Download and run XLite with "Account Settings" as below to demonstrate that my virgin land or voip lines can be answered or dialed from anywhere using a softphone like XLite or any sip compliant 3G device or desk phone.


Account name: Your full name

User id: On request

Domain: On request

Password: On request

Display name: Your full name

Below are sip channel configurations of my Asterisk server with sipgate.co.uk as my voip provider and Sipura SPA-3000, an ATA device connected to my Virgin land line.

Due to Asterisk's wide open-port configuration, malicious sip attempts are frequent and thwarted with strong passwords and firewall rule, see below, coupled with a very useful software "Fail2ban" to temporarily ban SSH and SIP brute force attempts and notify on my 3G Android.

# Firewall rule to block malicious ips, updated 060212
iptables -t nat -A WANPREROUTING -s 46.165.192.0/18 -j DROP # inbound
iptables -t filter -A wanout -d 46.165.192.0/18 -j DROP # outbound
iptables -t nat -A WANPREROUTING -s 62.212.73.68 -j DROP # inbound
iptables -t filter -A wanout -d 62.212.73.68 -j DROP # outbound
iptables -t nat -A WANPREROUTING -s 77.95.225.92 -j DROP # inbound
iptables -t filter -A wanout -d 77.95.225.92 -j DROP # outbound
iptables -t nat -A WANPREROUTING -s 79.101.123.2 -j DROP # inbound
iptables -t filter -A wanout -d 79.101.123.2 -j DROP # outbound
iptables -t nat -A WANPREROUTING -s 82.192.91.136 -j DROP # inbound
iptables -t filter -A wanout -d 82.192.91.136 -j DROP # outbound
iptables -t nat -A WANPREROUTING -s 85.25.149.14 -j DROP # inbound
iptables -t filter -A wanout -d 85.25.149.14 -j DROP # outbound
iptables -t nat -A WANPREROUTING -s 85.25.0.0/16 -j DROP # inbound
iptables -t filter -A wanout -d 85.25.0.0/16 -j DROP # outbound
iptables -t nat -A WANPREROUTING -s 95.211.0.0/17 -j DROP # inbound
iptables -t filter -A wanout -d 95.211.0.0/17 -j DROP # outbound
iptables -t nat -A WANPREROUTING -s 97.76.252.172 -j DROP # inbound
iptables -t filter -A wanout -d 97.76.252.172 -j DROP # outbound
iptables -t nat -A WANPREROUTING -s 108.59.0.0/20 -j DROP # inbound
iptables -t filter -A wanout -d 108.59.0.0/20 -j DROP # outbound
iptables -t nat -A WANPREROUTING -s 108.163.194.0/24 -j DROP # inbound
iptables -t filter -A wanout -d 108.163.194.0/24 -j DROP # outbound
iptables -t nat -A WANPREROUTING -s 109.169.37.246 -j DROP # inbound
iptables -t filter -A wanout -d 109.169.37.246 -j DROP # outbound
iptables -t nat -A WANPREROUTING -s 113.105.167.122 -j DROP # inbound
iptables -t filter -A wanout -d 113.105.167.122 -j DROP # outbound
iptables -t nat -A WANPREROUTING -s 122.227.228.9 -j DROP # inbound
iptables -t filter -A wanout -d 122.227.228.9 -j DROP # outbound
iptables -t nat -A WANPREROUTING -s 159.253.139.10 -j DROP # inbound
iptables -t filter -A wanout -d 159.253.139.10 -j DROP # outbound
iptables -t nat -A WANPREROUTING -s 176.67.117.27 -j DROP # inbound
iptables -t filter -A wanout -d 176.67.117.27 -j DROP # outbound
iptables -t nat -A WANPREROUTING -s 174.137.128.0/18 -j DROP # inbound
iptables -t filter -A wanout -d 174.137.128.0/18 -j DROP # outbound
iptables -t nat -A WANPREROUTING -s 186.187.46.238 -j DROP # inbound
iptables -t filter -A wanout -d 186.187.46.238 -j DROP # outbound
iptables -t nat -A WANPREROUTING -s 188.138.0.0/17 -j DROP # inbound
iptables -t filter -A wanout -d 188.138.0.0/17 -j DROP # outbound
iptables -t nat -A WANPREROUTING -s 188.0.0.0/8 -j DROP # inbound
iptables -t filter -A wanout -d 188.0.0.0/8 -j DROP # outbound
iptables -t nat -A WANPREROUTING -s 199.71.212.98 -j DROP # inbound
iptables -t filter -A wanout -d 199.71.212.98 -j DROP # outbound
iptables -t nat -A WANPREROUTING -s 212.110.128.0/19 -j DROP # inbound
iptables -t filter -A wanout -d 212.110.128.0/19 -j DROP # outbound
iptables -t nat -A WANPREROUTING -s 219.152.0.0/15 -j DROP # inbound
iptables -t filter -A wanout -d 219.152.0.0/15 -j DROP # outbound

sip.conf under general context
register=sipgate id:password@sipgate.co.uk/sipgate id
externip=virgin wan ip
context=default
allowoverlap=no
udpbindaddr=0.0.0.0
tcpenable=no
tcpbindaddr=0.0.0.0
srvlookup=yes
subscribecontext=default
allowexternaldomains=yes
allowguest=no
allowsubscribe=yes
allowtransfer=yes
alwaysauthreject=yes
autodomain=no
bindaddr=0.0.0.0
bindport=5060
callevents=no
checkmwi=10
compactheaders=no
defaultexpiry=120
dumphistory=no
externrefresh=10
fromdomain=sipgate.co.uk
g726nonstandard=no
jbenable=no
jbforce=no
jblog=no
maxcallbitrate=384
maxexpiry=3600
minexpiry=60
mohinterpret=default
notifyringing=yes
pedantic=no
progressinband=never
promiscredir=no
realm=asterisk
recordhistory=no
registerattempts=0
registertimeout=20
relaxdtmf=no
sendrpid=no
sipdebug=no
t1min=100
t38pt_udptl=no
tos_audio=none
tos_sip=none
tos_video=none
trustrpid=no
useragent=Asterisk PBX
usereqphone=no
videosupport=no
nat=yes
localnet=xxx.xxx.xx.0/255.255.255.0
disallow=all
allow=ulaw,alaw,gsm,g729

users.conf under sipgate context
host=sipgate.co.uk
username=sipgate id
secret=password
trunkname=sipgate
context=DID_sipgate
hasexten=no
hasiax=no
hassip=yes
registeriax=no
registersip=yes
trunkstyle=voip
outboundproxy=sipgate.co.uk
fromdomain=sipgate.co.uk
fromuser=sipgate id
authuser=sipgate id
insecure=port,invite
qualify=yes
disallow=all
allow=alaw,ulaw,gsm,g729

users.conf under virgin context
host=dynamic
username=sipura userid
secret=sipura password
port=5061
type=peer
trunkname=virgin
context=DID_virgin
hasexten=no
hasiax=no
hassip=yes
registeriax=no
registersip=no
trunkstyle=voip
insecure=no
disallow=all
allow=alaw,ulaw,gsm,g729
qualify=yes
nat=no
canreinvite=no

Added non-root user to view logs
useradd userid -d /var/log/
passwd password
chown -R root:userid /var/log/
chmod 750 -R /var/log/