VoIP gateway used without registration

I have an Asterisk connected to a Digium ISDN gateway, which I use to connect to another PBX locally. Everything is behind a firewall and on the same subnet.
I don’t use registration but have the gateway configured to talk to my Asterisk’s static private IP, instead of the gateway being a dynamic host registering to the Asterisk via username and password authentication.
I figured, as everything is static and local, I don’t need registration.

Would you agree, that this is a sufficient security practice?


The purpose of registration is to handle dynamic addresses not security.

insecure=invite serves no useful purpose if you have no security in the first place. remotesecret has made it largely redundant.

If you want to improve security, you should remove the insecure and add secret or secret and remotesecret, and make corresponding changes at the other side.

Make sure you explicitly turn of allowguest in the general section.