Solved

Asterisk Mystery Incoming

Posted on 2013-12-05
7
232 Views
Last Modified: 2013-12-07
I've just put 'fail2ban' on my asterisk box and it has cleared a constant stream of registration attempts, but this keeps coming up:
== Using SIP RTP CoS mark 5
[2013-12-05 17:05:54] NOTICE[29712]: chan_sip.c:22622 handle_request_invite: Call from '' (54.224.145.76:5076) to extension '+448458673552' rejected because extension not found in context 'CallsComingIn'.

Open in new window

I'm trying to work out what's happening.
The context 'CallsComingIn' is in the [general] section of sip.conf. There is no registration attempt, so is it a sip invite coming straight into port 5060 trying to dial an extension '+448458673552' and asterisk uses the 'CallsComingIn' context but can't match the extension?
0
Comment
Question by:Silas2
  • 4
  • 3
7 Comments
 
LVL 15

Expert Comment

by:Phonebuff
ID: 39699543
So is this a valid call not being handled, or is port 5060 wide open and someone is probing to see where they can call through you to ?  

I don't recognize your Context from the standard FreePBX builds,   What exactly are you supporting, a roll your own or one of the many ISO packages.

===============
0
 

Author Comment

by:Silas2
ID: 39700612
its rollyourown
No its not a valid call, it is 5060 wide open but it has to be open so the asterisk box can function doesn't i?
0
 

Author Comment

by:Silas2
ID: 39700619
I'm asking the question cos i think it exposing a glaring weakness in my knowledge (i'm only supporting this asterisk box for a tiddly number of users and the sip trunk provider has banned premium calls so there's nothing really at stake),
But what i don't understand is how/why are 5060 port call-initiations possible from a SIP extension which is not registered?
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
LVL 15

Expert Comment

by:Phonebuff
ID: 39701848
Well,

    If your external SIP is only your provider I would set rules in your firewall to only permit traffic to/for him on 5060.   You should always use White lists when possible.

    You can also do a catch all rule to Hangup for any attempt to make an incoming call to an undefined DID.

    Post your context within a code block an I will try and find time to look at it for you.

    ++++++++++++++
0
 

Author Comment

by:Silas2
ID: 39701876
Well  the SIP registrations are all over the place with dynamic IP's (they work from home) so a white list isn't really easy, unless you have a clever idea...

So it is true that a non-registered SIP extension can enter into a phone call with Asterisk thru 5060? (I thought the point of registering was for the uname/pwd security check)
0
 
LVL 15

Accepted Solution

by:
Phonebuff earned 250 total points
ID: 39701906
Well,

    I would use a PBXinaFlash build and Wards Travelingman3 for your project, as Ward as already built the magic into TravelingMan to handle roaming & Dynamic IP users.

    =======

  Yes, if you allow Guests and a number of other optional settings your system could route SIP traffic from 'Non Registered" sources.
0
 

Author Comment

by:Silas2
ID: 39702953
Ah, allowguest, that would seam to be what i'm missing...
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

So you think no one can listen in on your VOIP conversations, eh? Well... if you haven't setup Secure Real Time Transport (SRTP), your voice communications can be hacked into by just about anyone! First, let's talk about the intended audience for…
I recently purchased a Bluetooth headset called the Music Jogger (model BSH10). The control buttons on it look like this: One of my goals is to use it as the microphone and speakers for Skype calls. In that respect, it works well. However, I …
Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…
Learn how to create flexible layouts using relative units in CSS.  New relative units added in CSS3 include vw(viewports width), vh(viewports height), vmin(minimum of viewports height and width), and vmax (maximum of viewports height and width).

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now