Okay, Scott, I think we are on the wrong path. Maybe I'm wrong though. I will summarize again briefly the problems together: The peer ip address could be another than the ip address of incoming invites After an re-register the REGISTER is send to the new SIP server, answered with OK. But the peer ip address is still the old one (sip show peers). If now is a INVITE, the request is answered with 401 Unauthorized. That?s why I would say, the problem is not the port or a needed authentication. My Asterisk works behind a NAT without port forwarding and nat=no, I have qualify=yes that it does not come to a NAT timeout. Here is an example. The peer ip address was at this time 217.0.23.100, the INVITE came from 217.0.23.68 an was rejected with 401 Unauthorized: INVITE sip:06123456789 at 80.000.111.222:45061 SIP/2.0 Max-Forwards: 58 Via: SIP/2.0/UDP 217.0.23.68:5060;branch=z9hG4bKg3Zqkv7ib7h2smv8whryjnos88srot1i7 To: <sip:6123456789 at telekom.de> From: <sip:+49123456789 at tel.t-online.de;user=phone>;tag=h7g4Esbg_44c62525 Call-ID: af71bbfbf269b895 at 62.155.0.75 CSeq: 3950540 INVITE Contact: <sip:sgc_c at 217.0.23.68;transport=udp> Record-Route: <sip:217.0.23.68;transport=udp;lr> Min-Se: 900 P-Asserted-Identity: <sip:+49123456789 at tel.t-online.de;user=phone> Session-Expires: 3600 Supported: histinfo Supported: timer Supported: norefersub Content-Type: application/sdp Content-Disposition: session Content-Length: 204 Allow: ACK, BYE, CANCEL, INFO, INVITE, OPTIONS, PRACK, REFER, REGISTER, UPDATE v=0 o=- 0 0 IN IP4 217.0.23.68 s=- c=IN IP4 217.0.4.134 t=0 0 m=audio 36480 RTP/AVP 9 8 102 a=rtpmap:9 G722/8000 a=rtpmap:8 PCMA/8000 a=rtpmap:102 telephone-event/8000 a=maxptime:20 a=ptime:20> Am 02.04.2015 um 22:00 schrieb Scott Griepentrog <sgriepentrog at digium.com>: > > Actually, the IP address is still used to identify the incoming invite. With the insecure=port option set, Asterisk will presume the invite to still match the trunk account even if the NAT router has mangled (changed) the port number. My suspicion is that when the new register goes out, it's creating a new state in the firewall, resulting in a new port number, which is why you would have to allow anonymous calls to then accept it without insecure=port. The other possibility is that you have a port forward in the router set, which is similarly mangling the port number. With a valid registration being held, and assuming the router does not drop UDP states faster than 30 minutes, and also assuming that the provider is sending you invites on the registered port rather than always on 5060, there should not be a need for an inbound port forward to Asterisk, and you should not need insecure=port. > > The invite option disables authentication - which means only that Asterisk will not force a check of the password on the other end. Where the IP address is well known and trusted, the extra overhead and delay of authenticating incoming INVITEs is not needed. > > > > On Thu, Apr 2, 2015 at 2:28 PM, Daniel Heckl <daniel.heckl at gmail.com <mailto:daniel.heckl at gmail.com>> wrote: > Scott, I have changed the configuration as said it and will test it. I?m curious. > > Can you briefly explain what insecure=invite,port does? > > ;insecure=port ; Allow matching of peer by IP address without > ; matching port number > ;insecure=invite ; Do not require authentication of incoming INVITEs > ;insecure=port,invite ; (both) > > Do I understand correctly that in this mode the IP address is not checked and no authentication is required? > >> Am 02.04.2015 um 20:11 schrieb Scott Griepentrog <sgriepentrog at digium.com <mailto:sgriepentrog at digium.com>>: >> >> ?I'd be curious if setting >> >> insecure=invite,port >> >> makes any difference either (without alllowguest on). >> ? >> >> On Thu, Apr 2, 2015 at 9:03 AM, Daniel Heckl <daniel.heckl at gmail.com <mailto:daniel.heckl at gmail.com>> wrote: >> Ok, I have tested dnsmgr. This is not a solution, the situation has not changed. With dnsmgr I can not place outbound calls. I do not know why and what dnsmgr really do. >> >> My current solution is as follows: >> >> Say allowguest=yes, configure the