how to secure vicidial server
Posted: Thu Dec 03, 2009 8:54 amHi mflorell,
I have two vicidial servers server-1 and server-2.
server-1 is in statsic Ip
If i register to a sip user in server2 from my x-lite and dial "121277XXXXX@serv-1 Ip address" then the call hits server-1 and it get dialed through my Default context and call is getting established with any authentication or registration to server-1.
please can u tell me how to secure my vicidial server from unauthorized callers likr this.
***************************************
1.My server-2 extensions.conf
general]
static=yes
writeprotect=no
directrtpsetup=yes
[globals]
CONSOLE=Console/dsp ; Console interface for demo
[default]
include => outgoing
;our exten
[outgoing]
exten => 600,1,Ringing ; call ringing
;exten => 2102475077,2,Wait(1) ; Wait 1 second for CID delivery from PRI
exten => 600,2,Dial(SIP/113,25,tTo)
exten => _1XX,1,Dial(SIP/${EXTEN:0},30,tTo,r);
exten => _1XX,2,Hangup();
exten => _1XXXXXXXXXX,1,Dial(SIP/${EXTEN}@voip,45,tTo,r);
exten => _1XXXXXXXXXX,2, Hangup();
*************************************************************
2/Mysip.conf for server-2
[general]
port = 5060
bindaddr = 0.0.0.0
deny=0.0.0.0/0.0.0.0
;context = default
allowguest=no
insecure=no
; register SIP account on remote machine if using SIP trunks
register => 243xxxx:616xxx@202.xx.xx.xx
[voip]
disallow=all
allow=ulaw
allow=alaw
allow=g729
type=friend
username=2432xxxx
secret=6169xxxxx
fromuser=2432xxxxx
authuser=2432xxx
host=202.91.xx.xx
qualify=1000
context=outgoing
insecure=no
[111]
disallow=all
allow=ulaw
allow=alaw
allow=g729
type=friend
username=111
secret=111
host=dynamic
nat=yes
qualify=1000
********************************
3.CLI result in server-2 when call hits from server-1
-- Got SIP response 603 "Declined (no dialog)" back from 122.166.15.149
-- Executing [12127773456@default:1] Dial("SIP/111-00000025", "SIP/12127773456@voip|45|tTo|r") in new stack
-- Called 12127773456@voip
-- SIP/voip-00000026 answered SIP/111-00000025
*****************************************************
Please help me to secure my server
I have two vicidial servers server-1 and server-2.
server-1 is in statsic Ip
If i register to a sip user in server2 from my x-lite and dial "121277XXXXX@serv-1 Ip address" then the call hits server-1 and it get dialed through my Default context and call is getting established with any authentication or registration to server-1.
please can u tell me how to secure my vicidial server from unauthorized callers likr this.
***************************************
1.My server-2 extensions.conf
general]
static=yes
writeprotect=no
directrtpsetup=yes
[globals]
CONSOLE=Console/dsp ; Console interface for demo
[default]
include => outgoing
;our exten
[outgoing]
exten => 600,1,Ringing ; call ringing
;exten => 2102475077,2,Wait(1) ; Wait 1 second for CID delivery from PRI
exten => 600,2,Dial(SIP/113,25,tTo)
exten => _1XX,1,Dial(SIP/${EXTEN:0},30,tTo,r);
exten => _1XX,2,Hangup();
exten => _1XXXXXXXXXX,1,Dial(SIP/${EXTEN}@voip,45,tTo,r);
exten => _1XXXXXXXXXX,2, Hangup();
*************************************************************
2/Mysip.conf for server-2
[general]
port = 5060
bindaddr = 0.0.0.0
deny=0.0.0.0/0.0.0.0
;context = default
allowguest=no
insecure=no
; register SIP account on remote machine if using SIP trunks
register => 243xxxx:616xxx@202.xx.xx.xx
[voip]
disallow=all
allow=ulaw
allow=alaw
allow=g729
type=friend
username=2432xxxx
secret=6169xxxxx
fromuser=2432xxxxx
authuser=2432xxx
host=202.91.xx.xx
qualify=1000
context=outgoing
insecure=no
[111]
disallow=all
allow=ulaw
allow=alaw
allow=g729
type=friend
username=111
secret=111
host=dynamic
nat=yes
qualify=1000
********************************
3.CLI result in server-2 when call hits from server-1
-- Got SIP response 603 "Declined (no dialog)" back from 122.166.15.149
-- Executing [12127773456@default:1] Dial("SIP/111-00000025", "SIP/12127773456@voip|45|tTo|r") in new stack
-- Called 12127773456@voip
-- SIP/voip-00000026 answered SIP/111-00000025
*****************************************************
Please help me to secure my server