As we promised at the end of the last episode, here we are with our guide to connecting to and authenticating connections to the Asterisk AMI.
Connecting to the Asterisk AMI
For the purposes of this tutorial, we will try to access the Asterisk AMI using telnet as this is the simplest option which makes it ideal for demonstration purposes. If you use Asterisk AMI encryption protocols, using telnet will not work as it does not support encryption.
To connect to the AMI using telnet, you can do so via the Asterisk CLI. Normally, you would be done using a programme and your preferred language libraries – however as we are using the same server we can test our setup this way. In order to connect to the Asterisk AMI, you can do so as the Asterisk root user with the following command:
telnet localhost 5038
This should result in the Asterisk Call Manager responding as you are now technically connecting to the AMI. This can be seen in the screenshot below:
We used the localhost specifically to highlight one of the security issues with the Asterisk AMI. If you remember from last time, we configured our AMI access to be restricted to the user Mathias via the IP address 192.168.100.55.
However, here in lies an important aspect of connecting to the Asterisk AMI which needs to be understood. The AMI has two security layers. Firstly, it checks the binding IP address and then secondly the AMI authenticates the user credentials including their IP address. As our bind address is 0.0.0.0. by connecting as above, we can “talk” to the AMI but are not be able to read any output or write any commands.
Authenticating Asterisk AMI Access
In order to test your AMI access authentication, simply follow the steps above and then issue a login command using the credentials we setup last time around and the following syntax:
Action: login Username: mathias Secret: 12345678
The response should be an Authentication Failed as by following the steps above we connected to the AMI using the local host. Now repeat the process, but substitute localhost with the permitted IP address:
telnet 192.168.100.55 5038 ..... Action: login Username: mathias Secret: 12345678
All going well should result in a “Successful” result as shown below:
If this is the case, simply make a call and you will be able to read all the AMI output (or the output permissions you defined last time). In a normal scenario, the output would then be automatically saved to whichever programme you are using which will enable you to set certain criteria to say, should something happen the following should occur.
That’s pretty much it when it comes to connecting to and authenticating Asterisk AMI connections.
VoIP Guys on Ideascale
If you have an Asterisk phone system question and would like us to do a tutorial on it, then let us know on Ideascale:
pascom are the developers of the enterprise grade mobydick VoIP phone system software. As an open standards IP PBX, mobydick offers a cost effective alternative to proprietary solutions and provides businesses with a fully featured Unified Communications solution to boost productivity, increase mobility and reduce costs.
For more on our mobydick phone system or to arrange a personalised demo, give us a call on +49 991 29691 200 / +44 203 1379 964. Alternatively, contact us via our website or take mobydick for a test spin with our free community download and find out how your business can benefit.
Until next time – Happy VoIPing!