co.uk Registered Address: PACKNET LIMITED, Duplex 2, Ducie House 37 Ducie Street Manchester, M1 2JW COMPANY REG NO. 04920552 -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
[asterisk-users] IAX2 Trunk Encryption
Ok, I think I am 90%+ there. Note: the configuration or status is the same on both sides unless otherwise noted. I am using RSA keys for authentication and the calls are coming through as authenticated so I'm sure that part works. The peer shows the (E) next to the status in Asterisk Info for the IAX2 peers The trunk configuration contains: encryption=yes So here is my question, Calls stop flowing when I use the directive: forceencryption=yes At the trunk level or higher does not matter, same effect. So my question comes down to, are my calls getting encrypted and why does this directive cause them to fail, AND how can I tell. Thanks. -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Asterisk 1.6
Hello Ishfaq, outside users usually travel around the country and connect from different network, so it won't be possible to lock it down to specific IP. Thanks for your support. On Fri, Apr 4, 2014 at 8:03 AM, Ishfaq Malik i...@pack-net.co.uk wrote: On 4 April 2014 15:22, motty cruz motty.c...@gmail.com wrote: thank you all for your support. I am using Linux, I only have about 7 users outside our home network. I will learn fail2ban and will use it accordingly. again Thanks for your support. Do the 7 users outside of your home network always connect from the same IP addresses? If so, you can just lock down your SIP port to those 7 IPs explicitly in your IPTables configuration. Another option would be to change which port you're running SIP on. -- Ishfaq Malik Department: VOIP Support Company: Packnet Limited t: +44 (0)845 004 4994 f: +44 (0)161 660 9825 e: i...@pack-net.co.uk w: http://www.pack-net.co.uk Registered Address: PACKNET LIMITED, Duplex 2, Ducie House 37 Ducie Street Manchester, M1 2JW COMPANY REG NO. 04920552 -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Asterisk 1.6
Well in that case fail2ban gets my vote. On 4 April 2014 16:15, motty cruz motty.c...@gmail.com wrote: Hello Ishfaq, outside users usually travel around the country and connect from different network, so it won't be possible to lock it down to specific IP. Thanks for your support. On Fri, Apr 4, 2014 at 8:03 AM, Ishfaq Malik i...@pack-net.co.uk wrote: On 4 April 2014 15:22, motty cruz motty.c...@gmail.com wrote: thank you all for your support. I am using Linux, I only have about 7 users outside our home network. I will learn fail2ban and will use it accordingly. again Thanks for your support. Do the 7 users outside of your home network always connect from the same IP addresses? If so, you can just lock down your SIP port to those 7 IPs explicitly in your IPTables configuration. Another option would be to change which port you're running SIP on. -- Ishfaq Malik Department: VOIP Support Company: Packnet Limited t: +44 (0)845 004 4994 f: +44 (0)161 660 9825 e: i...@pack-net.co.uk w: http://www.pack-net.co.uk Registered Address: PACKNET LIMITED, Duplex 2, Ducie House 37 Ducie Street Manchester, M1 2JW COMPANY REG NO. 04920552 -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- Ishfaq Malik Department: VOIP Support Company: Packnet Limited t: +44 (0)845 004 4994 f: +44 (0)161 660 9825 e: i...@pack-net.co.uk w: http://www.pack-net.co.uk Registered Address: PACKNET LIMITED, Duplex 2, Ducie House 37 Ducie Street Manchester, M1 2JW COMPANY REG NO. 04920552 -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Asterisk 1.6
If you know your users are all from with your country, or state, or even city, you could restrict geographic access in your secast.conf file like this: ruledefault=deny ruleexceptions=NA:CA:Ontario:|NA:US:Michigan:Detroit|::Ohio:|NA The above would: - By default deny all source IP's anywhere in the world - Let in only source IP's from: 1. North America (continent), Canada (country), Ontario (region) 2. North America (continent), USA (country), Michigan (region), Detroit (city) 3. Any region called 'Ohio' anywhere in the world (not sure why you would do that but fun example) 4. Anywhere in North America So you can open up your system based solely on where you know your real users are located. -=Michelle=- From: asterisk-users-boun...@lists.digium.com asterisk-users-boun...@lists.digium.com on behalf of motty cruz motty.c...@gmail.com Sent: Friday, April 4, 2014 11:15 AM To: Asterisk Users List Subject: Re: [asterisk-users] Asterisk 1.6 Hello Ishfaq, outside users usually travel around the country and connect from different network, so it won't be possible to lock it down to specific IP. Thanks for your support. On Fri, Apr 4, 2014 at 8:03 AM, Ishfaq Malik i...@pack-net.co.ukmailto:i...