Here's the issue: I have a FreePBX server running at a location that 1. Is not directly accessible from all the outside locations I would be at2. I don't want the SIP ports directly open to it from the whole world anyway for security reasons.
I have a VPS that I am currently using as a pure SIP redirector via firewall rules, and the main location allows connection from the VPS only.
The issue I've run into (which is the same issue as having the main server open to the world), is that I still get a fair number of exploit hits to the server.
What I'd like to do is use Kamailio as an authenticating proxy so I could use fail2ban on the VPS to ban the offenders when they try to exploit the server. Basically I want Kamailio to handle passing authentication back and forth from the client to the actual server and then handle proxying the full connection when the auth is correct.
Is this doable? If so, how would I go about setting it up?It looks like Kamailio should be able to do just about anything, but I don't know where to start.
Thanks. Mark II -- Mark D. Montgomery II http://www.techiem2.net
biniUjaFZDVzD.bin
Description: PGP Public Key
pgp8T2SuWjv8b.pgp
Description: PGP Digital Signature
_______________________________________________ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
