Steve Davies
2011-Aug-25 14:20 UTC
[asterisk-users] Possibly odd sip.conf security requirements. Possible?
Hi, Is the following possible in some way? I want to have several SIP providers able to send me calls, each provider may send calls into many possible DDIs. Each provider has a cluster of servers, but is unable to authenticate with me, so the following would be a sort of pseudo-code sip.conf example. [general] context = barred ; Unknown/other source of calls [provider 1] type = peer context = provider1-context ; deal with provider's calls 1 deny = 0.0.0.0/0.0.0.0 permit = 12.13.14.0/24 ; This provider has servers in this range [provider 2] type = peer context = provider2-context ; deal with provider's calls 2 deny = 0.0.0.0/0.0.0.0 permit = 22.23.24.0/24 ; This provider has servers in this range [provider 3] type = peer context = provider3-context ; deal with provider's calls 3 deny = 0.0.0.0/0.0.0.0 permit = 32.33.34.0/24 ; This provider has servers in this range Normally a call into SIP has one of 3 paths: 1) Unauthenticated, so use the default 2) Identifiable username 3) Identifiable IP address In the above example, we have a BLOCK of IP addresses instead of a single address. Can this be made to work? Thanks for any pointers. Regards, Steve