@pack-net.co.uk wrote: On 4 April 2014 15:22, motty cruz motty.c...@gmail.commailto:motty.c...@gmail.com wrote: thank you all for your support. I am using Linux, I only have about 7 users outside our home network. I will learn fail2ban and will use it accordingly. again Thanks for your support. Do the 7 users outside of your home network always connect from the same IP addresses? If so, you can just lock down your SIP port to those 7 IPs explicitly in your IPTables configuration. Another option would be to change which port you're running SIP on. -- Ishfaq Malik Department: VOIP Support Company: Packnet Limited t: +44 (0)845 004 4994tel:%2B44%20%280%29845%20004%204994 f: +44 (0)161 660 9825tel:%2B44%20%280%29161%20660%209825 e: i...@pack-net.co.ukmailto:i...@pack-net.co.uk w: http://www.pack-net.co.ukhttp://www.pack-net.co.uk/ Registered Address: PACKNET LIMITED, Duplex 2, Ducie House 37 Ducie Street Manchester, M1 2JW COMPANY REG NO. 04920552 -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.comhttp://www.api-digital.com/ -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Asterisk 1.6
Use allowguest=no And define ACLs for every SIP account. And obviously, fail2ban for blocking suspicious IPs. -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Asterisk 1.6
that sounds feasible, Thanks Michelle, On Fri, Apr 4, 2014 at 8:25 AM, Michelle Dupuis mdup...@ocg.ca wrote: If you know your users are all from with your country, or state, or even city, you could restrict geographic access in your secast.conf file like this: ruledefault=deny ruleexceptions=NA:CA:Ontario:|NA:US:Michigan:Detroit|::Ohio:|NA The above would: - By default deny all source IP's anywhere in the world - Let in only source IP's from: 1. North America (continent), Canada (country), Ontario (region) 2. North America (continent), USA (country), Michigan (region), Detroit (city) 3. Any region called 'Ohio' anywhere in the world (not sure why you would do that but fun example) 4. Anywhere in North America So you can open up your system based solely on where you know your real users are located. -=Michelle=- -- *From:* asterisk-users-boun...@lists.digium.com asterisk-users-boun...@lists.digium.com on behalf of motty cruz motty.c...@gmail.com *Sent:* Friday, April 4, 2014 11:15 AM *To:* Asterisk Users List *Subject:* Re: [asterisk-users] Asterisk 1.6 Hello Ishfaq, outside users usually travel around the country and connect from different network, so it won't be possible to lock it down to specific IP. Thanks for your support. On Fri, Apr 4, 2014 at 8:03 AM, Ishfaq Malik i...@pack-net.co.uk wrote: On 4 April 2014 15:22, motty cruz motty.c...@gmail.com wrote: thank you all for your support. I am using Linux, I only have about 7 users outside our home network. I will learn fail2ban and will use it accordingly. again Thanks for your support. Do the 7 users outside of your home network always connect from the same IP addresses? If so, you can just lock down your SIP port to those 7 IPs explicitly in your IPTables configuration. Another option would be to change which port you're running SIP on. -- Ishfaq Malik Department: VOIP Support Company: Packnet Limited t: +44 (0)845 004 4994 f: +44 (0)161 660 9825 e: i...@pack-net.co.uk w: http://www.pack-net.co.uk Registered Address: PACKNET LIMITED, Duplex 2, Ducie House 37 Ducie Street Manchester, M1 2JW COMPANY REG NO. 04920552 -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Asterisk 1.6
Shouldn't the secast discussion be on the commercial list? Note that their free version works for five simultaneous calls-then the price goes 'way up. --Don (Top posting 'cause that's what's already being done.) From: asterisk-users-boun...@lists.digium.com [mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of motty cruz Sent: Friday, April 04, 2014 10:37 AM To: Asterisk Users Mailing List - Non-Commercial Discussion Subject: Re: [asterisk-users] Asterisk 1.6 that sounds feasible, Thanks Michelle, On Fri, Apr 4, 2014 at 8:25 AM, Michelle Dupuis mdup...@ocg.ca wrote: If you know your users are all from with your country, or state, or even city, you could restrict geographic access in your secast.conf file like this: ruledefault=deny ruleexceptions=NA:CA:Ontario:|NA:US:Michigan:Detroit|::Ohio:|NA The above would: - By default deny all source IP's anywhere in the world - Let in only source IP's from: 1. North America (continent), Canada (country), Ontario (region) 2. North America (continent), USA (country), Michigan (region), Detroit (city) 3. Any region called 'Ohio' anywhere in the world (not sure why you would do that but fun example) 4. Anywhere in North America So you can open up your system based solely on where you know your real users are located. -=Michelle=- _ From: asterisk-users-boun...@lists.digium.com asterisk-users-boun...