Thursday, January 31, 2019

The Best Way To Setup A Publicly Accessible Asterisk PBX Or A Lesson About Network Security, VoIP And Linux.

 Publicly Accessible Asterisk PBX
I am a fan of Nerd Vittles, Ward Mundy's blog. I started posting about PIAF, PBX in a Flash days. Before being absent from this blog for a while, it was a weekly destination, if not daily. PIAF was a great solution for that time to run a VoIP Telecommunication server. Actually we had it as the office VoIP server for a while.

Now the telecommunication infrastructures, servers and platforms have changed since those times. Fittingly, Nerd Vittles has published a new Tutorial for a current use case. The new offering just not another VoIP Server setup for SIP communications, Security for opening the server to wide net is taken care of. The security comes in the way of time proven IPtables with additional security mechanisms now available with Fail2Ban, Asterisk, FreePBX®, and Travelin’ Man 3. What I found most interesting was the tutorial on DDOS protection using IPtables, a must read if you are even looking at a public facing server or device.
Another benefit of this setup is that IPtables and other methods are all open source GPL3 code which you are more than welcome to use or improve pursuant to the terms of the GPL3 license.

So what is the benefit of using server setup?
"Consider this. If everyone in the world had an accessible SIP address instead of a phone number, every call to every person in the world via the Internet would be free. That pretty much sums up why SIP URIs are important. The syntax for SIP URIs depends upon your platform. With Asterisk they look like this: SIP/somebody@FQDN.yourdomain.com. On SIP phones, SIP URIs look like this: sip:somenameORnumber@FQDN.yourdomain.com. Others use somenameORnumber@FQDN.yourdomain.com. Assuming you have a reliable Internet connection, once you have “dialed” a SIP URI, the destination SIP device will ring just as if the called party had a POTS phone. Asterisk® processes SIP URIs in much the same way as calls originating from commercial trunk providers, but anonymous SIP calls are blocked."
Nerd Vittles

0 comments:

Blog Widget by LinkWithin