search for: auth_policy

> On 14 Dec 2017, at 8.30, Peter Mogensen <apm at one.com> wrote: > However... since the proxy use "nopassword", ALL passdb lookups result > in "success", so the proxy will never report an authentication failure > to the authpolicy server. Why not authenticate the sessions at the proxy level already? Is there any reason not to do that? Sami

Hi ... After the below thread, I wrote a patch to select on a node-by-node basis which auth-policy request should be done from that node. To my surprise the exact same functionality then turned up in 2.2.34 with just slightly different option names:* * *auth_policy_check_before_auth*: Whether to do policy lookup before authentication is started *auth_policy_check_after_auth*: Whether to do policy lookup after authentication is completed *auth_policy_report_after_auth*: Whether to report authentication result? This is great. However... in the setup where...

On 09/15/2018 10:41 AM, Aki Tuomi wrote: > Point of sending the success ones is to maintain whitelist as well as > blacklist so you know which ones you should not tarpit anymore. We > know it does scale as we have very large deployments using the whole > three request per login model. > > "Success" in a proxy which is not it self authenticating is only whether it know

Hi, I was looking into the new Authentication Policy feature: https://wiki2.dovecot.org/Authentication/Policy I had kinda hoped that I would be able to enfore this in a proxy running in front of several backends. This proxy does not authenticate. It use "nopassword". But I realize that the "succes" reported in the final authpolicy req. (command=report) is not what is

...sages using this code SKYPE_CHAT_RECEIVE(<account>,<from>,<timeout>),and where and how I should add this code in extensions.conf my chan_Skype.conf [Account] secret=XXXXXX context=from-pstn exten= Account disallow=all allow=g729 allow=alaw allow=slin allow=ulaw auth_policy=accept buddy_presence=yes direction=both ;auth_policy=ignore buddy_autoadd=true ;buddy_presence=no mohinterpret=default ;mohsuggest=none Regards Khaled Chehab NGN Eng. Description: xplorium Operations Office - Lebanon Office : +961 1 868686 ext 115...

...be nice to skip the auth policy (internal hosts that I can trust, > >> but > >>> that are hitting the same servers as the outside world). > >>> > >>> Is there any way to disable auth policy, possibly inside a remote{}? > >>> > >>> auth_policy_server_url complains that it can't be used inside a remote > >>> block, so no dice there. Anything I'm missing? > >> From my config: > >> ``` > >> allowed_subnets=newNetmaskGroup() > >> allowed_subnets:addMask('fe80::/64') > &gt...

...up in remote {} blocks) where > > it'd be nice to skip the auth policy (internal hosts that I can trust, > but > > that are hitting the same servers as the outside world). > > > > Is there any way to disable auth policy, possibly inside a remote{}? > > > > auth_policy_server_url complains that it can't be used inside a remote > > block, so no dice there. Anything I'm missing? > > From my config: > ``` > allowed_subnets=newNetmaskGroup() > allowed_subnets:addMask('fe80::/64') > allowed_subnets:addMask('127.0.0.0/8...

...> > > >> but > > > >>> that are hitting the same servers as the outside world). > > > >>> > > > >>> Is there any way to disable auth policy, possibly inside a > remote{}? > > > >>> > > > >>> auth_policy_server_url complains that it can't be used inside a > remote > > > >>> block, so no dice there. Anything I'm missing? > > > >> From my config: > > > >> ``` > > > >> allowed_subnets=newNetmaskGroup() > > > >>...

...) where >>> it'd be nice to skip the auth policy (internal hosts that I can trust, >> but >>> that are hitting the same servers as the outside world). >>> >>> Is there any way to disable auth policy, possibly inside a remote{}? >>> >>> auth_policy_server_url complains that it can't be used inside a remote >>> block, so no dice there. Anything I'm missing? >> From my config: >> ``` >> allowed_subnets=newNetmaskGroup() >> allowed_subnets:addMask('fe80::/64') >> allowed_subnets:addMas...

...r or not the PubSub server supports/is using ; auto-create for nodes. If it is, we have to ; explicitly pre-create nodes before publishing them. ; Default is 'no'. ;auth_policy=accept ; Auto accept users' subscription requests (default). ; Set to deny for auto denial. [gv](!) type=client serverhost=talk.google.com secret=<password> priority=25 port=5222 usetls=yes usesasl=yes status=available statusme...

...y (internal hosts that I can trust, > > >> but > > >>> that are hitting the same servers as the outside world). > > >>> > > >>> Is there any way to disable auth policy, possibly inside a remote{}? > > >>> > > >>> auth_policy_server_url complains that it can't be used inside a remote > > >>> block, so no dice there. Anything I'm missing? > > >> From my config: > > >> ``` > > >> allowed_subnets=newNetmaskGroup() > > >> allowed_subnets:addMask('...

When a caller calls my google voice phone number, I must answer, wait and press one to accept. Sometimes even that does not work. I have tried a few different things to get asterisk to place the call in an answered state and send the DTMF 1 with the Dial macro. I found Malcom Davenports wiki page regarding Google calling which has been very helpful in troubleshooting the issue.