On 8/30/10 4:34 PM, Frank Griffith wrote: > Executing [011972599544...@default:1] This is perhaps one of the worst things you can ever do with Asterisk - putting toll access into the default context. Never put anything you don't want to be accessible to unauthenticated guests there.
Your Asterisk server with that config is an open gateway, and anyone can dial through it if they try to dial SIP/011someth...@your_ip. Solution: move everything out of the default context in extensions.conf or .ael, leaving it empty, and place all the extensions instead in a different context. Assign your devices and/or DID accounts to that context so the extensions are still available to them, f.e. [myDIDprovider] type=user host=ipaddr_or_hostname context=my_context disallow=all allow=whatever_codec(s) qualify=yes [201] ; a sip account type=friend host=dynamic secret=verysecretandlonghash context=my_context disallow=all allow=whatever_codec(s) qualify=yes These are rough examples, but should be enough for the start. Yeah, and make sure you have alwaysauthreject=yes in sip.conf Hope this helps, Vahan -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- Asterisk-BSD mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-bsd
