SIP ALG, allowguest=no

Home » Asterisk Users » SIP ALG, allowguest=no
Asterisk Users No Comments


I just read this article about an Asterisk server that got hacked to
make free international calls through an ITSP:

I have a couple of questions:

1. Am I correct in understanding that SIP ALG on a router makes it
easier to host an Asterisk server on a private LAN behind a NAT router
(no need to map ports for RTP + outgoing packets can be sent directly
to the remote SIP client instead of going through the Asterisk server
to rewrite the RTP port numbers)?

2. If “allowguest=no” is commented out, it means that any SIP client
on the Net can connect to the Asterisk server and make outgoing calls
like legitimate SIP clients?

Thank you.