<div dir="ltr"><div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small">Hi Alessandro,</div><div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small"><br></div><div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small">Beside allowed sources, you also need to add the IP to "trusted sources"... to avoid asking for authentication.</div><div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small">I ususally don't use patterns, and set Protocol to any (to allow for TCP fallback of the client, in case the SIP packet size exceeds the MTU)</div><div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small"><br></div><div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small">About your permanent registration, that is not going to work, you need something like sip:something@pbx.ip.ad.dr:5060</div><div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small">And if you need to send it over TCP, just add transport=tcp like: sip:something@pbx.ip.ad.dr:5060;transport=tcp</div><div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small">For asterisk peers this should work: <a href="http://sip:s@1.1.1.1:5060">sip:s@1.1.1.1:5060</a></div><div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small"><br></div><div class="gmail_extra"><br clear="all"><div><div class="gmail_signature"><div dir="ltr"><div><font face="tahoma, sans-serif"><br></font></div><div><font face="tahoma, sans-serif" style="background-color:rgb(255,255,255)">---</font></div><div><font face="tahoma, sans-serif" style="background-color:rgb(255,255,255)">Cumprimentos / Best regards</font></div><div><font face="tahoma, sans-serif" style="background-color:rgb(255,255,255)"><br></font></div><div><font face="tahoma, sans-serif" style="background-color:rgb(255,255,255)">Marco<br></font></div><div><span style="background-color:rgb(255,255,255)"><font face="tahoma, sans-serif"><div>---</div><br></font></span></div></div></div></div>
<br><div class="gmail_quote">On Mon, Oct 26, 2015 at 10:16 AM, Alessandro Bolletta <span dir="ltr"><<a href="mailto:alessandro@mediaspot.net" target="_blank">alessandro@mediaspot.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div lang="IT" link="#0563C1" vlink="#954F72">
<div>
<p class="MsoNormal">Hi,<u></u><u></u></p>
<p class="MsoNormal">I configured a customer’s Asterisk PBX as a subscriber with IP authentication instead of registration in this way, is it correct and secure? It is now currently working for my customer but I’m not really sure about security:<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">-under Subscriber -> subscriber’s Detail -> Preferences -> Trusted Source IP - > create<u></u><u></u></p>
<p class="MsoNormal">Source IP: PBX_IP_Address<u></u><u></u></p>
<p class="MsoNormal">Protocol: UDP<u></u><u></u></p>
<p class="MsoNormal">From-Pattern: ^sip:.*<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">- under Subscriber -> subscriber’s Detail -> Registered Device -> Create Permanent Registration<u></u><u></u></p>
<p class="MsoNormal">Contact: sip:pbx_ip_address:5060<u></u><u></u></p>
<p class="MsoNormal">Priority: 1<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
</div>
</div>
<br>_______________________________________________<br>
Spce-user mailing list<br>
<a href="mailto:Spce-user@lists.sipwise.com">Spce-user@lists.sipwise.com</a><br>
<a href="https://lists.sipwise.com/listinfo/spce-user" rel="noreferrer" target="_blank">https://lists.sipwise.com/listinfo/spce-user</a><br>
<br></blockquote></div><br></div></div>