default context that there can not be placed outbound calls. Use iptables to DROP all at your SIP port and allow only your local phones and the sip trunk ip range. I think srvlookup must be set to yes to place outbound calls if there is an ip address change. >> >> I think with the restriction of the firewall that should be a secure solution. >> >> > Am 01.04.2015 um 19:23 schrieb Sebastian Kemper <sebastian_ml at gmx.net <mailto:sebastian_ml at gmx.net>>: >> > >> > On Wed, Apr 01, 2015 at 11:00:56AM -0400, Andres wrote: >> >> On 4/1/15 10:48 AM, Daniel Heckl wrote: >> >>> John, >> >>> >> >>> thank you four your answer. I think you have misunderstood the >> >>> problem. It?s about a ip address change of the sip trunk, not of my >> >>> asterisk server. >> >> You would probably benefit by enabling the DNS Manager to allow for >> >> dynamic IP changes: >> >> >> >> # cat dnsmgr.conf [general] enable=yes ; enable creation >> >> of managed DNS lookups ; default is 'no' refreshinterval=180 ; >> >> refresh managed DNS lookups every <n> seconds ; default is 300 (5 >> >> minutes) >> > >> > Hello Andres, >> > >> > I read that same suggestion elsewhere in connection with Deutsche >> > Telekom, so it seems there's some benefit in it. >> > >> > Daniel, did you try it out already? >> > >> > Kind regards, >> > Sebastian >> > >> > -- >> > _____________________________________________________________________ >> > -- Bandwidth and Colocation Provided by http://www.api-digital.com <http://www.api-digital.com/> -- >> > New to Asterisk? Join us for a live introductory webinar every Thurs: >> > http://www.asterisk.org/hello <http://www.asterisk.org/hello> >> > >> > asterisk-users mailing list >> > To UNSUBSCRIBE or update options visit: >> > http://lists.digium.com/mailman/listinfo/asterisk-users <http://lists.digium.com/mailman/listinfo/asterisk-users> >> >> >> -- >> _____________________________________________________________________ >> -- Bandwidth and Colocation Provided by http://www.api-digital.com <http://www.api-digital.com/> -- >> New to Asterisk? Join us for a live introductory webinar every Thurs: >> http://www.asterisk.org/hello <http://www.asterisk.org/hello> >> >> asterisk-users mailing list >> To UNSUBSCRIBE or update options visit: >> http://lists.digium.com/mailman/listinfo/asterisk-users <http://lists.digium.com/mailman/listinfo/asterisk-users> >> >> >> -- >> >> Scott Griepentrog >> Digium, Inc ? Software Developer >> 445 Jan Davis Drive NW ? Huntsville, AL 35806 ? US >> direct/fax: +1 256 428 6239 ? mobile: +1 256 580 6090 >> Check us out at: http://digium.com <http://digium.com/> ? http://asterisk.org <http://asterisk.org/> >> -- >> _____________________________________________________________________ >> -- Bandwidth and Colocation Provided by http://www.api-digital.com <http://www.api-digital.com/> -- >> New to Asterisk? Join us for a live introductory webinar every Thurs: >> http://www.asterisk.org/hello <http://www.asterisk.org/hello> >> >> asterisk-users mailing list >> To UNSUBSCRIBE or update options visit: >> http://lists.digium.com/mailman/listinfo/asterisk-users <http://lists.digium.com/mailman/listinfo/asterisk-users> > > -- > _____________________________________________________________________ > -- Bandwidth and Colocation Provided by http://www.api-digital.com <http://www.api-digital.com/> -- > New to Asterisk? Join us for a live introductory webinar every Thurs: > http://www.asterisk.org/hello <http://www.asterisk.org/hello> > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users <http://lists.digium.com/mailman/listinfo/asterisk-users> > > > > -- > > Scott Griepentrog > Digium, Inc ? Software Developer > 445 Jan Davis Drive NW ? Huntsville, AL 35806 ? US > direct/fax: +1 256 428 6239 ? mobile: +1 256 580 6090 > Check us out at: http://digium.com <http://digium.com/> ? http://asterisk.org <http://asterisk.org/> > -- > _____________________________________________________________________ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > New to Asterisk? Join us for a live introductory webinar every Thurs: > http://www.asterisk.org/hello > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20150402/380568f7/attachment-0001.html>
