Re: [Sipwitch-devel] howto configure sipwitch to allow ua login from public internet

[Perazim]

I tried adding:

<local>a.b.c.d/32</local>

to <access> and this allows the device to register.

Can I conclude from this that non-"local" devices are forbidden from
registering unless added as "local"?

I seem to be missing some general concept here. 

I need to allow many devices to register from any public ip address and
call each other. My system has no connection to any voip gateway so toll
fraud is not an issue.

On another but related issue, does sipwitch support sip over tls?

Thanks for the help.

Perazim

On Mon, 2012-07-09 at 09:52 -0400, David Sugar wrote:
> There are two ways something may be denied.  The first is based on
> appearing address.  If your coming from what seems like an external
> destination, sipwitch may deny based on address, depending on the
> <access> rules section of the config.
> 
> The second possibility may be that the device presents itself as it's
> "from" uri coming from a public internet host (reverse lookup perhaps).
>  If the name the device claims to be "from" is not a hostname sipwitch
> recognizes, it treats it as "foreign".  This can be solved simply by
> adding the appearing from to the list of sipwitch <localnames> that it
> will recognize as if "local" to the server, but you need to know where
> the ata's claim they are from.
> 
> On 07/09/2012 09:06 AM, Perazim wrote:
> > I have several grandstream ht-701 ATAs running on a LAN that work fine.
> > Now I need to add several of the same ATAs that are on the public
> > internet behind NAT firewalls. I have setup a stun server. I cannot get
> > them to register. sipwitch is rejecting any ATA that is not on the local
> > LAN. I have searched the available docs but cannot seem to find how to
> > do this in the config file access parameters. The non-local ATAs
> > generate this message:
> > 
> > Rejecting restricted 202 from (public ip address and port)
> > 
> > Any help is appreciated.
> > 
> > Perazim
> > 
> > 
> > 
> > 
> > 
>