Re: SimpleAuth for Registration

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Thank you, I may hold off on that and go for ip restrictions for now.

We do allow unregistered calls as a variety of sources connect to us. Some are registered to their own gatekeeper and others are standalone. Though they connect to many other entities so it's not feasible to require a registration.

At least that's been the idea so far.
On Wed, May 20, 2015 at 4:08 AM Jan Willamowius <jan@xxxxxxxxxxxxxx> wrote:
Hi,

your config snippet looks OK, but there are a few general things to
note:

Only checking RRQs will serve the purpose to avoid accidental
registrations, but if you allow unregistered calls
(AcceptUnregisteredCalls=1), everybody can still make calls, simply by
not registering anymore.

There are a lot of interoperability issues between different vendor
implementations of H.235.1 (the spec that specifies password
authentication). I'm working to add code to GnuGk to a.) implement the
spec properly and b.) add switches to deal with the various bugs in
vendor implementations, but thats a very slow moving process.

Regards,
Jan

--
Jan Willamowius, Founder of the GNU Gatekeeper Project
EMail  : jan@xxxxxxxxxxxxxx
Website: http://www.gnugk.org
Support: http://www.willamowius.com/gnugk-support.html

Relaxed Communications GmbH
Frahmredder 91
22393 Hamburg
Geschäftsführer: Jan Willamowius
HRB 125261 (Amtsgericht Hamburg)
USt-IdNr: DE286003584


Robert Edeker wrote:
> Hello,
>
> I'm trying to require auth for endpoint registrations and I thought I had
> it working with one device.  Now none of them can authenticate.
>
> Config is below where I generated the entry with 'addpasswd'.  Am primarily
> looking for user/pass auth vs IP so I can prevent external registrations
> via forwarded traffic and also handle internal DHCP devices.  (then setup
> the V2IU in a peer proxy/LAN mode to send calls to GK)
>
> ??
>
> [Gatekeeper::Auth]
> SimplePasswordAuth=required;RRQ
> default=allow
>
> [SimplePasswordAuth]
> myusername=...


------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
_______________________________________________________

Posting: mailto:Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx
Archive: http://sourceforge.net/mailarchive/forum.php?forum_name=openh323gk-users
Unsubscribe: http://lists.sourceforge.net/lists/listinfo/openh323gk-users
Homepage: http://www.gnugk.org/
------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud 
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
_______________________________________________________

Posting: mailto:Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx
Archive: http://sourceforge.net/mailarchive/forum.php?forum_name=openh323gk-users
Unsubscribe: http://lists.sourceforge.net/lists/listinfo/openh323gk-users
Homepage: http://www.gnugk.org/

[Index of Archives]     [SIP]     [Open H.323]     [Gnu Gatekeeper]     [Asterisk PBX]     [ISDN Cause Codes]     [Yosemite News]

  Powered by Linux