Steve76
September 8, 2011, 3:52pm
1
Hi,
Up to know, I had into my sip.conf for security reasons : allowguest=no
I am using Virtualphoneline and I need to get “allowguest=yes” , in order to get the phone ringing…
Is there a way to allow phone calls from a list of IP addresses ? ( like allow=111.222.33…44 )
I would like to avoid leaving a hole of security in the system…
Any advise would be appreciate…
Ta.
Steve
abw1oim
September 8, 2011, 4:00pm
2
Take a look at the permit/deny directives for sip.conf.
Steve76
September 8, 2011, 4:55pm
3
Seems not to work.
I tried :
…
allowguest=no ; Allow or reject guest calls (default is yes)
allowsubscribe=yes
notifyringing=yes
limitonpeer=yes
notifyhold=yes
permit=67.19.199.170/255.255.255.255
This seems not to accept calls from 67.19.199.170
abw1oim
September 8, 2011, 5:11pm
4
It should work with
allowguest=yes
deny=0.0.0.0/0.0.0.0
permit=67.19.199.170/255.255.255.255
allow=<localnet>
You need to make sure, that every IP is permitted, which You will accept calls from/to.
Another approach would be using iptables instead and deny/permit port 5060-requests there.
Steve76
September 8, 2011, 7:18pm
5
do you think that I can list the IP adresses that I authorize ?
ex:
allowguest=yes
deny=0.0.0.0/0.0.0.0
permit=67.19.199.170/255.255.255.255
permit=56.15.25.223/255.255.255.255
permit=34.15.58.223/255.255.255.255
allow=