I am running Asterisk 1.2.26 (through Trixbox actually). How can I prevent clients (SIP phones in this case) from registering from the outside world? Someone brute forced a password for one of our phones and was making outbound calls.
I read that permit= can be used in sip.conf, but I don’t see a place to put this in the trixbox interface, and I think it will just get overwritten then. Is there a way to do it globally? I think there are some sip_* files I can edit that don’t get overwritten by trixbox.
I could not figure out where to put a permit= line (I searched my whole system, no sip_custom.conf file anywhere), so I just turned off pretty much everything on the firewall. That also prevents us from using softphones out in the field, and from allowing other voip users to call us directly, but it will work for now.
Yes, that would work for a short time - but since Trixbox writes out the config files every time I make a change (in FreePBX or whatever), it would get overwritten.
I think a later version of FreePBX has support for the permit= attribute. I’m not sure how to upgrade though, since I use Trixbox. I don’t know if I can just manually upgrade it, or if that will mess up other things.