Allowing Calls – Maybe I’m Just Stupid…

Home » Asterisk Users » Allowing Calls – Maybe I’m Just Stupid…
Asterisk Users 6 Comments

Hi again!

About my previous E-Mail…

I though about it and I think, that maybe I’m just very stupid… Since I called an INTERNAL number, Asterisk tried to call it.

I tried right now to call an EXTERNAL number (using my context
[myproxy]) and the behavior is NOT the same… Not 100% correct, but it tries the right way…

Now my problem is to check in my dialplan if the peer, that originate
the call, is reachable, and if not, to give an error…

Is there any function to know if the peer is reachable?

Thanks Luca Bertoncello
(lucabert@lucabert.de)

6 thoughts on - Allowing Calls – Maybe I’m Just Stupid…

  • Zitat von A J Stiles :

    I can originate a call even if my peer is “UNREACHABLE” (sip show
    peers say UNREACHABLE)…

    But I solved using the function EXTENDED_STATE…

    Regards Luca Bertoncello
    (lucabert@lucabert.de)

  • I think the confusion here stands in the fact that registrations are for receiving calls, a peer registers to tell asterisk “Hey, here is where to find me in case you need to ring me”.

    When the same peer wants to make a call it will send an invite to asterisk with the details for that call AND the authentication, it’s completely decoupled from registration, it just uses the same credential but authenticates each time.

    Registration then isn’t like logging in to a service, or at least, it’s like that but just for getting calls, to make a call your phone has to authenticate each time he sends an invite. That’s why it works without being registered.

    So, trying to bind authentication to originate calls to registrations is conceptually wrong in the SIP world. Maybe you can do that but that’s not the way the protocols have been engineered to work.

  • Zitat von Guido Falsi :

    Hi Guido,

    thanks for your answer.

    Well, I decided to do that, since I have my Asterisk reachable from
    Internet just for my cellphone and I want to avoid that someone guess
    my password (random and long, but it’s of course possible to guess
    with a brute force attack) and call using my Asterisk…

    Since I’ll use rarely my Asterisk from Internet (maybe just if I’m in
    holiday), I find this limitation meaningful.

    Thanks Luca Bertoncello
    (lucabert@lucabert.de)

  • Really? How weak are your passwords, for you to be worried about brute-force attacks?

    If you configure fail2ban so as to block IP addresses after a set number of false attempts and then unblock after (say) 15 minutes, you can drastically limit the rate at which such attempts can be made without running the risk of locking *yourself* out.

    Well, Asterisk doesn’t!

    Did your mother ever tell you when you were younger and just beginning to expand your horizons, “Always tell a grown-up where you are going, before you go out” ? Well, that is essentially the purpose of SIP peer registration