tycho
Guru (not...)
- Joined
- Aug 9, 2011
- Messages
- 652
- Reaction score
- 272
TL/DR: It works, but have I done something stupid?
I've mostly used PIAF for casual, hobbyist, home outbound calling. My previous forays into tinkering with inbound calling to my PBX via registered DIDs predate the IPTables whitelisting adopted in Incredible PBX. I want to make sure I am going about things correctly, and understand how the following interrelate: IPTables; the Trunk Registration Register String; "Allow SIP Guests" and "Allow Anonymous Inbound SIP Calls."
I'm running this:
I want to add an IPComms DID, and have it route to the current, single extension.
I have added the IP address of IPComms to the IPTables whitelist via /root/add-ip, and verified that it is there.
Via the FreePBX GUI I created a trunk for IPComms with only the registration string in the format:
I have the single, default, inbound route pointing to the single extension.
It works as anticipated, but to get it to work I have to turn both "Allow SIP Guests" and "Allow Anonymous Inbound SIP Calls" ON. My past experience has been that doing so is a "bad thing." But does the IPTables whitelist now make it an "ok thing?"
If I turn "Allow SIP Guests" OFF and have "Allow Anonymous Inbound SIP Calls" ON, inbound calls simply ring on the caller's end and do not reach the extension.
If I turn "Allow SIP Guests" ON and have "Allow Anonymous Inbound SIP Calls" OFF, inbound calls ring once and get Allison's "the number you have dialed is not in service..." Log reflects this:
I've mostly used PIAF for casual, hobbyist, home outbound calling. My previous forays into tinkering with inbound calling to my PBX via registered DIDs predate the IPTables whitelisting adopted in Incredible PBX. I want to make sure I am going about things correctly, and understand how the following interrelate: IPTables; the Trunk Registration Register String; "Allow SIP Guests" and "Allow Anonymous Inbound SIP Calls."
I'm running this:
Incredible PBX 11.12.0 for Pogoplug 4
Asterisk: UP Web Server: UP MySQL: UP
EximMail: UP IPtables: UP SSH: UP
LAN eth0: UP NTP: UP SAMBA: UP
RAM: 112M Debian 7 (wheezy) Disk:5.1G
Asterisk 11.12.0 FreePBX 2.11.0.30
Private IP: 192.168.2.XXX
Public IP: XXX.XXX.XXX.XXX
System Time: Mon Sep 29 21:39:41 CDT 2014
I want to add an IPComms DID, and have it route to the current, single extension.
I have added the IP address of IPComms to the IPTables whitelist via /root/add-ip, and verified that it is there.
Via the FreePBX GUI I created a trunk for IPComms with only the registration string in the format:
myusername:[email protected]/myusername
I have the single, default, inbound route pointing to the single extension.
It works as anticipated, but to get it to work I have to turn both "Allow SIP Guests" and "Allow Anonymous Inbound SIP Calls" ON. My past experience has been that doing so is a "bad thing." But does the IPTables whitelist now make it an "ok thing?"
If I turn "Allow SIP Guests" OFF and have "Allow Anonymous Inbound SIP Calls" ON, inbound calls simply ring on the caller's end and do not reach the extension.
If I turn "Allow SIP Guests" ON and have "Allow Anonymous Inbound SIP Calls" OFF, inbound calls ring once and get Allison's "the number you have dialed is not in service..." Log reflects this:
WARNING[5198][C-00000063]: Ext. s:6 @ from-sip-external: "Rejecting unknown SIP connection from 64.154.41.158"