[Freeswitch-users] Inbound DID trunk without authentication

Cal Leeming [Simplicity Media Ltd] cal.leeming at simplicitymedialtd.co.uk
Thu Nov 29 14:40:30 MSK 2012 

Hi Gregor,

I have to admit, every time I've tried using ACLs for inbound
authentication (i.e. an inbound DID), it always gave me the same damn error
(rejected by ACL 'domains' etc).

I've searched endlessly for a reason why, but couldn't seem to find a
combination of variables that worked.

I figured that it must be working else everyone would be complaining, and
that my own lack of knowledge/experience with FreeSWITCH meant I was
getting something fundamentally wrong in the config.

So, I removed ACLs, threw up an iptables rule and put a TODO in the project
plan to fix ACLs before release lol.

I'll have another look at this, and see if I can figure out wtf I'm doing
wrong.

This may/may not be the same problem your having, but I'll report back
either way and hopefully it'll help!

Cal


On Thu, Nov 29, 2012 at 11:15 AM, Gregor Nanger <gregor at infomedia.si> wrote:

> I thought that just set acl and set in /sip_profiles/external.xml <param
> name="apply-inbound-acl" value="testdid"/> would solve this, but it
> doesn't working.
>
> Trunk DID provider I am using is sending calls to FS. Now I just want to
> get this calls into public dialplan based only on IP, not authorization. :-(
>
>
>
> 2012/11/29 Sanjay Soni <ssoni at lifesize.com>
>
>> I was getting similar problem and modifying acl.conf didn't work for me.
>> What work for me was modifying sip_profiles/internal.xml and
>> sip_profiles/external.xml with Either
>> param name="local-network-acl" value="localnet.auto" - For Private IPs
>> (This is default)
>> Or
>> param name="candidate-acl" value="wan.auto"
>> param name="local-network-acl" value="localnet.auto" - For Public IPs.
>>
>>
>>
>> -----Original Message-----
>> From: freeswitch-users-bounces at lists.freeswitch.org [mailto:
>> freeswitch-users-bounces at lists.freeswitch.org] On Behalf Of Paul Cupis
>> Sent: 29 November 2012 16:02
>> To: FreeSWITCH Users Help
>> Subject: Re: [Freeswitch-users] Inbound DID trunk without authentication
>>
>> On Thu, Nov 29, 2012 at 09:36:25AM +0100, Gregor Nanger wrote:
>> >    in acl.conf.xml i add:
>> >
>> >    <list name="testdid" default="deny">
>> >    <node type="allow" cidr="xxx.xxx.xxx.xxx/32"/>
>> >    </list>
>>
>> >    What I see in console I keep getting rejected by ACL "domains"
>> >
>> >    If I understand correctly if IP of inbound call is in ACL then call
>> is
>> >    transfered to public dialplan?
>> >
>> >    I need this gateway only for inbound calls.
>>
>> Try adding:
>>
>>    <node type="allow" cidr="xxx.xxx.xxx.xxx/32"/>
>>
>> into the existing stanza in acl.conf.xml which starts with:
>>
>>    <list name="domains" ...
>>
>> as this is the ACL which your SIP profile seems to be using to
>> authenticate
>> incoming calls.
>>
>> Regards,
>>
>>
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services:
>> consulting at freeswitch.org
>> http://www.freeswitchsolutions.com
>>
>> 
>> 
>>
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://wiki.freeswitch.org
>> http://www.cluecon.com
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>>
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services:
>> consulting at freeswitch.org
>> http://www.freeswitchsolutions.com
>>
>> 
>> 
>>
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://wiki.freeswitch.org
>> http://www.cluecon.com
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>>
>
>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> 
> 
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://wiki.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20121129/b9894929/attachment.html

Join us at ClueCon 2011 Aug 9-11, 2011
More information about the FreeSWITCH-users mailing list