Inbound DID routing via SIP URI

chegers · May 26, 2014, 11:45am

Hello All,

This is my first post here and I am hoping someone might be able to help me. I have spent all bank holiday weekend trying to figure this out after searching pretty much every resource I can find on the internet.

Basically my DID provider TTNC (ttnc.co.uk) deliver calls via SIP to my PBX, they have the option to deliver calls using a URI containing a username and password e.g peer:password@pbxaddress

Because they use load balancing the calls do not originate from a single IP address, there is a pool of them that often change. However TTNC only provide subnet ranges not specific hosts sending SIP invites.

My question is, how could I configure my sip.conf to accept an incoming call using a SIP URI with a username and password when I do not know what the originating host is?

I have tried many different configurations including type=peer and type=user all to no avail. My PBX also has anonymous calls disabled.

Thanks in advance for your help.

Best Regards,
Greg

david55 · May 26, 2014, 11:56am

allowguest=yes, with a good firewall in front of it, or a peer for each address on the subnet.

The destination address becomes the extension.

chegers · May 26, 2014, 12:18pm

Hello David,

Thank you for your reply.

Is that the only way without using SIP Register? I would of thought using an authenticated SIP URI would work?

Best Regards,
Greg

david55 · May 26, 2014, 1:36pm

For that you want them to sent the URI in the From header, but I read it as that they are sending it as the request URI.

chegers · May 26, 2014, 7:42pm

I have dumped the SIP debug from asterisk, the username and password appear in the To: header not the From: header

You may see this below (full debug on pastebin pastebin.com/GvbD3wLp)

INVITE sip:user:password@pbx SIP/2.0
Via: SIP/2.0/UDP 84.45.107.53;rport;branch=z9hG4bKtg7cBF00UScKp
Max-Forwards: 13
From: “07811111111” sip:07811111111@84.45.107.53;tag=UU2aB4U63t3Za
To: sip:user:password@pbx
Call-ID: 16834edc-5fb0-1232-658f-0026b95a467f
CSeq: 60230476 INVITE
Contact: sip:mod_sofia@84.45.107.53:5060
User-Agent: TTNC VoIP Network
Allow: INVITE, ACK, BYE, CANCEL, OPTIONS, MESSAGE, UPDATE, INFO, REGISTER, REFER, NOTIFY
Supported: timer, precondition, path, replaces
Allow-Events: talk, refer
Content-Type: application/sdp
Content-Disposition: session
Content-Length: 291
X-FS-Support: update_display
Remote-Party-ID: “07811111111” sip:07811111111@84.45.107.53;party=calling;screen=yes;privacy=off

v=0
o=FreeSWITCH 1401115770 1401115771 IN IP4 84.45.107.53
s=FreeSWITCH
c=IN IP4 84.45.107.53
t=0 0
m=audio 17310 RTP/AVP 8 0 3 101 13
a=rtpmap:8 PCMA/8000
a=rtpmap:0 PCMU/8000
a=rtpmap:3 GSM/8000
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-16
a=rtpmap:13 CN/8000
a=ptime:20

Based on this is it possible to get the INVITE to authenticate rather than leaving allowguest=yes in the pbx config? I have some SIP extensions on dynamic IP’s which will be hard to firewall.

Thanks in advance.

Best Regards,
Greg

david55 · May 26, 2014, 7:57pm

No.

Lexus45 · June 8, 2014, 6:44pm

Hello, Chegers.

I have many cases like David55 described - single peer for each provider’s IP. There’s also a registration.
So, I register first , for example register=>username:pass@1.1.1.1

Then create several peers:

[code][…]
…
host=1.1.1.1

[…]
…
host=1.1.1.2

[…]
…
host=1.1.1.3[/code]

The provider gives the list of these IP addresses to me, so I know from what IP can the call come.
And a firewall of course. Though I do not accept guest calls.