ATech Machine LIBRA-02 M Informations techniques télécharger pdf (Page 188)

100

101

to modify that configuration so that Asterisk knows that the calls between the two

servers should be encrypted. The only change required is to add the transport = tls

option to the peer entry for the other server.

On serverA:

[serverB]

type = peer

host = 192.168.1.102

username = serverA

secret = apples

context = incoming

disallow = all

allow = ulaw

transport = tls

On serverB:

[serverA]

type = peer

host = 192.168.1.101

username = serverB

secret = apples

context = incoming

disallow = all

allow = ulaw

transport = tls

Now when you make a call using Dial(SIP/serverA) or Dial(SIP/serverB), the SIP

signaling will be encrypted. You can modify the dialplan to force outgoing calls to have

encrypted signaling by setting the CHANNEL(secure_bridge_signaling) function to 1:

[default]

exten => 1234,1,Set(CHANNEL(secure_bridge_signaling)=1)

same => n,Dial(SIP/1234@serverB)

On the side receiving the call, you can check whether the signaling on an incoming call

is encrypted using the CHANNEL(secure_signaling) dialplan function. Consider the fol-

lowing example dialplan:

[incoming]

exten => _X.,1,Answer()

same => n,GotoIf($["${CHANNEL(secure_signaling)}" = "1"]?secure:insecure)

same => n(secure),NoOp(Signaling is encrypted.)

same => n,Hangup()

same => n(insecure),NoOp(Signaling is not encrypted.)

same => n,Hangup()

When a call is sent from serverA to serverB using this configuration, you can see from

the output on the Asterisk console that the dialplan determines that the signaling of

the incoming call is encrypted:

152 | Chapter 7: Outside Connectivity

1 2 ... 183 184 185 186 187 188 189 190 191 192 193 ... 733 734

Commentaires sur ces manuels

Pas de commentaire

ATech Machine LIBRA-02 M Informations techniques Page 188

Commentaires sur ces manuels