Jeff LaCoursiere
2016-Nov-30 21:10 UTC
[asterisk-users] new inbound DID provider... no auth?
We are trying to work with a new DID provider and I find myself confused. Their standard integration is to send the call with no authentication. I am expected to whitelist all their possible gateways, and accept their calls I guess with no peer definition. I actually have it working this way; the calls land in our "public" context, I guess as "guest", and I am able to route them from there. But that makes me nervous. I would rather at least have them be associated with a defined peer, so I can set the right context and any other parameters I might want associated. It is inbound only, no outbound. I might try to set a host= in a peer definition with no secret, and see if that matches it, but I would rather avoid making a peer definition for every gateway they have. Can anyone think of a way to define a single peer that might show from multiple potential addresses without authentication info? Cheers, -- Jeff LaCoursiere 312 962 5250 desk 815 546 6599 cell
Hi, That's right - you just need to define a peer with a static IP address and "type=peer" to assign incoming calls to a peer name and apply the corresponding configuration (e.g. codecs). To make your configuration less redundant you can use templates in your peer definition (at least for chan_sip, I'm not sure if the same syntax applies on chan_pjsip). Example: ----------------------------------- ;; All configuration made to this peer will be applied to all childs of this definition [your-did-provider](!) type=peer allow=ulaw,alaw,g722 ....... ;; This peer derives all other configuration from "your-did-provider", ;; then your local changes are applied and can override the derived ones. [your-did-provider-gw1](your-did-provider) host=1.2.3.4 [your-did-provider-gw2](your-did-provider) host=1.2.3.5 ----------------------------------- That's the shortest thing I can imagine at the moment. At least, with this way of definition you only need to do changes on one single point, not for every gateway IP. Am 30.11.2016 um 22:10 schrieb Jeff LaCoursiere:> > We are trying to work with a new DID provider and I find myself confused. Their standard integration is to send the call with no authentication. I am expected to whitelist all their possible gateways, and accept their calls I guess with no peer definition. I actually have it working this way; the calls land in our "public" context, I guess as "guest", and I am able to route them from there. But that makes me nervous. > > I would rather at least have them be associated with a defined peer, so I can set the right context and any other parameters I might want associated. It is inbound only, no outbound. I might try to set a host= in a peer definition with no secret, and see if that matches it, but I would rather avoid making a peer definition for every gateway they have. Can anyone think of a way to define a single peer that might show from multiple potential addresses without authentication info? > > Cheers, >-------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20161207/47095497/attachment.pgp>