Configuring Asterisk To Use SIP Credentials
This information does not pertain to SIP Trunking customers
To configure Asterisk to use your SIP credentials, please use the settings below. You can find description of the settings at the bottom of the page.
- Please keep in mind that Asterisk is an open-source third-party program. As such this information is provided as a convenience and reference only. Phone Power will not offer any technical support for your hand-configured device(s), and is not liable for any calls placed using your credentials. For this reason we highly recommend securing your firewall
- Phone Power will continue to offer normal support for all auto-provisioning devices, including Phone Power supplied phone adapters, softphones, zippyphones, BYOD devices that use Phone Power’s auto provisioning system, etc.
• There will be other bits here but the following value should be changed
[general]
defaultexpiry=3600
• This will register your line to PhonePower and make it available via extensions.conf as [[SIP User ID]]
register =>[[Auth ID]]:[SIP Password]]@[[Proxy]]/[[SIP User ID]]
• This defines the peer.
[phonepower-sip]
type=peer
context=from-trunk
insecure=very In the event you are not receiving incoming calls change this to insecure=invite
nat=never
dtmfmode=inband
username=[[SIP User ID]]
secret=[[SIP Password]]
authuser=[[Auth ID]]
host=[[Proxy]]
fromuser=[[SIP User ID]]
fromdomain=[[Proxy]]
maxexpiry=3600
minexpiry=30
disallow=all
allow=uLaw
allow=g729
|
Setting |
Value |
Description |
|
Peer |
|
This defines the peer |
|
defaultexpiry |
3600 |
Default duration (in seconds) of incoming/outgoing registration. |
|
|
|
This will register your line to Phone Power and make it available via extensions.conf as |
|
type |
peer |
peer is used because it is a bi-directional channel |
|
context |
from-trunk |
context for calls originating here |
|
insecure |
very |
If this is not set inbound calls will not work |
|
nat |
never |
Our border elements will handle this. Configuring NAT traversal will break more than it fixes |
|
dtmfmode |
inband |
In our experience in-band DTMF with asterisk was much more reliable than RFC2833 |
|
username |
|
Obtain from SIP Credentials page |
|
secret |
|
Obtain from SIP Credentials page |
|
authuser |
|
Obtain from SIP Credentials page |
|
host |
This is the IP address of our SIP server | |
|
fromuser |
|
Obtain from SIP Credentials page |
|
fromdomain |
This is the IP address of our SIP server | |
|
maxexpiry |
3600 |
Max duration (in seconds) of incoming registration we allow. |
|
minexpiry |
30 |
Min duration (in seconds) of incoming registration we allow. |
|
disallow |
all |
You need to disallow=all before you can use allow |
|
allow |
uLaw |
Allow codecs in order of preference |
|
allow |
g729 |
Allow codecs in order of preference. |
IP Tables
- It is strongly recommended that IP tables be configured as well to prevent unauthorized access. The following is a rudimentary firewall config for an Asterisk server with a single network interface. As always this is for expert users only.
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A INPUT –p tcp –dport 22 -j ACCEPT
iptables -A INPUT -s 192.168.0.0/16 -j ACCEPT
iptables -A INPUT –s 172.16.0.0/12 -j ACCEPT
iptables -A INPUT -s 10.0.0.0/8 -j ACCEPT
iptables -A INPUT -s [[Proxy]] -j ACCEPT
iptables -A INPUT -j DROP