@lists.digium.com on behalf of motty cruz motty.c...@gmail.com Sent: Friday, April 4, 2014 11:15 AM To: Asterisk Users List Subject: Re: [asterisk-users] Asterisk 1.6 Hello Ishfaq, outside users usually travel around the country and connect from different network, so it won't be possible to lock it down to specific IP. Thanks for your support. On Fri, Apr 4, 2014 at 8:03 AM, Ishfaq Malik i...@pack-net.co.uk wrote: On 4 April 2014 15:22, motty cruz motty.c...@gmail.com wrote: thank you all for your support. I am using Linux, I only have about 7 users outside our home network. I will learn fail2ban and will use it accordingly. again Thanks for your support. Do the 7 users outside of your home network always connect from the same IP addresses? If so, you can just lock down your SIP port to those 7 IPs explicitly in your IPTables configuration. Another option would be to change which port you're running SIP on. -- Ishfaq Malik Department: VOIP Support Company: Packnet Limited t: +44 (0)845 004 4994 tel:%2B44%20%280%29845%20004%204994 f: +44 (0)161 660 9825 tel:%2B44%20%280%29161%20660%209825 e: i...@pack-net.co.uk w: http://www.pack-net.co.uk http://www.pack-net.co.uk/ Registered Address: PACKNET LIMITED, Duplex 2, Ducie House 37 Ducie Street Manchester, M1 2JW COMPANY REG NO. 04920552 -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com http://www.api-digital.com/ -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Asterisk 11 under VMware?
I have found Asterisk using only SIP is very responsive on virtual machines. We have used VMs for call center applications and for complex IVR solutions without problems. Obviously there is overhead running a VM so you can never expect a VM to perform as well as bare metal. Running a single VM on a server is a complete waste of resources, might as well run natively. On 4/4/14, 4:38 AM, Johan Wilfer wrote: Hi! Anyone that have tried using Asterisk 11 with SIP + Confbridge as a VMware virtual machine? Any issues to be aware of? Of course the hardware node needs to to be powerful enough - but say you have just one virtual machine on the node - will the performance be drastically less than running asterisk on the metal? Or can I expect roughly the same performance? Thanks! -- Telecomunicaciones Abiertas de México S.A. de C.V. Carlos Chávez +52 (55)9116-91161 -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] IAX2 Trunk Encryption
Wireshark. On Fri, Apr 4, 2014 at 11:13 AM, Elliott W dig...@private-address.infowrote: Ok, I think I am 90%+ there. Note: the configuration or status is the same on both sides unless otherwise noted. I am using RSA keys for authentication and the calls are coming through as authenticated so I'm sure that part works. The peer shows the (E) next to the status in Asterisk Info for the IAX2 peers The trunk configuration contains: encryption=yes So here is my question, Calls stop flowing when I use the directive: forceencryption=yes At the trunk level or higher does not matter, same effect. So my question comes down to, are my calls getting encrypted and why does this directive cause them to fail, AND how can I tell. Thanks. -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
[asterisk-users] Commercial vs Users list (was Asterisk 1.6)
IMHO: If you're announcing a product, selling a product, etc. it belongs on the commercial list. If you're asking/answering questions about Asterisk and the ecosystem I think you can mention commercial products too. (We don't want to pretend they don't exist, and then steer users to only non-commercial products that might not solve their need) So if someone asks about a GUI for asterisk, I think we can safely talk about Asterisk NOW, SwitchVOX, etc. (even though these are commercial and expensive products). If Digium wanted to announce a new feature for Asterisk NOW, it would belong on the commercial list. Hope I didn't step into a troll trap -=M=- -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Asterisk 11 under VMware?
2014-04-04 19:30, Carlos Chavez skrev: I have found Asterisk using only SIP is very responsive on virtual machines. We have used VMs for call center applications and for complex IVR solutions without problems. Obviously there is overhead running a VM so you can never expect a VM to perform as well as bare metal. Running a single VM on a server is a complete waste of resources, might as well run natively. Sounds very good. Do you have this experience with WMware in particular or with virtualization in general? I won't run a single WM, it was just an example. My question was more about if I could expect roughly the same performance, or if it is drastically different with virtual machines on VMware. -- Johan Wilfer -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Asterisk 11 under VMware?
