[arm-allstar] ARM-allstar Digest, Vol 77, Issue 22

Brad Trogdon Brad at trogdon.org
Sat Oct 24 11:35:58 EDT 2020 

Chris,

For hard coding IP Addresses that change you should use a DYN DNS type of
system. Their are free and subscription.   You would then hard code for
example.  Node2.homeip.net instead of xxx.xxx.xxx.xxx

The named op address is automatically updated this you always have a valid
path.   Also most routers support this so you can remotely access your home
routers when the iPad address changes.

Good luck!

-Brad
W4INT

On Sat, Oct 24, 2020 at 11:04 AM <arm-allstar-request at hamvoip.org> wrote:

> Send ARM-allstar mailing list submissions to
>         arm-allstar at hamvoip.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
>         http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
> or, via email, send a message with subject or body 'help' to
>         arm-allstar-request at hamvoip.org
>
> You can reach the person managing the list at
>         arm-allstar-owner at hamvoip.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of ARM-allstar digest..."
>
>
> Today's Topics:
>
>    1. Private Node Setup (Chris Andrist)
>    2. Re: Private Node Setup (Bryan St Clair)
>    3. Re: Private Node Setup (Chris Andrist)
>    4. Re: Private Node Setup (Justin Grigg)
>    5. Re: Private Node Setup (Chris Andrist)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Sat, 24 Oct 2020 03:30:58 +0000
> From: Chris Andrist <chris.andrist at outlook.com>
> To: "arm-allstar at hamvoip.org" <arm-allstar at hamvoip.org>
> Subject: [arm-allstar] Private Node Setup
> Message-ID:
>         <
> CY4PR0701MB364998AD8D2E8ED0DB30BE49E61B0 at CY4PR0701MB3649.namprd07.prod.outlook.com
> >
>
> Content-Type: text/plain; charset="utf-8"
>
> I currently have a Private Hub setup in a data center and several nodes
> connected to it.
>
> The issue is that if someone knew what the nodes number are they could
> connect to our system.
>
> Is there a way to have authenticated connections with keys or secrets to
> connect a hub and spoke system?
>
> I wouldn?t mind setting up a registration server if that gives
> authentication to the hub. I just don?t know how to set it up. A
> registration server seems like it might be overkill, but I am willing to do
> it if it gives me the access control I am looking for.
>
> ?
> Regards,
>
> Chris Andrist, KC7WSU
>
> ------------------------------
>
> Message: 2
> Date: Fri, 23 Oct 2020 22:34:37 -0700
> From: Bryan St Clair <bryan at k6cbr.us>
> To: ARM Allstar <arm-allstar at hamvoip.org>
> Subject: Re: [arm-allstar] Private Node Setup
> Message-ID:
>         <CAH5oE6Y=
> Rrxzdr-xNnR-E2N4R11TUYBVc6P7CWqELTSVsar_aw at mail.gmail.com>
> Content-Type: text/plain; charset="UTF-8"
>
> They can't connect unless both nodes were aware of the other.
>
> For example your node must know the node number and ip of the one
> attempting to connect.
>
> The attempting node must know your node number and it's ip.
>
> Assuming you are authenticating the IP of the node when a connection
> attempt happens, you should be secure.
>
> You could add the whitelist, if you are still concerned....
>
> Bryan
>
> On Fri, Oct 23, 2020, 21:41 "Chris Andrist via ARM-allstar" <
> arm-allstar at hamvoip.org> wrote:
>
> > I currently have a Private Hub setup in a data center and several nodes
> > connected to it.
> >
> > The issue is that if someone knew what the nodes number are they could
> > connect to our system.
> >
> > Is there a way to have authenticated connections with keys or secrets to
> > connect a hub and spoke system?
> >
> > I wouldn?t mind setting up a registration server if that gives
> > authentication to the hub. I just don?t know how to set it up. A
> > registration server seems like it might be overkill, but I am willing to
> do
> > it if it gives me the access control I am looking for.
> >
> > ?
> > Regards,
> >
> > Chris Andrist, KC7WSU
> > _______________________________________________
> >
> > ARM-allstar mailing list
> > ARM-allstar at hamvoip.org
> > http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
> >
> > Visit the BBB and RPi2/3/4 web page - http://hamvoip.org
>
>
> ------------------------------
>
> Message: 3
> Date: Sat, 24 Oct 2020 05:45:35 +0000
> From: Chris Andrist <chris.andrist at outlook.com>
> To: ARM Allstar <arm-allstar at hamvoip.org>
> Subject: Re: [arm-allstar] Private Node Setup
> Message-ID:
>         <
> CY4PR0701MB3649F3C97E45091E985FAF84E61B0 at CY4PR0701MB3649.namprd07.prod.outlook.com
> >
>
> Content-Type: text/plain; charset="utf-8"
>
> Thanks Bryan,
>
> How does Allstarlink do it so that you don?t have to have all of the
