Extension dialing itself

This issue took place on several installations of asterisk in different environments. Every couple of weeks every extension gets a call from, supposedly, itself. Would anyone know the issue or how to troubleshoot it?

Thanks in advance

You must post your CLI output, in order we can diagnose this issue properly. Also this could be due to callfile, cronjob …

It could also be an external attack getting into your Asterisk trying to place calls.

I missed that part, Please set allowguest=no in your sip.conf and this could be solve the issue

It appears someone was trying out different extensions. They came in through sip trunk context. How were they able to dial an extension when this dialplan receives calls for sip trunk registered users?

[Jul 4 17:05:03] NOTICE[14872][C-000012aa] chan_sip.c: Call from ‘’ (188.138.68.43:6144) to extension ‘991’ rejected because extension not found in context ‘from-flowroute’.
[Jul 4 17:05:03] NOTICE[14872][C-000012ab] chan_sip.c: Call from ‘’ (188.138.68.43:6144) to extension ‘992’ rejected because extension not found in context ‘from-flowroute’.
[Jul 4 17:05:03] NOTICE[14872][C-000012ac] chan_sip.c: Call from ‘’ (188.138.68.43:6144) to extension ‘993’ rejected because extension not found in context ‘from-flowroute’.
[Jul 4 17:05:03] NOTICE[14872][C-000012ad] chan_sip.c: Call from ‘’ (188.138.68.43:6144) to extension ‘994’ rejected because extension not found in context ‘from-flowroute’.
[Jul 4 17:05:03] NOTICE[14872][C-000012ae] chan_sip.c: Call from ‘’ (188.138.68.43:6144) to extension ‘995’ rejected because extension not found in context ‘from-flowroute’.
[Jul 4 17:05:03] NOTICE[14872][C-000012af] chan_sip.c: Call from ‘’ (188.138.68.43:6144) to extension ‘996’ rejected because extension not found in context ‘from-flowroute’.
[Jul 4 17:05:03] NOTICE[14872][C-000012b0] chan_sip.c: Call from ‘’ (188.138.68.43:6144) to extension ‘997’ rejected because extension not found in context ‘from-flowroute’.

Is easier to help you , if you show your sip.conf file

;
; SIP Configuration
;

[general]
disallow=all
;allow=h263p
;allow=h263
allow=alaw
allow=ulaw
allow=speex ; for RTMP
context=from-flowroute
dtmfmode=rfc2833
srvlookup=yes
tcpenable=no
session-timers=refuse
externip=192.168.5.16
localnet=192.168.0.0/16
nat=force_rport,comedia
bindport=5060

register => usernum:pass@sip.flowroute.com

[flowroute]
type=peer
sendrpid=yes
;type=friend
context=from-flowroute
host=sip.flowroute.com
fromdomain=sip.flowroute.com
defaultuser=usernum
;user=usernum
fromuser=usernum
secret=pass
insecure=port,invite
;allow=ulaw
canreinvite=yes
videosupport=no
qualify=yes
dtmfmode=rfc2833

[999]
context=ivr
type=friend
user=999
secret=password
host=dynamic
dtmfmode=rfc2833
insecure=invite,port
canreinvite=no
qualify=yes
disallow=all
allow=ulaw
nat=force_rport,comedia

[899]
context=ivr
type=friend
user=899
secret=password
host=dynamic
dtmfmode=rfc2833
insecure=invite,port
canreinvite=no
qualify=yes
disallow=all
allow=ulaw
nat=force_rport,comedia

[1001]
context=ld2-users
type=friend
user=1001
secret=password
host=dynamic
callerid=“John Doe” <1001>
regexten=1001
dtmfmode=rfc2833
insecure=invite,port
canreinvite=no
qualify=yes
pickupgroup=1
callgroup=1
mailbox=1001@VoiceMail
nat=force_rport,comedia
disallow=all
allow=ulaw

[1002]
context=ld1-users
type=friend
user=1002
secret=password
host=dynamic
callerid=“Jane Doe” <1002>
regexten=1002
dtmfmode=rfc2833
insecure=invite,port
canreinvite=yes
qualify=yes
pickupgroup=1
callgroup=1
mailbox=1002@VoiceMail
nat=force_rport,comedia
disallow=all
allow=ulaw

[1003]
context=ld1-users
type=friend
user=1003
secret=password
host=dynamic
callerid=“Jane Doe” <1003>
regexten=1003
dtmfmode=rfc2833
insecure=invite,port
canreinvite=yes
qualify=yes
pickupgroup=1
callgroup=1
mailbox=1003@VoiceMail
nat=force_rport,comedia
disallow=all
allow=ulaw

Change the context on your general setting or disallow guest call adding

[general]
allowguest=no
context=public

assuming the public context will be the context who handle unauthenticated calls

also put alwaysauthreject=yes

[general]
allowguest=no
context=public
alwaysauthreject=yes