Hi, does any one knoe how to configure the Asterisk (can be using the MTE web interface) to record all the registration IP's?
What I want is to get in the CDR or a log, the IP from where the SIP Agent is connecting. One customers suspect that his phone was cloned, so we want to see all the IP's from where we receive calls. Any suggestions?
Hi, I traied to give you an
Hi, I traied to give you an example for simplicity, but with the answer, for sure was my mistake. So here is the Case in deep with my question:
1.- I run MTE
2.- I have a customer that have this own Asterisk PBX and we provide him all the termination.
3.- The customer is connected to our MTE using a tenant for him, and configured as a special line inside that tenant, so we give him the user and password.
4.- We use a softswitch that take care of all the termination and restrictions as concurrent calls, calls per day, and so on.
5.- The customer claim that there is traffic for some destinations that he didn't make.
6.- We only see in our MTE that the traffic came from his extension, that means for that user and password.
Our guess is that his PBX was hacked or his account in our system was intercepted and someone is using it.
So, we want to have a way to see for each call the IP Source, that means maybe in the CDR, from what IP comes that call. Is there a way to do that?
The idea here is to check if the calls come from his PBX IP, or for a diferent IP.
most likely cause was his pbx
most likely cause was his pbx was hacked. you could change it from any host to specifically his user/pass on a specific IP address if its in question.
You can see IP addresses of registered devices at Tools -> PBX Information