Sip user agent

system · February 18, 2012, 9:03pm

i am using asterisk SVN-trunk-r355531 and want to restrict some phones to call with dialplan .
i found way to restric this with SIP USER AGENT of Predefined Channel Variables :

exten => _NXXNXXXXXX,n,GotoIf($["${SIPUSERAGENT}"!="Sipura/SPA1001-3.1.8(SEc)"]?hangup:continue)
exten => _NXXNXXXXXX,n(hangup),NoCDR()
exten => _NXXNXXXXXX,n,Hangup()
exten => _NXXNXXXXXX,n(continue),…
exten => _NXXNXXXXXX,n,…

but seems "${SIPUSERAGENT} values does not work …

is there similar way to block phones ?

sorry for bad english

david55 · February 18, 2012, 9:20pm

Why are you using a development version, rather than a production version?

There is no such variable defined in the trunk source code.

Are you trying to block certain brands? If so there is a function for obtaining the values of SIP headers, SIP_HEADER(), and there is a function for obtaining information about a peer, SIP_PEER().

Otherwise, you should be making sure allowguest = no, and choosing appropriate contexts.

system · February 18, 2012, 9:50pm

thanks david55,
yes . i want to block certain brands.
I had problem with SSL/SRTP , after this , when i configured certificates , I notised that phones like BLINK , PHONERLITE and etc … registered w/o certificate. I have not installed certificates , but they registered and called well.

my config was :

[100]
type=friend
context=somecontest
host=dynamic
nat=no
secret=1234
dtmfmode=rfc2833
disallow=all
allow=ulaw
transport=tls
encryption=yes

then i wanted to block all softphone else conuterpath eyebeam.

that’s all

system · February 19, 2012, 4:18pm

is there some way to block phone registration if client does not have a root certificate ?

david55 · February 19, 2012, 9:40pm

I presume you also want to block invites.
I presume you mean a client with a certificate which cannot be traced to a root certificate you hold, as it would rather strange for a client to actually use a self signed certificate.

I seem to remember a recent question about how to accept a self signed certificate, so I would have though that this was default behaviour.

Do you have allowguest defaulting to yes, by any chance?

system · February 20, 2012, 9:20am

my allowguest is set to NO.

I have a asterisk server . I configured SSL/SRP and want to register and call only the phones which have my certificate installed. and all other phones will be rejected .
but i dont know how to configure this.

if you can help me , i will be very grateful

Topic		Replies	Views
Hide caller's id Asterisk Dialplan	6	2240	August 28, 2019
Help with extensions.conf Asterisk Support	2	272	November 27, 2013
Simple bit of dialplan to get IP address of anon callers Asterisk Support	3	704	January 16, 2014
Advanced Dial Plan Asterisk Support	3	621	October 27, 2007
Dialplan patterns Asterisk Support	3	398	March 11, 2015

Sip user agent

Related topics