Hi All,
Using Asterisk 16.11.1 (with pjsip) and just wondered if there is a way to stop direct access via the servers IP address and force registration to happen via FQDN only.
Any advice would be much appreciated.
Thanks 
That’s not really something you can do, as a FQDN is resolved to an IP address in order to reach a server.
What are you trying to accomplish?
Keep IP range scanners from finding your server? Maybe a iptables ‘white list’ or fail2ban would be of use?
Hi All,
thanks for replying so soon 
Should of explained the setup. Am trying to stop a reg happening via IP because i have 2 identical asterisk servers in a failover setup on different public IP address’s. I only want a reg to happen via the FQDN, I don’t want the secondary backup server being used. The FQDN will automatically point to the secondary server when the primary is offline.
I believe this can be done with http with a proxy just wondering if asterisk can do it with SIP -
Ell
As theoretically pjsip support multidomain, if your endpoint is 1000 and your domain is domain.org in a endpoint type block:
type=endpoint
…
With this change, the users can register only over your domain.
1 Like
Could you elaborate more or show an example of how this would be written in a pjsip.conf file? it would much appreciated as this issue is something i’ve been trying to solve for a while.
Thanks Ell
Somethink Like:
[````]
type=endpoint
context=internal
disallow=all
allow=ulaw
auth=auth6001
aors=``6001
[auth6001]
type=auth
auth_type=userpass
password=``6001
username=``6001
[``6001``]
type=aor
max_contacts=``1
This configuration had a BUG:
The last time I tried it on the latest Asterisk 16 version, works.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.