Sure, you can have opensips stuff the original IP of the client into a custom header and then have asterisk check that header using a custom built dialplan..
There may be a more sophisticated way to do it. Especially if you don't consume credentials, but that seems kind of sloppy to me. BTW, if you create a custom header, be sure to delete the header, before you add it.. Just in case someone is trying to spoof that internal header on invite.. -Brett On Tue, May 4, 2010 at 4:19 PM, info <[email protected]> wrote: > Hi, > > I think this means you cannot use IP authentication on asterisk for several > clients because asterisk sees Opensips as a single client. > > I have a similar problem. I have clients registering with Opensips. I have > installed the load balancing module on Opensips > and sending traffic on to asterisk. The asterisk is configured for IP > authentication > > > The problem is Asterisk sees the IP address off Opensips and not the end > client > > ********** > Using INVITE request as basis request - > 2b48506c1e10454d345aa7103921d...@asterisk_ip_address > No matching peer for '04480991222' from 'opensips_ip_address:5060' > ********** > > I guess what i am trying to say is that is there a way to authenticate with > the real ip off the client > > > Thanks > > > > > -----Original Message----- > From: [email protected] [mailto: > [email protected]] On Behalf Of David J. > Sent: 04 May 2010 18:00 > To: OpenSIPS users mailling list > Subject: Re: [OpenSIPS-Users] opensips and asterisk > > Sorry, The way I recommend doing this was assuming the user on the > Asterisk box needed to be publicly reachable from anywhere. > > I think that approach makes sense when using DID's and inbound routing > that does need authentication. > > > > On 5/4/10 12:55 PM, Olle E. Johansson wrote: > > 4 maj 2010 kl. 18.30 skrev Brett Nemeroff: > > > > > >> Carmelo, > >> If you have an SIP peer that matches the host and port of the opensips > server.. ie: > >> [opensips] > >> type=friend > >> host=<ip of opensips. > >> port=<port of opensips> (can be omitted if port 5060) > >> > >> Then it'll match that.. typically if it's coming from opensips you'll > want to add: > >> insecure=invite > >> > >> so that opensips won't be challenged to authenticate. Also be sure there > is no secret set. > >> > >> I personally wouldn't do this using the default context as the other > posters had recommended as that will allow *anyone* to send traffic to your > asterisk server. Which I don't believe is what you really want to do. > Instead, create a peer that is limited by IP and PORT allowed to send > invites without a secret. > >> > >> Also be sure that the context for that peer is set to the right context > and that if from the asterisk CLI you type: > >> dialplan show<RURI username>@<opensips context> > >> that it matches something you'd expect. > >> > >> On another note, are you performing a consume credentials? I think it > *might* be possible that opensips is forwarding your UAC's credentials on to > Asterisk if you are not.. > >> > >> > > If you want to ONLY match on IP/port, you need to use "type=peer". > > > > regards, > > /O > > > > > >> -Brett > >> > >> > >> On Tue, May 4, 2010 at 8:02 AM, wüber<[email protected]> wrote: > >> > >> Hi Bogdan, > >> > >> connecting Opensips with Asterisk I can see that if a client registered > on > >> Opensips server tries to make a call to a client in Asterisk domain, > after > >> the INVITE, it receives a "forbidden" message from asterisk. I have set > the > >> forwarding functionality in Opensips (rewriteuri function) and I'm > pretty > >> sure it's something related to asterisk. > >> > >> Perhaps this is not the right section, but anyway could you help me? Do > you > >> know what I should set in the sip.conf of Asterisk config file? > >> > >> Thanks a lot, > >> Carmelo > >> -- > >> View this message in context: > http://opensips-open-sip-server.1449251.n2.nabble.com/opensips-and-asterisk-tp4962200p5003181.html > >> Sent from the OpenSIPS - Users mailing list archive at Nabble.com. > >> > >> _______________________________________________ > >> Users mailing list > >> [email protected] > >> http://lists.opensips.org/cgi-bin/mailman/listinfo/users > >> > >> _______________________________________________ > >> Users mailing list > >> [email protected] > >> http://lists.opensips.org/cgi-bin/mailman/listinfo/users > >> > > --- > > * Olle E Johansson - [email protected] > > * Cell phone +46 70 593 68 51, Office +46 8 96 40 20, Sweden > > > > > > > > > > _______________________________________________ > > Users mailing list > > [email protected] > > http://lists.opensips.org/cgi-bin/mailman/listinfo/users > > > > > > > _______________________________________________ > Users mailing list > [email protected] > http://lists.opensips.org/cgi-bin/mailman/listinfo/users > > _______________________________________________ > Users mailing list > [email protected] > http://lists.opensips.org/cgi-bin/mailman/listinfo/users >
_______________________________________________ Users mailing list [email protected] http://lists.opensips.org/cgi-bin/mailman/listinfo/users