2014-04-04 19:30, Carlos Chavez skrev: I have found Asterisk using only SIP is very responsive on virtual machines. We have used VMs for call center applications and for complex IVR solutions without problems. Obviously there is overhead running a VM so you can never expect a VM to perform as well as bare metal. Running a single VM on a server is a complete waste of resources, might as well run natively. Thanks for the feedback! Do you have this experience with WMware in particular or with virtualization in general? I won't run a single WM, it was just an example. My question was more about if I could expect roughly the same performance, or if it is drastically different with virtual machines on VMware. -- Johan Wilfer -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Asterisk 11 under VMware?
On Fri, Apr 4, 2014 at 1:30 PM, Carlos Chavez cur...@telecomabmex.com wrote: I have found Asterisk using only SIP is very responsive on virtual machines. We have used VMs for call center applications and for complex IVR solutions without problems. Obviously there is overhead running a VM so you can never expect a VM to perform as well as bare metal. Running a single VM on a server is a complete waste of resources, might as well run natively. Well, regardless of how many VMs you run on bare metal, you do get the benefit of the VM technology. Even if OP runs 1 VM on the box, he could leverage snapshots in VM ware for the purpose or migrating or back ups. I don't think it is a waste per say, just different requirements. -- Paul Belanger | PolyBeacon, Inc. Jabber: paul.belan...@polybeacon.com | IRC: pabelanger (Freenode) Github: https://github.com/pabelanger | Twitter: https://twitter.com/pabelanger -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Asterisk 11 under VMware?
From: Johan Wilfer li...@jttech.se Sounds very good. Do you have this experience with WMware in particular or with virtualization in general? We run our Asterisk 11 instance in VMWare as well. They share the hardware with multiple other boxes. We do give Asterisk priority over most other virtual machines. We either have SIP providers or use boxes like Digium's G100 series to convert our T1 lines to SIP. Our experience has been good and we have no problems loading Asterisk up on virtual machines on each site.-- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Asterisk 11 under VMware?
2014-04-04 21:35, Kevin Larsen skrev: From: Johan Wilfer li...@jttech.se Sounds very good. Do you have this experience with WMware in particular or with virtualization in general? We run our Asterisk 11 instance in VMWare as well. They share the hardware with multiple other boxes. We do give Asterisk priority over most other virtual machines. We either have SIP providers or use boxes like Digium's G100 series to convert our T1 lines to SIP. Our experience has been good and we have no problems loading Asterisk up on virtual machines on each site. Thanks Kevin, that's great. Nice to hear that asterisk is more virtualization friendly with recent versions. -- Johan Wilfer -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
[asterisk-users] Confbridge options
Hi, I'm doing an evaluation of Confbridge (migrating from Meetme). Looking at: https://wiki.asterisk.org/wiki/display/AST/ConfBridge+10 Under the heading User Profile Configuration Options the option announce_only_user is present. The sample config looks like this: -- ;announce_only_user=yes ;Sets if the only user announcement should be played when a channel enters a empty conference. On by default. -- But - disabling it (announce_only_user=no) doesn't take effect. And looking at the source asterisk-11.8.1/apps/app_confbridge.c I can't even find this option. Any clues? Also - setting quiet=yes still plays join/leave sound. My current work-around is: sound_join=silence/1 sound_leave=silence/1 But this seems a bit ineffective... In Meetme the quiet-flag also disabled join/leave sounds. Is this by design or an oversight? -- Johan Wilfer -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Confbridge options
2014-04-04 22:01, Johan Wilfer skrev: Hi, I'm doing an evaluation of Confbridge (migrating from Meetme). Looking at: https://wiki.asterisk.org/wiki/display/AST/ConfBridge+10 Under the heading User Profile Configuration Options the option announce_only_user is present. The sample config looks like this: -- ;announce_only_user=yes ;Sets if the only user announcement should be played when a channel enters a empty conference. On by default. -- But - disabling it (announce_only_user=no) doesn't take effect. And looking at the source asterisk-11.8.1/apps/app_confbridge.c I can't even find this option. Any clues? Looked at the wrong file for config parsing, sorry for the noise. But the option is not respected thought. Also - setting quiet=yes still plays join/leave sound. My current work-around is: sound_join=silence/1 sound_leave=silence/1 But this seems a bit ineffective... In Meetme the quiet-flag also disabled join/leave sounds. Is this by design or an oversight? Reading the source I get the impression that the intended behavior is: 1. Read sound_only_person if not flags quiet or announce_only_user is set. (apps/app_confbridge.c:1099) 2. No join sounds if flag quiet is set. (apps/app_confbridge.c:1714) But this is not what happens with 11.8.1, this is the bridge/user: [conference_bridge] type=bridge [conference_user] type=user admin=no marked=no startmuted=no announce_only_user=no quiet=yes With this I get join sounds played, and only_user is announced as well.. -- Johan Wilfer -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Confbridge options