> config on both sides?
>
> Could this be accomplished on a smaller scale?
>
> ?
> Regards,
>
> Chris Andrist, KC7WSU
>
> > On Oct 23, 2020, at 11:37 PM, Bryan St Clair via ARM-allstar <
> arm-allstar at hamvoip.org> wrote:
> >
> > ?They can't connect unless both nodes were aware of the other.
> >
> > For example your node must know the node number and ip of the one
> > attempting to connect.
> >
> > The attempting node must know your node number and it's ip.
> >
> > Assuming you are authenticating the IP of the node when a connection
> > attempt happens, you should be secure.
> >
> > You could add the whitelist, if you are still concerned....
> >
> > Bryan
> >
> >> On Fri, Oct 23, 2020, 21:41 "Chris Andrist via ARM-allstar" <
> >> arm-allstar at hamvoip.org> wrote:
> >>
> >> I currently have a Private Hub setup in a data center and several nodes
> >> connected to it.
> >>
> >> The issue is that if someone knew what the nodes number are they could
> >> connect to our system.
> >>
> >> Is there a way to have authenticated connections with keys or secrets to
> >> connect a hub and spoke system?
> >>
> >> I wouldn?t mind setting up a registration server if that gives
> >> authentication to the hub. I just don?t know how to set it up. A
> >> registration server seems like it might be overkill, but I am willing
> to do
> >> it if it gives me the access control I am looking for.
> >>
> >> ?
> >> Regards,
> >>
> >> Chris Andrist, KC7WSU
> >> _______________________________________________
> >>
> >> ARM-allstar mailing list
> >> ARM-allstar at hamvoip.org
> >> http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
> >>
> >> Visit the BBB and RPi2/3/4 web page - http://hamvoip.org
> > _______________________________________________
> >
> > ARM-allstar mailing list
> > ARM-allstar at hamvoip.org
> > http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
> >
> > Visit the BBB and RPi2/3/4 web page - http://hamvoip.org
>
> ------------------------------
>
> Message: 4
> Date: Sat, 24 Oct 2020 10:28:03 -0400
> From: Justin Grigg <jgrigg at gmail.com>
> To: ARM Allstar <arm-allstar at hamvoip.org>
> Subject: Re: [arm-allstar] Private Node Setup
> Message-ID:
>         <CAHyULxzuDe4NUPSZwB2sAxeNiiOSSjpCbR=
> RySZqpSC5LzHdBg at mail.gmail.com>
> Content-Type: text/plain; charset="UTF-8"
>
> They manage the DNS side of things. Your node reports to their servers so
> when you enter node 1234 it knows what the IP address is. For private
> systems, you need to hard-code the node number and IP addresses.
>
>
>
> On Sat, Oct 24, 2020 at 2:32 AM "Chris Andrist via ARM-allstar" <
> arm-allstar at hamvoip.org> wrote:
>
> > Thanks Bryan,
> >
> > How does Allstarlink do it so that you don?t have to have all of the
> > config on both sides?
> >
> > Could this be accomplished on a smaller scale?
> >
> > ?
> > Regards,
> >
> > Chris Andrist, KC7WSU
> >
> > > On Oct 23, 2020, at 11:37 PM, Bryan St Clair via ARM-allstar <
> > arm-allstar at hamvoip.org> wrote:
> > >
> > > ?They can't connect unless both nodes were aware of the other.
> > >
> > > For example your node must know the node number and ip of the one
> > > attempting to connect.
> > >
> > > The attempting node must know your node number and it's ip.
> > >
> > > Assuming you are authenticating the IP of the node when a connection
> > > attempt happens, you should be secure.
> > >
> > > You could add the whitelist, if you are still concerned....
> > >
> > > Bryan
> > >
> > >> On Fri, Oct 23, 2020, 21:41 "Chris Andrist via ARM-allstar" <
> > >> arm-allstar at hamvoip.org> wrote:
> > >>
> > >> I currently have a Private Hub setup in a data center and several
> nodes
> > >> connected to it.
> > >>
> > >> The issue is that if someone knew what the nodes number are they could
> > >> connect to our system.
> > >>
> > >> Is there a way to have authenticated connections with keys or secrets
> to
> > >> connect a hub and spoke system?
> > >>
> > >> I wouldn?t mind setting up a registration server if that gives
> > >> authentication to the hub. I just don?t know how to set it up. A
> > >> registration server seems like it might be overkill, but I am willing
> > to do
> > >> it if it gives me the access control I am looking for.
> > >>
> > >> ?
> > >> Regards,
> > >>
> > >> Chris Andrist, KC7WSU
> > >> _______________________________________________
> > >>
> > >> ARM-allstar mailing list
> > >> ARM-allstar at hamvoip.org
> > >> http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
> > >>
> > >> Visit the BBB and RPi2/3/4 web page - http://hamvoip.org
> > > _______________________________________________