That sounds like asterisk was working 100% correctly. If you receive an INVITE from an unknown IP address, then it should fail. Unless you want to allow anonymous, which is genearlly a very bad idea. If you are registering to IP X, but the provider may be transmitting invites from any number of other IP addresses, then you need a list of IP addresses, and have a trunk configuration set up for each one so that they are all recognized (with insecure=port,invite). If the provider is requiring you to accept invites from random IP addresses, get a new provider. On Thu, Apr 2, 2015 at 3:23 PM, Daniel Heckl <daniel.heckl at gmail.com> wrote:> Okay, Scott, I think we are on the wrong path. Maybe I'm wrong though. > > I will summarize again briefly the problems together: > > - The peer ip address could be another than the ip address of incoming > invites > - After an re-register the REGISTER is send to the new SIP server, > answered with OK. But the peer ip address is still the old one (sip show > peers). > - If now is a INVITE, the request is answered with 401 Unauthorized. > > > That?s why I would say, the problem is not the port or a needed > authentication. My Asterisk works behind a NAT without port forwarding and > nat=no, I have qualify=yes that it does not come to a NAT timeout. > > Here is an example. The peer ip address was at this time 217.0.23.100, the > INVITE came from 217.0.23.68 an was rejected with 401 Unauthorized: > > INVITE sip:06123456789 at 80.000.111.222:45061 SIP/2.0 > Max-Forwards: 58 > Via: SIP/2.0/UDP 217.0.23.68:5060 > ;branch=z9hG4bKg3Zqkv7ib7h2smv8whryjnos88srot1i7 > To: <sip:6123456789 at telekom.de> > From: <sip:+49123456789 at tel.t-online.de;user=phone>;tag=h7g4Esbg_44c62525 > Call-ID: af71bbfbf269b895 at 62.155.0.75 > CSeq: 3950540 INVITE > Contact: <sip:sgc_c at 217.0.23.68;transport=udp> > Record-Route: <sip:217.0.23.68;transport=udp;lr> > Min-Se: 900 > P-Asserted-Identity: <sip:+49123456789 at tel.t-online.de;user=phone> > Session-Expires: 3600 > Supported: histinfo > Supported: timer > Supported: norefersub > Content-Type: application/sdp > Content-Disposition: session > Content-Length: 204 > Allow: ACK, BYE, CANCEL, INFO, INVITE, OPTIONS, PRACK, REFER, REGISTER, > UPDATE > > v=0 > o=- 0 0 IN IP4 217.0.23.68 > s=- > c=IN IP4 217.0.4.134 > t=0 0 > m=audio 36480 RTP/AVP 9 8 102 > a=rtpmap:9 G722/8000 > a=rtpmap:8 PCMA/8000 > a=rtpmap:102 telephone-event/8000 > a=maxptime:20 > a=ptime:20 > > Am 02.04.2015 um 22:00 schrieb Scott Griepentrog <sgriepentrog at digium.com > >: > > Actually, the IP address is still used to identify the incoming invite. > With the insecure=port option set, Asterisk will presume the invite to > still match the trunk account even if the NAT router has mangled (changed) > the port number. My suspicion is that when the new register goes out, it's > creating a new state in the firewall, resulting in a new port number, which > is why you would have to allow anonymous calls to then accept it without > insecure=port. The other possibility is that you have a port forward in > the router set, which is similarly mangling the port number. With a valid > registration being held, and assuming the router does not drop UDP states > faster than 30 minutes, and also assuming that the provider is sending you > invites on the registered port rather than always on 5060, there should not > be a need for an inbound port forward to Asterisk, and you should not need > insecure=port. > > The invite option disables authentication - which means only that Asterisk > will not force a check of the password on the other end. Where the IP > address is well known and trusted, the extra overhead and delay of > authenticating incoming INVITEs is not needed. > > > > On Thu, Apr 2, 2015 at 2:28 PM, Daniel Heckl <daniel.heckl at gmail.com> > wrote: > >> Scott, I have changed the configuration as said it and will test it. I?m >> curious. >> >> Can you briefly explain what insecure=invite,port does? >> >> ;insecure=port ; Allow matching of peer by IP address without >> ; matching port number >> ;insecure=invite ; Do not require authentication of incoming INVITEs >> ;insecure=port,invite ; (both) >> >> Do I understand correctly that in this mode the IP address is not checked >> and no authentication is required? >> >> Am 02.04.2015 um 20:11 schrieb Scott Griepentrog <sgriepentrog at digium.com >> >: >> >> ?I'd be curious if setting >> >> insecure=invite,port >> >> makes any difference either (without alllowguest on). >> ? >> >> On Thu, Apr 2, 2015 at 9:03 AM, Daniel Heckl <daniel.heckl at gmail.com> >> wrote: >> >>> Ok, I have tested dnsmgr. This is not a solution, the situation has not >>> changed. With dnsmgr I can not place outbound calls. I do not know why and >>> what dnsmgr really do. >>> >>> My current solution is as follows: >>> >>> Say allowguest=yes, configure the default context that there can not be >>> placed outbound calls. Use iptables to DROP all at your SIP port and allow >>> only your local phones and the sip trunk ip range. I think srvlookup must >>> be set to yes to place outbound calls if there is an ip address change. >>> >>> I think with the restriction of the firewall that should be a secure >>> solution. >>> >>> > Am 01.04.2015 um 19:23 schrieb Sebastian Kemper <sebastian_ml at gmx.net >>> >: >>> > >>> > On Wed, Apr 01, 2015 at 11:00:56AM -0400, Andres wrote: >>> >> On 4/1/15 10:48 AM, Daniel Heckl wrote: >>> >>> John, >>> >>> >>> >>> thank you four your answer. I think you have misunderstood the >>> >>> problem. It?s about a ip address change of the sip trunk, not of my >>> >>> asterisk server. >>> >> You would probably benefit by enabling the DNS Manager to allow for >>> >> dynamic IP changes: >>> >> >>> >> # cat dnsmgr.conf [general] enable=yes ; enable creation >>> >> of managed DNS lookups ; default is 'no' refreshinterval=180 ; >>> >> refresh managed DNS lookups every <n> seconds ; default is 300 (5 >>> >> minutes) >>> > >>> > Hello Andres, >>> > >>> > I read that same suggestion elsewhere in connection with Deutsche >>> > Telekom, so it seems there's some benefit in it. >>> > >>> > Daniel, did you try it out already? >>> > >>> > Kind regards, >>> > Sebastian >>> > >>> > -- >>> > _____________________________________________________________________ >>> > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- >>> > New to Asterisk? Join us for a live introductory webinar every Thurs: >>> > http://www.asterisk.org/hello >>> > >>> > asterisk-users mailing list >>> > To UNSUBSCRIBE or update options visit: >>> > http://lists.digium.com/mailman/listinfo/asterisk-users >>> >>> >>> -- >>> _____________________________________________________________________ >>> -- Bandwidth and Colocation Provided by http://www.api-digital.com -- >>> New to Asterisk? Join us for a live introductory webinar every Thurs: >>> http://www.asterisk.org/hello >>> >>> asterisk-users mailing list >>> To UNSUBSCRIBE or update options visit: >>> http://lists.digium.com/mailman/listinfo/asterisk-users >>> >> >> >> >> -- >> [image: Digium logo] >> Scott Griepentrog >> Digium, Inc ? Software Developer >> 445 Jan Davis Drive NW ? Huntsville, AL 35806 ? US >> direct/fax: +1 256 428 6239 ? mobile: +1 256 580 6090 >> Check us out at: http://digium.com ? http://asterisk.org >> -- >> _____________________________________________________________________ >> -- Bandwidth and Colocation Provided by http://www.api-digital.com -- >> New to Asterisk? Join us for a live introductory webinar every Thurs: >> http://www.asterisk.org/hello >> >> asterisk-users mailing list >> To UNSUBSCRIBE or update options visit: >> http://lists.digium.com/mailman/listinfo/asterisk-users >> >> >> >> -- >> _____________________________________________________________________ >> -- Bandwidth and Colocation Provided by http://www.api-digital.com -- >> New to Asterisk? Join us for a live introductory webinar every Thurs: >> http://www.asterisk.org/hello >> >> asterisk-users mailing list >> To UNSUBSCRIBE or update options visit: >> http://lists.digium.com/mailman/listinfo/asterisk-users >> > > > > -- > [image: Digium logo] > Scott Griepentrog > Digium, Inc ? Software Developer > 445 Jan Davis Drive NW ? Huntsville, AL 35806 ? US > direct/fax: +1 256 428 6239 ? mobile: +1 256 580 6090 > Check us out at: http://digium.com ? http://asterisk.org > -- > _____________________________________________________________________ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > New to Asterisk? Join us for a live introductory webinar every Thurs: > http://www.asterisk.org/hello > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users > > > > -- > _____________________________________________________________________ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > New to Asterisk? Join us for a live introductory webinar every Thurs: > http://www.asterisk.org/hello > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users >-- [image: Digium logo] Scott Griepentrog Digium, Inc ? Software Developer 445 Jan Davis Drive NW ? Huntsville, AL 35806 ? US direct/fax: +1 256 428 6239 ? mobile: +1 256 580 6090 Check us out at: http://digium.com ? http://asterisk.org -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20150402/ec7bd418/attachment.html>
I do not want set allowguest=yes. The problem is, there is no official list with ip addresses of Telekom Germany. But I think all ip addresses comes from the ip range 217.0.0.0/13. I have now the following addition to sip.conf. I think it is the only safe option. Or what would you say? [telekom](!) context=from-trunk type=peer defaultuserauthuserremotesecretfromdomain=tel.t-online.de qualify=no dtmfmode=rfc2833 directmedia=no sendrpid=pai trustrpid=no insecure=port,invite disallow=all allow=g722 allow=alaw allow=gsm deny=0.0.0.0/0 permit=217.0.0.0/13 [DTAG-IP_IN18_016](telekom) host=217.0.18.16 [DTAG-IP_IN18_036](telekom) host=217.0.18.36 etc.> Am 02.04.2015 um 23:21 schrieb Scott Griepentrog <sgriepentrog at digium.com>: > > That sounds like asterisk was working 100% correctly. If you receive an INVITE from an unknown IP address, then it should fail. Unless you want to allow anonymous, which is genearlly a very bad idea. > > If you are registering to IP X, but the provider may be transmitting invites from any number of other IP addresses, then you need a list of IP addresses, and have a trunk configuration set up for each one so that they are all recognized (with insecure=port,invite). > > If the provider is requiring you to accept invites from random IP addresses, get a new provider. > > > On Thu, Apr 2, 2015 at 3:23 PM, Daniel Heckl <daniel.heckl at gmail.com <mailto:daniel.heckl at gmail.com>> wrote: > Okay, Scott, I think we are on the wrong path. Maybe I'm wrong though. > > I will summarize again briefly the problems together: > The peer ip address could be another than the ip address of incoming invites > After an re-register the REGISTER is send to the new SIP server, answered with OK. But the peer ip address is still the old one (sip show peers). > If now is a INVITE, the request is answered with 401 Unauthorized. > > That?s why I would say, the problem is not the port or a needed authentication. My Asterisk works behind a NAT without port forwarding and nat=no, I have qualify=yes that it does not come to a NAT timeout. > > Here is an example. The peer ip address was at this time 217.0.23.100, the INVITE came from 217.0.23.68 an was rejected with 401 Unauthorized: > > INVITE sip:06123456789 at 80.000.111.222:45061 <> SIP/2.0 > Max-Forwards: 58 > Via: SIP/2.0/UDP 217.0.23.68:5060;branch=z9hG4bKg3Zqkv7ib7h2smv8whryjnos88srot1i7 > To: <sip:6123456789 at telekom.de <>> > From: <sip:+49123456789 at tel.t-online.de;user=phone <>>;tag=h7g4Esbg_44c62525 > Call-ID: af71bbfbf269b895 at 62.155.0.75 <mailto:af71bbfbf269b895 at 62.155.0.75> > CSeq: 3950540 INVITE > Contact: <sip:sgc_c at 217.0.23.68;transport=udp <>> > Record-Route: <sip:217.0.23.68;transport=udp;lr <>> > Min-Se: 900 > P-Asserted-Identity: <sip:+49123456789 at tel.t-online.de;user=phone <>> > Session-Expires: 3600 > Supported: histinfo > Supported: timer > Supported: norefersub > Content-Type: application/sdp > Content-Disposition: session > Content-Length: 204 > Allow: ACK, BYE, CANCEL, INFO, INVITE, OPTIONS, PRACK, REFER, REGISTER, UPDATE > > v=0 > o=- 0 0 IN IP4 217.0.23.68 > s=- > c=IN IP4 217.0.4.134 > t=0 0 > m=audio 36480 RTP/AVP 9 8 102 > a=rtpmap:9 G722/8000 > a=rtpmap:8 PCMA/8000 > a=rtpmap:102 telephone-event/8000 > a=maxptime:20 > a=ptime:20 > >> Am 02.04.2015 um 22:00 schrieb Scott Griepentrog <sgriepentrog at digium.com <mailto:sgriepentrog at digium.com>>: >> >> Actually, the IP address is still used to identify the incoming invite. With the insecure=port option set, Asterisk will presume the invite to still match the trunk account even if the NAT router has mangled (changed) the port number. My suspicion is that when the new register goes out, it's creating a new state in the firewall, resulting in a new port number, which is why you would have to allow anonymous calls to then accept it without insecure=port. The other possibility is that you have a port forward in the router set, which is similarly mangling the port number. With a valid registration being held, and assuming the router does not drop UDP states faster than 30 minutes, and also assuming that the provider is sending you invites on the registered port rather than always on 5060, there should not be a need for an inbound port forward to Asterisk, and you should not need insecure=port. >> >> The invite option disables authentication - which means only that Asterisk will not force a check of the password on the other end. Where the IP address is well known and trusted, the extra overhead and delay of authenticating incoming INVITEs is not needed. >> >> >> >> On Thu, Apr 2, 2015 at 2:28 PM, Daniel Heckl <daniel.heckl at gmail.com <mailto:daniel.heckl at gmail.com>> wrote: >> Scott, I have changed the configuration as said it and will test it. I?m curious. >> >> Can you briefly explain what insecure=invite,port does? >> >> ;insecure=port ; Allow matching of peer by IP address without >> ; matching port number >> ;insecure=invite ; Do not require authentication of incoming INVITEs >> ;insecure=port,invite ; (both) >> >> Do I understand correctly that in this mode the IP address is not checked and no authentication is required? >> >>> Am 02.04.2015 um 20:11 schrieb Scott Griepentrog <sgriepentrog at digium.com <mailto:sgriepentrog at digium.com>>: >>> >>> ?I'd be curious if setting >>> >>> insecure=invite,port >>> >>> makes any difference either (without alllowguest on). >>> ? >>> >>> On Thu, Apr 2, 2015 at 9:03 AM, Daniel Heckl <daniel.heckl at gmail.com <mailto:daniel.heckl at gmail.com>> wrote: >>> Ok, I have tested dnsmgr. This is not a solution, the situation has not changed. With dnsmgr I can not place outbound calls. I do not know why and what dnsmgr really do. >>> >>> My current solution is as follows: >>> >>> Say allowguest=yes, configure the default context that there can not be placed outbound calls. Use iptables to DROP all at your SIP port and allow only your local phones and the sip trunk ip range. I think srvlookup must be set to yes to place outbound calls if there is an ip address change. >>> >>> I think with the restriction of the firewall that should be a secure solution. >>> >>> > Am 01.04.2015 um 19:23 schrieb Sebastian Kemper <sebastian_ml at gmx.net <mailto:sebastian_ml at gmx.net>>: >>> > >>> > On Wed, Apr 01, 2015 at 11:00:56AM -0400, Andres wrote: >>> >> On 4/1/15 10:48 AM, Daniel Heckl wrote: >>> >>> John, >>> >>> >>> >>> thank you four your answer. I think you have misunderstood the >>> >>> problem. It?s about a ip address change of the sip trunk, not of my >>> >>> asterisk server. >>> >> You would probably benefit by enabling the DNS Manager to allow for >>> >> dynamic IP changes: >>> >> >>> >> # cat dnsmgr.conf [general] enable=yes ; enable creation >>> >> of managed DNS lookups ; default is 'no' refreshinterval=180 ; >>> >> refresh managed DNS lookups every <n> seconds ; default is 300 (5 >>> >> minutes) >>> > >>> > Hello Andres, >>> > >>> > I read that same suggestion elsewhere in connection with Deutsche >>> > Telekom, so it seems there's some benefit in it. >>> > >>> > Daniel, did you try it out already? >>> > >>> > Kind regards, >>> > Sebastian >>> > >>> > -- >>> > _____________________________________________________________________ >>> > -- Bandwidth