Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Operator » Implementing dynamic host for SIP
  •  
tehpr0

Messages: 7
Karma: 0
Send a private message to this user
Hi Guys,

With the SIP trunk provider I use (Gradwell). They will forward SIP traffic from a large range of host addresses.

The way I have configured it to work is by adding SIP Interfaces from each reverse DNS address that I see traffic from when an authentication failure occurs. I add them as a 'link to another PBX' add the hostname and port 5060 and no authentication details, and press finish.

This will then allow traffic coming from a specific Gradwell address to ring my main call group.

My issue is that my inbound call routing table has about 70 inbound SIP interfaces defined and a single outbound.

http://hcd-1.imgbox.com/abr9Pvib.png?st=aNef8GQXgop23973-eag HQ&e=1376481013
http://hcd-1.imgbox.com/acegnFll.png?st=w-n-TBka8KnE9sp0TIuB 9w&e=1376481321

I was wondering, as I've been doing some messing about with WarVox and Asterisk recently, is that 'host=dynamic' under the SIP peer/client configuration in sip.conf can be defined. Is there any reason why this can't be defined for links to other PBXs for Kerio Operator?

It would make call routing tables a lot easier to manage for voip providers that don't use registration.
  •  
Vladimir Toncar (Kerio)

Messages: 1696
Karma: 39
Send a private message to this user
Hi,

host=dynamic is used if you expect a phone to register. Do you think it's suitable for external interfaces? What about security considerations?

Vladimir
  •  
tehpr0

Messages: 7
Karma: 0
Send a private message to this user
Hi Vladimir,

For my organisation in particular (security / penetration testing), we use Operator behind a firewall and source filter Gradwell's VoIP IP ranges.

So we know that any SIP and RTP traffic that gets to our Operator vm is trusted.

There are security implications, but the same issues would need to be addressed for any voip pbx system (Asterisk, Avaya, Cisco UCM or MS Lync) using a SIP trunk provider that will do round-robin SIP routing.

I think it would be an excellent feature to add, as long as the user is aware of the security issues when using this type of service.

Thanks

[Updated on: Wed, 14 August 2013 16:03]

Previous Topic: Upgrade to 2.1 crashes
Next Topic: KO 2.1.4
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Fri Sep 22 12:04:34 CEST 2017

Total time taken to generate the page: 0.00437 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.