'host=dynamic' is your problem - as this allows any IP address to register as that friend - assuming they know the password/username combination.
Why not simply have group 1 as 'secret=pass123' and group2 as 'secret=pass456'? Just don't tell group 1 uses the password for group 2 - and vice-versa! -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of peace keeper Sent: 22 July 2009 09:44 To: Asterisk Users Mailing List - Non-Commercial Discussion Subject: [asterisk-users] sip configuration masking the peers Hi all, I need to specify two groups of peers who are on two sub networks, the case is as follows: two groups of users (that are supposed to use the X-lite) group1 and group2, each group is on a sub network net1, and net2, respectively, each group has its own dial plan defined in the extension.conf, we have defined the peers in the sip.conf for both groups, and successfully made a call between two peers from the groups, but the idea is we need to prevent users from network1 to register as peers of group1, I suppose this would be a configuration solution, but I am afraid that do know what are the right needed configurations: here is definition of two peers each from different group: [1010] type=friend host=dynamic context=group1 secret=pass host=dynamic callerid=TestAccount<1010> vm Extension=test 1010 mailbox=1...@default nat=yes [2003] type=friend context=group2 secret=pass host=dynamic callerid=Account<2003> vm Extension=test 2003 mailbox=2...@default nat=yes each of group1 and group2 context are defined in the extension configuration as follows : exten => _2XXX,1,Dial(SIP/${EXTEN}) exten => _2XXX,n,Playback(unavailable) exten => _2XXX,n,Hangup() exten => _1XXX,1,Dial(SIP/${EXTEN}) exten => _1XXX,n,Playback(unavailable) exten => _1XXX,n,Hangup() in order the both groups can talk to each other, currentlly users in network1 can register as peer 2003 which is supposed to be allowed just for users from network2 , although this registration is supposed to be failed, any suggestions plz!! hope I made the scenario clear , any help would appreciated. Thanks in advance. _______________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
