Tag Archives: iax2

Asterisk upgrade breaks IAX extensions

If you have upgraded your version of Asterisk and find that your IAX2 extensions no longer work then the cause could be a change to the IAX protocol. This was made to resolve a security issue that could result in a denial of service attack.

You will see this error in the Asterisk log file if you are suffering from this issue –

chan_iax2.c: Call rejected, CallToken Support required.

If you use FreePBX then Asterisk can be made to function the same as before by adding the following 2 lines to /etc/asterisk/iax_general_custom.conf –

calltokenoptional = 0.0.0.0/0.0.0.0
maxcallnumbers = 16382

You will also need to do a –

 iax2 reload

or restart Asterisk for the changes to take effect.

More information about the reason for this change and the implications for disabling call token checking can be found here –
http://svn.digium.com/svn/asterisk/branches/1.6.0/doc/IAX2-security.pdf

iptables for Asterisk and FreePBX

If you’ve installed Asterisk and FreePBX, or you’re using one of the preconfigured distributions such as Trixbox or Elastix, a good idea is to have the linux firewall, iptables, running on your system. Here’s an example of how you could set this up.

First thing to note is that it’s pretty easy to lock your self out of your server when playing around with iptables! It’s best to take a couple of simple precautions in case this happens.

These instructions should apply to CentOS/Redhat/Fedora.

Continue reading