[arm-allstar] Private Node Setup
Chris Andrist
chris.andrist at outlook.com
Sat Oct 24 11:03:07 EDT 2020
Thanks Justin and Bryan,
The problem I am running into is that some of the nodes are at peoples homes and the ip can change.
I know that with regular asterisk iax connections can have secrets attached to them, just like if you use iaxrpt or DVSwitch.
Seems odd that core functionality of asterisk is missing? But not really missing as we use it for iaxrpt and DVSwitch.
I’ll keep digging.
—
Regards,
Chris
On Oct 24, 2020, at 8:28 AM, Justin Grigg <jgrigg at gmail.com> wrote:
They manage the DNS side of things. Your node reports to their servers so when you enter node 1234 it knows what the IP address is. For private systems, you need to hard-code the node number and IP addresses.
On Sat, Oct 24, 2020 at 2:32 AM "Chris Andrist via ARM-allstar" <arm-allstar at hamvoip.org<mailto:arm-allstar at hamvoip.org>> wrote:
Thanks Bryan,
How does Allstarlink do it so that you don’t have to have all of the config on both sides?
Could this be accomplished on a smaller scale?
—
Regards,
Chris Andrist, KC7WSU
> On Oct 23, 2020, at 11:37 PM, Bryan St Clair via ARM-allstar <arm-allstar at hamvoip.org<mailto:arm-allstar at hamvoip.org>> wrote:
>
> They can't connect unless both nodes were aware of the other.
>
> For example your node must know the node number and ip of the one
> attempting to connect.
>
> The attempting node must know your node number and it's ip.
>
> Assuming you are authenticating the IP of the node when a connection
> attempt happens, you should be secure.
>
> You could add the whitelist, if you are still concerned....
>
> Bryan
>
>> On Fri, Oct 23, 2020, 21:41 "Chris Andrist via ARM-allstar" <
>> arm-allstar at hamvoip.org<mailto:arm-allstar at hamvoip.org>> wrote:
>>
>> I currently have a Private Hub setup in a data center and several nodes
>> connected to it.
>>
>> The issue is that if someone knew what the nodes number are they could
>> connect to our system.
>>
>> Is there a way to have authenticated connections with keys or secrets to
>> connect a hub and spoke system?
>>
>> I wouldn’t mind setting up a registration server if that gives
>> authentication to the hub. I just don’t know how to set it up. A
>> registration server seems like it might be overkill, but I am willing to do
>> it if it gives me the access control I am looking for.
>>
>> —
>> Regards,
>>
>> Chris Andrist, KC7WSU
>> _______________________________________________
>>
>> ARM-allstar mailing list
>> ARM-allstar at hamvoip.org<mailto:ARM-allstar at hamvoip.org>
>> http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
>>
>> Visit the BBB and RPi2/3/4 web page - http://hamvoip.org
> _______________________________________________
>
> ARM-allstar mailing list
> ARM-allstar at hamvoip.org<mailto:ARM-allstar at hamvoip.org>
> http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
>
> Visit the BBB and RPi2/3/4 web page - http://hamvoip.org
_______________________________________________
ARM-allstar mailing list
ARM-allstar at hamvoip.org<mailto:ARM-allstar at hamvoip.org>
http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
Visit the BBB and RPi2/3/4 web page - http://hamvoip.org
More information about the ARM-allstar
mailing list