>>> so the main question is -- how to Disallow CALLS without registering >>> on PBX
> In fact, I'm not sure that it's actually possible to disallow [authenticated] > calls from a peer that hasn't registered! > > As far as I can tell, 'registration' was never intended to be part of the > authentication process. It's sole purpose is to inform the PBX as to the > current location of the endpoint. I suspect this means that what the OP is > asking for cannot be achieved with the current code bases. > > But each time I'm proven wrong I learn something, so if I'm wrong then please > by all means correct me! :) I think your understanding is largely correct... although I do believe it _is_ possible to achieve what the original poster wants, with a bit of dialplan trickery. I think you're correct, in that registration of a peer (using proper credentials) is not normally necessary in order for that peer to be able to place a call (again, with those same valid credentials). The "ingoing" and "outgoing" aspects of a peer are fundamentally separate... and that's why there's no option which requires registration to make a call. The way you're "supposed to" prevent unauthorized calls, is to make sure that each peer has valid (unique, cryptographically-strong) credentials (i.e. a proper password). The peer has to prove that it has these when it places a call - and, so, registration per se is irrelevant. As long as you don't allow anonymous calls to be placed, you should be OK. Now, there probably _is_ a way to force specific peers to register prior to placing a call, if that's what you really want to do (although I would ask "Why?" to anyone who wants to do things this way). The way I would do it, in Asterisk, is: - Turn on "qualify", so that Asterisk will check each registered peer periodically and confirm that it's still on-line. Using a modest registration timeout (a few minutes) is probably also beneficial. - Create a new dialplan context, which will be used as the initial context for all of these peers when they try to place a call. Specify this context in the definition of each such peer. - In this call-placing context, have a single ruleset which matches all numbers being dialed. - In this ruleset, retrieve the name of the peer placing the call (I think it's CHANNEL(peername) but I could be wrong). - Test the peer's SIP status with SIPPEER($peername:status) and see if it's OK. If so, the peer is registered - jump to another rule or ruleset which dials the requested number. If not, reject the call, or play a polite (or rude) message which explains that unregistered phones may not place calls. -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- Check out the new Asterisk community forum at: https://community.asterisk.org/ New to Asterisk? Start here: https://wiki.asterisk.org/wiki/display/AST/Getting+Started asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
