nf contains the dialplan, which establishes the sequence of digits that can be dialed, and what happens when a set of digits are dialed. In addition to the sip.conf file, the file nf also must be included.
The secret=1234 under the 1001 sections is the password that should be typed in the Zoiper softphone. Disallow=all means all codecs are disallowed, which is then solved by allowing ulaw the line below. Context defines the context the section will fall under in the dialplan. The type for the buffalo section needs to be peer because of the inter-server connection.
Registration requires the host line under the buffalo section to be dynamic, otherwise registration fails. Register => connecting between servers, you need the register line under the general section. Below is the sip.conf file the VoIP setup without TLS. sip.conf has the configuration for the SIP channel module, while nf contains the dialplan for the PBX.
The two configuration files that will be dealt with in setup are sip.conf and nf. PJSIP seems to be more powerful, but use the standard SIP module for this setup. Asterisk comes with two different SIP modules, a standard SIP module and the PJSIP module. Before adding encryption, you must have connectivity across the topology, so one phone can call the other on a different server. This is by no means the best softphone on the market, but it has the functionality necessary for demonstration purposes. This setup consists of two CentOS servers running Asterisk, registered and connected to each other, with one or more phones connected to each server. Zoiper softphones installed on two client machines.Later in this setup secure RTP (SRTP) will be used. The main media transport protocol used is the Real-time Transport Protocol (RTP).
After exchanging this information, an audio stream is established between the phones. It can change based on the number of hops between each phone, and if the call is successful or not. This process happens each time there is a successful call between two VoIP phones. SIP is the protocol that will be used in this setup.Ībove is the basic SIP call flow. H.323 is on the way out, and skinny is starting to age as well, while SIP is the protocol that greenfield deployments will most likely use for signaling. The big three signaling protocols that are in use today are H.323, skinny call control protocol (SCCP, or skinny), and the session initiation protocol (SIP).
Signaling protocols identify the state of the connection between VoIP devices. The information that is exchanged includes the phone numbers involved, IP addresses of the servers that are involved, and what codecs are available. To exchange metadata information and connect the call, a signaling protocol is used. When making a phone call over the IP network, there are two types of protocols in play: signaling and media transport. Before diving into securing VoIP, key terms and ideas must be explained, and a normal, unsecure VoIP setup must be configured. Therefore, this will be a guide to setting up a basic secure VoIP environment. Documentation for Asterisk VoIP security is very poor.
With free software, like the Asterisk private branch exchange (PBX), setting up security is a complex task. With paid solutions such as Cisco Unified Communications Manager (CUCM), VoIP security somewhat easy to configure. Configuring an enterprise voice over IP (VoIP) environment can be extremely complicated, and adding security on top of VoIP creates another layer of complexity.