> > >
> > > ARM-allstar mailing list
> > > ARM-allstar at hamvoip.org
> > > http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
> > >
> > > Visit the BBB and RPi2/3/4 web page - http://hamvoip.org
> > _______________________________________________
> >
> > ARM-allstar mailing list
> > ARM-allstar at hamvoip.org
> > http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
> >
> > Visit the BBB and RPi2/3/4 web page - http://hamvoip.org
>
>
> ------------------------------
>
> Message: 5
> Date: Sat, 24 Oct 2020 15:03:07 +0000
> From: Chris Andrist <chris.andrist at outlook.com>
> To: Justin Grigg <jgrigg at gmail.com>
> Cc: ARM Allstar <arm-allstar at hamvoip.org>
> Subject: Re: [arm-allstar] Private Node Setup
> Message-ID:
>         <
> CY4PR0701MB3649A4E6E2CAA6C0EA7140DCE61B0 at CY4PR0701MB3649.namprd07.prod.outlook.com
> >
>
> Content-Type: text/plain; charset="utf-8"
>
> Thanks Justin and Bryan,
>
> The problem I am running into is that some of the nodes are at peoples
> homes and the ip can change.
>
> I know that with regular asterisk iax connections can have secrets
> attached to them, just like if you use iaxrpt or DVSwitch.
>
> Seems odd that core functionality of asterisk is missing? But not really
> missing as we use it for iaxrpt and DVSwitch.
>
> I?ll keep digging.
>
> ?
> Regards,
>
> Chris
>
> On Oct 24, 2020, at 8:28 AM, Justin Grigg <jgrigg at gmail.com> wrote:
>
> ?
> They manage the DNS side of things. Your node reports to their servers so
> when you enter node 1234 it knows what the IP address is. For private
> systems, you need to hard-code the node number and IP addresses.
>
>
>
> On Sat, Oct 24, 2020 at 2:32 AM "Chris Andrist via ARM-allstar" <
> arm-allstar at hamvoip.org<mailto:arm-allstar at hamvoip.org>> wrote:
> Thanks Bryan,
>
> How does Allstarlink do it so that you don?t have to have all of the
> config on both sides?
>
> Could this be accomplished on a smaller scale?
>
> ?
> Regards,
>
> Chris Andrist, KC7WSU
>
> > On Oct 23, 2020, at 11:37 PM, Bryan St Clair via ARM-allstar <
> arm-allstar at hamvoip.org<mailto:arm-allstar at hamvoip.org>> wrote:
> >
> > ?They can't connect unless both nodes were aware of the other.
> >
> > For example your node must know the node number and ip of the one
> > attempting to connect.
> >
> > The attempting node must know your node number and it's ip.
> >
> > Assuming you are authenticating the IP of the node when a connection
> > attempt happens, you should be secure.
> >
> > You could add the whitelist, if you are still concerned....
> >
> > Bryan
> >
> >> On Fri, Oct 23, 2020, 21:41 "Chris Andrist via ARM-allstar" <
> >> arm-allstar at hamvoip.org<mailto:arm-allstar at hamvoip.org>> wrote:
> >>
> >> I currently have a Private Hub setup in a data center and several nodes
> >> connected to it.
> >>
> >> The issue is that if someone knew what the nodes number are they could
> >> connect to our system.
> >>
> >> Is there a way to have authenticated connections with keys or secrets to
> >> connect a hub and spoke system?
> >>
> >> I wouldn?t mind setting up a registration server if that gives
> >> authentication to the hub. I just don?t know how to set it up. A
> >> registration server seems like it might be overkill, but I am willing
> to do
> >> it if it gives me the access control I am looking for.
> >>
> >> ?
> >> Regards,
> >>
> >> Chris Andrist, KC7WSU
> >> _______________________________________________
> >>
> >> ARM-allstar mailing list
> >> ARM-allstar at hamvoip.org<mailto:ARM-allstar at hamvoip.org>
> >> http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
> >>
> >> Visit the BBB and RPi2/3/4 web page - http://hamvoip.org
> > _______________________________________________
> >
> > ARM-allstar mailing list
> > ARM-allstar at hamvoip.org<mailto:ARM-allstar at hamvoip.org>
> > http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
> >
> > Visit the BBB and RPi2/3/4 web page - http://hamvoip.org
> _______________________________________________
>
> ARM-allstar mailing list
> ARM-allstar at hamvoip.org<mailto:ARM-allstar at hamvoip.org>
> http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
>
> Visit the BBB and RPi2/3/4 web page - http://hamvoip.org
>
> ------------------------------
>
> Subject: Digest Footer
>
> _______________________________________________
> ARM-allstar mailing list
> ARM-allstar at hamvoip.org
> http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
>
>
> ------------------------------
>
> End of ARM-allstar Digest, Vol 77, Issue 22
> *******************************************
>

More information about the ARM-allstar mailing list