Hello to all,
I am not an expert on Asterisk. Some concepts are not clear to me, and I am not completely clear.
Both for simplicity but also for security reasons, I would like to have the following configuration:
- Accounts for SIP REGISTER
- extension to define phones.
An account could authenticate itself from multiple phones.
In addition, the username of the account that is sent to the sip register could also be complex would increase the difficulty of an unauthorized REGISTER. Therefore, the attacker should guess the username (alphanumeric, instead of a banal internal number) and the password.
Is it possible to do that?
I miss the parameter username in pjsip, I thought it might help decouple number extension from authentication username.
Here is a sample:
[2001]
type=endpoint
context=phones
disallow=all
allow=ulaw
auth=2001-auth
aors=2001
[2001-auth]
type=auth
auth_type=userpass
password=mysecret
username=myusername
[2001]
type=aor
max_contacts=10
But this does not work. To work username must be valid 2001.
Thanks for your help.