I have an Asterisk connected to a Digium ISDN gateway, which I use to connect to another PBX locally. Everything is behind a firewall and on the same subnet.
I don’t use registration but have the gateway configured to talk to my Asterisk’s static private IP, instead of the gateway being a dynamic host registering to the Asterisk via username and password authentication.
I figured, as everything is static and local, I don’t need registration.
Would you agree, that this is a sufficient security practice?
[G100]
host=10.1.1.185
type=peer
insecure=invite
context=from-internal