and Colocation Provided by http://www.api-digital.com <http://www.api-digital.com/> -- >>> > New to Asterisk? Join us for a live introductory webinar every Thurs: >>> > http://www.asterisk.org/hello <http://www.asterisk.org/hello> >>> > >>> > asterisk-users mailing list >>> > To UNSUBSCRIBE or update options visit: >>> > http://lists.digium.com/mailman/listinfo/asterisk-users <http://lists.digium.com/mailman/listinfo/asterisk-users> >>> >>> >>> -- >>> _____________________________________________________________________ >>> -- Bandwidth and Colocation Provided by http://www.api-digital.com <http://www.api-digital.com/> -- >>> New to Asterisk? Join us for a live introductory webinar every Thurs: >>> http://www.asterisk.org/hello <http://www.asterisk.org/hello> >>> >>> asterisk-users mailing list >>> To UNSUBSCRIBE or update options visit: >>> http://lists.digium.com/mailman/listinfo/asterisk-users <http://lists.digium.com/mailman/listinfo/asterisk-users> >>> >>> >>> -- >>> >>> Scott Griepentrog >>> Digium, Inc ? Software Developer >>> 445 Jan Davis Drive NW ? Huntsville, AL 35806 ? US >>> direct/fax: +1 256 428 6239 ? mobile: +1 256 580 6090 >>> Check us out at: http://digium.com <http://digium.com/> ? http://asterisk.org <http://asterisk.org/> >>> -- >>> _____________________________________________________________________ >>> -- Bandwidth and Colocation Provided by http://www.api-digital.com <http://www.api-digital.com/> -- >>> New to Asterisk? Join us for a live introductory webinar every Thurs: >>> http://www.asterisk.org/hello <http://www.asterisk.org/hello> >>> >>> asterisk-users mailing list >>> To UNSUBSCRIBE or update options visit: >>> http://lists.digium.com/mailman/listinfo/asterisk-users <http://lists.digium.com/mailman/listinfo/asterisk-users> >> >> -- >> _____________________________________________________________________ >> -- Bandwidth and Colocation Provided by http://www.api-digital.com <http://www.api-digital.com/> -- >> New to Asterisk? Join us for a live introductory webinar every Thurs: >> http://www.asterisk.org/hello <http://www.asterisk.org/hello> >> >> asterisk-users mailing list >> To UNSUBSCRIBE or update options visit: >> http://lists.digium.com/mailman/listinfo/asterisk-users <http://lists.digium.com/mailman/listinfo/asterisk-users> >> >> >> >> -- >> >> Scott Griepentrog >> Digium, Inc ? Software Developer >> 445 Jan Davis Drive NW ? Huntsville, AL 35806 ? US >> direct/fax: +1 256 428 6239 ? mobile: +1 256 580 6090 >> Check us out at: http://digium.com <http://digium.com/> ? http://asterisk.org <http://asterisk.org/> >> -- >> _____________________________________________________________________ >> -- Bandwidth and Colocation Provided by http://www.api-digital.com <http://www.api-digital.com/> -- >> New to Asterisk? Join us for a live introductory webinar every Thurs: >> http://www.asterisk.org/hello <http://www.asterisk.org/hello> >> >> asterisk-users mailing list >> To UNSUBSCRIBE or update options visit: >> http://lists.digium.com/mailman/listinfo/asterisk-users <http://lists.digium.com/mailman/listinfo/asterisk-users> > > -- > _____________________________________________________________________ > -- Bandwidth and Colocation Provided by http://www.api-digital.com <http://www.api-digital.com/> -- > New to Asterisk? Join us for a live introductory webinar every Thurs: > http://www.asterisk.org/hello <http://www.asterisk.org/hello> > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users <http://lists.digium.com/mailman/listinfo/asterisk-users> > > > > -- > > Scott Griepentrog > Digium, Inc ? Software Developer > 445 Jan Davis Drive NW ? Huntsville, AL 35806 ? US > direct/fax: +1 256 428 6239 ? mobile: +1 256 580 6090 > Check us out at: http://digium.com <http://digium.com/> ? http://asterisk.org <http://asterisk.org/> > -- > _____________________________________________________________________ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > New to Asterisk? Join us for a live introductory webinar every Thurs: > http://www.asterisk.org/hello > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20150402/881ec0ee/attachment.html>