Solved

Asterisk Mystery Incoming

Posted on 2013-12-05
7
234 Views
Last Modified: 2013-12-07
I've just put 'fail2ban' on my asterisk box and it has cleared a constant stream of registration attempts, but this keeps coming up:
== Using SIP RTP CoS mark 5
[2013-12-05 17:05:54] NOTICE[29712]: chan_sip.c:22622 handle_request_invite: Call from '' (54.224.145.76:5076) to extension '+448458673552' rejected because extension not found in context 'CallsComingIn'.

Open in new window

I'm trying to work out what's happening.
The context 'CallsComingIn' is in the [general] section of sip.conf. There is no registration attempt, so is it a sip invite coming straight into port 5060 trying to dial an extension '+448458673552' and asterisk uses the 'CallsComingIn' context but can't match the extension?
0
Comment
Question by:Silas2
  • 4
  • 3
7 Comments
 
LVL 15

Expert Comment

by:Phonebuff
ID: 39699543
So is this a valid call not being handled, or is port 5060 wide open and someone is probing to see where they can call through you to ?  

I don't recognize your Context from the standard FreePBX builds,   What exactly are you supporting, a roll your own or one of the many ISO packages.

===============
0
 

Author Comment

by:Silas2
ID: 39700612
its rollyourown
No its not a valid call, it is 5060 wide open but it has to be open so the asterisk box can function doesn't i?
0
 

Author Comment

by:Silas2
ID: 39700619
I'm asking the question cos i think it exposing a glaring weakness in my knowledge (i'm only supporting this asterisk box for a tiddly number of users and the sip trunk provider has banned premium calls so there's nothing really at stake),
But what i don't understand is how/why are 5060 port call-initiations possible from a SIP extension which is not registered?
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 15

Expert Comment

by:Phonebuff
ID: 39701848
Well,

    If your external SIP is only your provider I would set rules in your firewall to only permit traffic to/for him on 5060.   You should always use White lists when possible.

    You can also do a catch all rule to Hangup for any attempt to make an incoming call to an undefined DID.

    Post your context within a code block an I will try and find time to look at it for you.

    ++++++++++++++
0
 

Author Comment

by:Silas2
ID: 39701876
Well  the SIP registrations are all over the place with dynamic IP's (they work from home) so a white list isn't really easy, unless you have a clever idea...

So it is true that a non-registered SIP extension can enter into a phone call with Asterisk thru 5060? (I thought the point of registering was for the uname/pwd security check)
0
 
LVL 15

Accepted Solution

by:
Phonebuff earned 250 total points
ID: 39701906
Well,

    I would use a PBXinaFlash build and Wards Travelingman3 for your project, as Ward as already built the magic into TravelingMan to handle roaming & Dynamic IP users.

    =======

  Yes, if you allow Guests and a number of other optional settings your system could route SIP traffic from 'Non Registered" sources.
0
 

Author Comment

by:Silas2
ID: 39702953
Ah, allowguest, that would seam to be what i'm missing...
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ever wanted to query Cisco Call Manager CDR records from MS SQL Server? Here's how! CUCM can be configured to upload a CDR file to a given FTP server every minute. This article will show you how to set this up, schedule the import of this data an…
As companies replace their old PBX phone systems with Unified IP Communications, many are finding out that legacy applications such as fax do not work well with VoIP. Fortunately, Cloud Faxing provides a cost-effective alternative that works over an…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
In an interesting question (https://www.experts-exchange.com/questions/29008360/) here at Experts Exchange, a member asked how to split a single image into multiple images. The primary usage for this is to place many photographs on a flatbed scanner…

680 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question