Solved

Asterisk Mystery Incoming

Posted on 2013-12-05
7
229 Views
Last Modified: 2013-12-07
I've just put 'fail2ban' on my asterisk box and it has cleared a constant stream of registration attempts, but this keeps coming up:
== Using SIP RTP CoS mark 5
[2013-12-05 17:05:54] NOTICE[29712]: chan_sip.c:22622 handle_request_invite: Call from '' (54.224.145.76:5076) to extension '+448458673552' rejected because extension not found in context 'CallsComingIn'.

Open in new window

I'm trying to work out what's happening.
The context 'CallsComingIn' is in the [general] section of sip.conf. There is no registration attempt, so is it a sip invite coming straight into port 5060 trying to dial an extension '+448458673552' and asterisk uses the 'CallsComingIn' context but can't match the extension?
0
Comment
Question by:Silas2
  • 4
  • 3
7 Comments
 
LVL 15

Expert Comment

by:Phonebuff
ID: 39699543
So is this a valid call not being handled, or is port 5060 wide open and someone is probing to see where they can call through you to ?  

I don't recognize your Context from the standard FreePBX builds,   What exactly are you supporting, a roll your own or one of the many ISO packages.

===============
0
 

Author Comment

by:Silas2
ID: 39700612
its rollyourown
No its not a valid call, it is 5060 wide open but it has to be open so the asterisk box can function doesn't i?
0
 

Author Comment

by:Silas2
ID: 39700619
I'm asking the question cos i think it exposing a glaring weakness in my knowledge (i'm only supporting this asterisk box for a tiddly number of users and the sip trunk provider has banned premium calls so there's nothing really at stake),
But what i don't understand is how/why are 5060 port call-initiations possible from a SIP extension which is not registered?
0
How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

 
LVL 15

Expert Comment

by:Phonebuff
ID: 39701848
Well,

    If your external SIP is only your provider I would set rules in your firewall to only permit traffic to/for him on 5060.   You should always use White lists when possible.

    You can also do a catch all rule to Hangup for any attempt to make an incoming call to an undefined DID.

    Post your context within a code block an I will try and find time to look at it for you.

    ++++++++++++++
0
 

Author Comment

by:Silas2
ID: 39701876
Well  the SIP registrations are all over the place with dynamic IP's (they work from home) so a white list isn't really easy, unless you have a clever idea...

So it is true that a non-registered SIP extension can enter into a phone call with Asterisk thru 5060? (I thought the point of registering was for the uname/pwd security check)
0
 
LVL 15

Accepted Solution

by:
Phonebuff earned 250 total points
ID: 39701906
Well,

    I would use a PBXinaFlash build and Wards Travelingman3 for your project, as Ward as already built the magic into TravelingMan to handle roaming & Dynamic IP users.

    =======

  Yes, if you allow Guests and a number of other optional settings your system could route SIP traffic from 'Non Registered" sources.
0
 

Author Comment

by:Silas2
ID: 39702953
Ah, allowguest, that would seam to be what i'm missing...
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

The Zaptel people (www.zaptel.com) got kind of annoyed with the fact that they were getting bombarded with searches for the zaptel driver system for Asterisk (not to mention they own the trademark on zaptel). So, they kindly requested that Digium ch…
There are no good configuration guides for HP-H3C router to LYNC on the web. :( Big statement, but we havent been able to find one yet. We did find the following document useful, but the information was not enough to use H3C router for use as a L…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now