2014-04-04 23:33, Johan Wilfer skrev: Also - setting quiet=yes still plays join/leave sound. My current work-around is: sound_join=silence/1 sound_leave=silence/1 But this seems a bit ineffective... In Meetme the quiet-flag also disabled join/leave sounds. Is this by design or an oversight? Reading the source I get the impression that the intended behavior is: 1. Read sound_only_person if not flags quiet or announce_only_user is set. (apps/app_confbridge.c:1099) 2. No join sounds if flag quiet is set. (apps/app_confbridge.c:1714) But this is not what happens with 11.8.1, this is the bridge/user: [conference_bridge] type=bridge [conference_user] type=user admin=no marked=no startmuted=no announce_only_user=no quiet=yes With this I get join sounds played, and only_user is announced as well.. I should have gone to sleep I think, my brain doesn't work. I think I get it now however. Short version: With dynamic user profiles, CONFBRIDGE(user,template)=user_profile) must be used. The profile supplied in ConfBridge is ignored and I missed that. The end. Long version: This works: ConfBridge(1,conference_bridge,conference_user); dev02*CLI confbridge list 1 ChannelUser Profile Bridge Profile Menu CallerID Muted == = SIP/jttech_sip2-0004 conference_user conference_bridge No But this does not: Set(CONFBRIDGE(user,startmuted)=no); ConfBridge(1,conference_bridge,conference_user); dev02*CLI confbridge list 1 ChannelUser Profile Bridge Profile Menu CallerID Muted == = SIP/jttech_sip2-0005conference_bridge No I expected Confbridge to use the supplied user_profile as a template and overlay the specific settings I set with CONFBRIDGE(user) on top of that profile. But instead it seems like the default profile is used. This however works (I should have read the docs more carefully): Set(CONFBRIDGE(user,template)=conference_user); Set(CONFBRIDGE(user,startmuted)=no); ConfBridge(1,conference_bridge); dev02*CLI confbridge list 1 ChannelUser Profile Bridge Profile Menu CallerID Muted == = SIP/jttech_sip2-0007 conference_user conference_bridge Yes With dynamic user profiles, CONFBRIDGE(user,template)=user_profile) must be used. The profile supplied in ConfBridge is ignored if one is present. I didn't expect that... -- Johan Wilfer -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] IAX2 Trunk Encryption
That answered my question as to whether it WAS encrypted, I think, and the answer is no, the credentials are but all the rest is not. That just leaves the question of what I need to do to get it encrypted.. Thanks. On Fri, Apr 4, 2014 at 12:59 PM, Steve Totaro stot...@totarotechnologies.com wrote: Wireshark. On Fri, Apr 4, 2014 at 11:13 AM, Elliott W dig...@private-address.infowrote: Ok, I think I am 90%+ there. Note: the configuration or status is the same on both sides unless otherwise noted. I am using RSA keys for authentication and the calls are coming through as authenticated so I'm sure that part works. The peer shows the (E) next to the status in Asterisk Info for the IAX2 peers The trunk configuration contains: encryption=yes So here is my question, Calls stop flowing when I use the directive: forceencryption=yes At the trunk level or higher does not matter, same effect. So my question comes down to, are my calls getting encrypted and why does this directive cause them to fail, AND how can I tell. Thanks. -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] IAX2 Trunk Encryption
Have you enabled IAX2 debugging and tried some test calls? Thanks, Steve T On Fri, Apr 4, 2014 at 6:59 PM, Elliott W dig...@private-address.infowrote: That answered my question as to whether it WAS encrypted, I think, and the answer is no, the credentials are but all the rest is not. That just leaves the question of what I need to do to get it encrypted.. Thanks. On Fri, Apr 4, 2014 at 12:59 PM, Steve Totaro stot...@totarotechnologies.com wrote: Wireshark. On Fri, Apr 4, 2014 at 11:13 AM, Elliott W dig...@private-address.infowrote: Ok, I think I am 90%+ there. Note: the configuration or status is the same on both sides unless otherwise noted. I am using RSA keys for authentication and the calls are coming through as authenticated so I'm sure that part works. The peer shows the (E) next to the status in Asterisk Info for the IAX2 peers The trunk configuration contains: encryption=yes So here is my question, Calls stop flowing when I use the directive: forceencryption=yes At the trunk level or higher does not matter, same effect. So my question comes down to, are my calls getting encrypted and why does this directive cause them to fail, AND how can I tell. Thanks. -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users