Iscriviti   Guestbook   Immagini   Forum   Download   Mappa   1403 utenti on line 
Italiano
Asterisk Italia PBX Voice Over IP Community Italiana
MENU
Home Page
Architettura
Caratteristiche
La Tecnologia SIP
CONFIGURAZIONI
Asterisk con FWD
Festival
Extensions
Asterisk con MySQL
RISORSE
Comandi Applicazione
Extensions
VoiceMail
Zapata Example
Modules
Etc/ZapTel
AGI
MailBox Management
Billing con Asterisk
Manager
ZapTEL.Conf
ZapTEL Installazione
Zapata.Conf
Fax Ricezione
Fax in Email
Variabili di Asterisk
Parcheggio Chiamate
STATO Analisi e GOTO
IAX Configuration
Cisco 7960 Configurazioni
Auto-Answer Conference Cisco /9xx
Paging and Intercom
QUEUE - Gestione della Coda
features.conf
Pickup Group
TAPI Asterisk per Outlook
CAPI.CONF
INFO
Banda per Codec
Login
   
    
   Iscriviti

DOWNLOAD
Download
Asterisk Software
Documentazione
Device
ATA 503 GrandStream
Suggerimenti

 
IAX Configuration

From the sample IAX.CONF in the distribution:

Further user sections may be added, specifying a context and a secret used for connections with that given authentication name. Limited IP based access control is allowed by use of "permit" and "deny" keywords. Multiple rules are permitted. Multiple permitted contexts may be specified, in which case the first will be the default.

You can also override caller*ID so that when you receive a call you set the Caller*ID to be what you want instead of trusting what the remote user provides

There are three authentication methods that are supported: md5, plaintext and rsa?. The least secure is "plaintext", which sends passwords cleartext across the net. "md5" uses a challenge/response md5 sum arrangement, but still requires both ends have plain text access to the secret. "rsa" allows unidirectional secret knowledge through public/private keys. If "rsa" authentication is used, "inkeys" is a list of acceptable public keys on the local system that can be used to authenticate the remote peer, separated by the ":" character. "outkey" is a single, private key to use to authenticate to the other side.

Public keys are named /var/lib/asterisk/keys/.pub while private keys are named /var/lib/asterisk/keys/.key. Private keys should always be 3DES encrypted.

Codecs

The follow codecs are valid for the allow/disallow parameter:
  • g723.1
  • gsm
  • ulaw
  • alaw
  • g726
  • slinear
  • lpc10
  • adpcm
  • g729
  • speex
  • ilbc
  • h261
  • h263
  • all

Controlling the media path

With notransfer=yes you can prohibit Asterisk to step out of the media path and let the two endpoints connect directly to each other. This, of course, has a direct effect you e.g. your call detail records (CDR) and billing information.
Note: This is quite similar to the sip.conf setting canreinvite=no

TOS

Alternatively you can directly set the bit vlues:

 tos=0x18   ; where the tos bits are set individually and in combination

For example

  tos=0x10 = low delay
  tos=0x08 = high throughput
  tos=0x04 = high reliability
  tos=0x02 = ECT bit set
  tos=0x01 = CE bit set

or set multiple bits, such as

  tos=0x18 

to set both low delay and high throughput.

The qualify option

Some IAX clients — including firefly, diax, IAXphone, IAXComm — don't seem to like being monitored with the qualify=1000 option. If you have this option, you will see messages like this on the console:

   Peer '2004' is now UNREACHABLE!

For those clients, set qualify=no.

Dialing without duplicating information in extensions.conf


As opposed to specifying the username, secret, port number and/or destination context in the IAX2 channel name provided to the Dial command, it is possible to store all of this information in the iax.conf file and simplify your Dial command to just:

 Dial(IAX2//)

For example, to call IAXtel you can create an entry in iax.conf like this:

[iaxtel-outbound]
type=friend
username=
secret=
peercontext=default
host=dynamic
qualify=no
auth=plaintext
nat=yes
externip=our-DynDNS-pbx.homeip.net
disallow=all
allow=g729


Then use a Dial command of:

 exten => _1700XXXXXX,1,Dial(IAX2/iaxtel-outbound/${EXTEN},60,trd)

Note: The "peercontext" setting is only available in Asterisk CVS as of 2004-06-26.

Tips

  • Register commands to connect to another IAX server has to be in the [general] section of iax.conf.
  • To set up IAX in trunk mode, add "trunk=yes" to your definition in iax.conf. IAX Trunking needs support of a hardware timer. See Asterisk timer for more information.
  • Do not use both "host=dynamic" and "defaultip=111.222.333.444", make sure it is just one or the other (see bugs 558 (cache) and 673 (cache)).
  • If you do not use IP-based access control for all of your "type='user" entries, your iax.conf file must contain a "guest" entry with no secret specified if you expect your Asterisk installation to be reasonably secure. If you do not have a guest entry, when a remote system connects to yours, they can connect without specifying a username (anonymously), in which case Asterisk will allow them to connect with any secret specified in the file. This means that if you have a large number of "type=user" entries in iax.conf and no "guest" entry, someone only has to guess any one of your secrets to connect to your server as that user (i.e. they do not need to know both the username and the secret, the secret alone is enough). Asterisk gives preference to a "guest" entry (no secret specified) for anonymous incoming connections, though, so the addition of a "guest" entry will solve this problem.




 

Valid CSS!

 Copyright 1995-2004 © Media Online Italia s.r.l.- all rights reserved
this website is realized with store portal v.3.13 - licensed to www.asteriskpbx.it